Submitted URL: https://bloodsugarfit.ontraport.com/c/s/Xe3/WL8HQ/s/dhkl/60zP/6cTh07/sGCF0kkxje/P/P/K7/bXU9aHR0cHMlM0ElMkYlMkZ0cmt3LmJsb29kc3VnYXJma...
Effective URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_...
Submission: On April 01 via api from BE — Scanned from DE

Summary

This website contacted 91 IPs in 9 countries across 85 domains to perform 269 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com. The Cisco Umbrella rank of the primary domain is 654182.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.
This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 209.170.211.179 13649 (ASN-VINS)
1 1 18.193.209.105 16509 (AMAZON-02)
1 1 34.107.190.195 396982 (GOOGLE-CL...)
1 1 52.210.234.44 16509 (AMAZON-02)
1 3.126.202.50 16509 (AMAZON-02)
2 13.224.189.30 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
1 151.101.193.131 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::e 44788 (ASN-CRITE...)
13 2a04:4e42:400... 54113 (FASTLY)
1 3.93.168.254 14618 (AMAZON-AES)
4 54.147.116.169 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:8d::84 54113 (FASTLY)
3 2a00:1288:80:... 203220 (YAHOO-DEB)
3 151.101.65.44 54113 (FASTLY)
1 23.35.237.86 16625 (AKAMAI-AS)
1 52.88.12.74 16509 (AMAZON-02)
8 23.36.163.118 20940 (AKAMAI-ASN1)
1 13.32.99.127 16509 (AMAZON-02)
41 52.222.250.38 16509 (AMAZON-02)
1 3.221.88.80 14618 (AMAZON-AES)
1 108.138.17.119 16509 (AMAZON-02)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.230.229.216 14618 (AMAZON-AES)
3 70.42.32.255 13789 (INTERNAP-...)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.137.97 16509 (AMAZON-02)
1 52.89.7.180 16509 (AMAZON-02)
1 7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 151.101.192.84 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 18.66.97.53 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 100.20.6.198 16509 (AMAZON-02)
1 151.101.129.181 54113 (FASTLY)
7 13.32.99.41 16509 (AMAZON-02)
6 2600:9000:223... 16509 (AMAZON-02)
1 52.222.236.63 16509 (AMAZON-02)
1 3 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
2 212.82.100.181 34010 (YAHOO-IRD)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 34 52.46.155.104 16509 (AMAZON-02)
2 52.4.213.160 14618 (AMAZON-AES)
2 4 35.158.72.189 16509 (AMAZON-02)
5 5 172.217.18.2 15169 (GOOGLE)
4 4 37.252.171.85 29990 (ASN-APPNEX)
2 3 37.252.171.22 29990 (ASN-APPNEX)
1 2.18.235.93 16625 (AKAMAI-AS)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 52.29.230.222 16509 (AMAZON-02)
2 185.86.138.153 201081 (SMARTADSE...)
1 6 141.226.228.48 200478 (TABOOLA-AS)
1 104.111.217.42 16625 (AKAMAI-AS)
2 76.223.111.18 16509 (AMAZON-02)
2 3 3.71.149.231 16509 (AMAZON-02)
2 3 37.157.5.142 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
3 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 34.249.44.119 16509 (AMAZON-02)
3 4 54.216.181.39 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.185.141.58 16509 (AMAZON-02)
1 2 185.64.190.80 62713 (AS-PUBMATIC)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 2.17.187.27 16625 (AKAMAI-AS)
2 52.49.84.227 16509 (AMAZON-02)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 14 2606:4700:20:... 13335 (CLOUDFLAR...)
5 52.22.191.215 14618 (AMAZON-AES)
4 54.146.248.82 14618 (AMAZON-AES)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 44.195.191.171 14618 (AMAZON-AES)
2 52.19.86.255 16509 (AMAZON-02)
1 18.223.64.90 16509 (AMAZON-02)
1 1 54.155.55.194 16509 (AMAZON-02)
1 1 2.23.197.190 16625 (AKAMAI-AS)
2 2 3.122.13.136 16509 (AMAZON-02)
1 188.65.124.66 41690 (DAILYMOTI...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
2 2 2.16.107.129 20940 (AKAMAI-ASN1)
1 1 52.222.229.186 16509 (AMAZON-02)
1 3.228.92.231 14618 (AMAZON-AES)
1 1 54.157.92.208 14618 (AMAZON-AES)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 1 18.185.61.227 16509 (AMAZON-02)
1 18.198.226.167 16509 (AMAZON-02)
1 35.169.233.35 14618 (AMAZON-AES)
2 2 13.32.121.21 16509 (AMAZON-02)
2 35.244.159.8 15169 (GOOGLE)
2 2 77.243.60.138 42697 (NETIC-AS)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 54.78.254.47 16509 (AMAZON-02)
1 1 104.200.30.45 63949 (AKAMAI-AP...)
1 1 151.101.130.132 54113 (FASTLY)
1 1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 52.10.177.234 16509 (AMAZON-02)
2 4 52.31.9.42 16509 (AMAZON-02)
1 1 3.224.39.38 14618 (AMAZON-AES)
1 18.66.122.56 16509 (AMAZON-02)
269 91
Apex Domain
Subdomains
Transfer
43 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2 MB
34 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 301
25 KB
23 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4623
embed-ssl.wistia.com — Cisco Umbrella Rank: 8757
embed-cloudfront.wistia.com
pipedream.wistia.com — Cisco Umbrella Rank: 7497
distillery.wistia.com — Cisco Umbrella Rank: 7109
3 MB
14 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3374
9 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
cm.g.doubleclick.net — Cisco Umbrella Rank: 228
10 KB
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3638
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2381
sslwidget.criteo.com — Cisco Umbrella Rank: 1825
widget.us.criteo.com — Cisco Umbrella Rank: 18056
dis.criteo.com — Cisco Umbrella Rank: 718
29 KB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 958
trc.taboola.com — Cisco Umbrella Rank: 682
sync-t1.taboola.com — Cisco Umbrella Rank: 1246
trc-events.taboola.com — Cisco Umbrella Rank: 1954
sync.taboola.com — Cisco Umbrella Rank: 1027
23 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
553 KB
8 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 781
170 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
secure.adnxs.com — Cisco Umbrella Rank: 429
7 KB
7 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 26112
145 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5216
1 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
930 B
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
311 B
6 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1221
ups.analytics.yahoo.com — Cisco Umbrella Rank: 302
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1087
3 KB
6 customerlabs.co
cdn.js.customerlabs.co — Cisco Umbrella Rank: 119872
io.v2.customerlabs.co — Cisco Umbrella Rank: 134502
198 KB
6 upwellness.com
pages.upwellness.com — Cisco Umbrella Rank: 654182
live.upwellness.com — Cisco Umbrella Rank: 696258
store.upwellness.com — Cisco Umbrella Rank: 620604
77 KB
5 useproof.com
cdn.useproof.com — Cisco Umbrella Rank: 62663
api.useproof.com — Cisco Umbrella Rank: 59957
602 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 552
814 B
4 herokuapp.com
live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 216991
472 B
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 676
match.360yield.com — Cisco Umbrella Rank: 2484
2 KB
4 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1416
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 323
1 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2602
tr.outbrain.com — Cisco Umbrella Rank: 2509
sync.outbrain.com — Cisco Umbrella Rank: 720
7 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2894
rp.liadm.com — Cisco Umbrella Rank: 1648
rp4.liadm.com — Cisco Umbrella Rank: 6852
i.liadm.com — Cisco Umbrella Rank: 594
16 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 611
usermatch.krxd.net — Cisco Umbrella Rank: 1554
695 B
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 733
image2.pubmatic.com — Cisco Umbrella Rank: 999
image6.pubmatic.com — Cisco Umbrella Rank: 779
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 215
3 KB
3 adform.net
cm.adform.net — Cisco Umbrella Rank: 1297
c1.adform.net — Cisco Umbrella Rank: 584
1 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 340
token.rubiconproject.com — Cisco Umbrella Rank: 574
892 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 407
12 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 836
1 KB
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 489
7 KB
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 6333
391 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 467
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1290
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 462
352 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
616 B
2 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1449
lm.serving-sys.com — Cisco Umbrella Rank: 2525
504 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 758
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 655
2 KB
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 2095
1 KB
2 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 43369
1002 B
2 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2254
sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 5907
75 B
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2368
amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5522
697 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 387
279 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604
326 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 927
72 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
136 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 newsbreak.com
static.newsbreak.com — Cisco Umbrella Rank: 63188
business.newsbreak.com — Cisco Umbrella Rank: 15813
3 KB
2 nextdoor.com
ads.nextdoor.com — Cisco Umbrella Rank: 7282
flask.nextdoor.com — Cisco Umbrella Rank: 6742
3 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 774
18 KB
2 ubembed.com
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com — Cisco Umbrella Rank: 677510
assets.ubembed.com — Cisco Umbrella Rank: 11730
51 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 20467
36 KB
1 trovo-tag.com
tag.trovo-tag.com — Cisco Umbrella Rank: 54603
760 B
1 ispot.tv
pi.ispot.tv — Cisco Umbrella Rank: 2344
341 B
1 ninthdecimal.com
lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3770
750 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1386
324 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1197
213 B
1 samba.tv
ads.samba.tv — Cisco Umbrella Rank: 5611
656 B
1 samplicio.us
usersync.samplicio.us — Cisco Umbrella Rank: 2990
186 B
1 imdb.com
www.imdb.com — Cisco Umbrella Rank: 2803
880 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2555
122 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 573
471 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 512
488 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1951
267 B
1 proofapi.com
analytics.proofapi.com — Cisco Umbrella Rank: 87252
721 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4239
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 27532
153 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1310
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2776
274 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 935
235 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1982
172 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 533
363 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 616
802 B
1 gstatic.com
www.gstatic.com
114 KB
1 unsplash.com
views.unsplash.com — Cisco Umbrella Rank: 36883
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
2 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 26311
282 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
27 KB
1 welldaily.com
go.welldaily.com — Cisco Umbrella Rank: 746210
2 KB
1 wm74trk.com
www.wm74trk.com
542 B
1 bloodsugarfit.com
trkw.bloodsugarfit.com
652 B
1 ontraport.com
bloodsugarfit.ontraport.com
2 KB
269 85
Domain Requested by
41 d9hhrg4mnvzow.cloudfront.net pages.upwellness.com
34 s.amazon-adsystem.com 1 redirects pages.upwellness.com
s.amazon-adsystem.com
14 a.clickcertain.com 9 redirects a.remarketstats.com
a.clickcertain.com
tag.trovo-tag.com
13 fast.wistia.com pages.upwellness.com
fast.wistia.com
9 www.googletagmanager.com pages.upwellness.com
www.googletagmanager.com
8 analytics.tiktok.com pages.upwellness.com
analytics.tiktok.com
7 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
7 www.google.de pages.upwellness.com
7 www.google.com 1 redirects pages.upwellness.com
6 www.facebook.com pages.upwellness.com
6 embed-cloudfront.wistia.com fast.wistia.com
6 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
5 io.v2.customerlabs.co cdn.js.customerlabs.co
5 cm.g.doubleclick.net 5 redirects
5 gum.criteo.com 4 redirects dynamic.criteo.com
4 match.prod.bidr.io 2 redirects a.clickcertain.com
tag.trovo-tag.com
4 live-visitor-counts.herokuapp.com cdn.useproof.com
4 trc-events.taboola.com cdn.taboola.com
4 ib.adnxs.com 4 redirects
4 x.bidswitch.net 2 redirects a.clickcertain.com
4 store.upwellness.com pages.upwellness.com
store.upwellness.com
3 dpm.demdex.net 2 redirects
3 ups.analytics.yahoo.com 2 redirects
3 secure.adnxs.com 2 redirects
3 bat.bing.com pages.upwellness.com
bat.bing.com
3 ct.pinterest.com s.pinimg.com
pages.upwellness.com
3 s.yimg.com pages.upwellness.com
s.yimg.com
3 cdn.useproof.com pages.upwellness.com
cdn.useproof.com
2 a.usbrowserspeed.com 1 redirects tag.trovo-tag.com
2 pixel.tapad.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 us-u.openx.net s.amazon-adsystem.com
2 sb.scorecardresearch.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c1.adform.net 2 redirects
2 ads.stickyadstv.com 2 redirects
2 t.myvisualiq.net 2 redirects
2 match.360yield.com 2 redirects
2 beacon.krxd.net s.amazon-adsystem.com
2 a.remarketstats.com 2 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 eb2.3lift.com s.amazon-adsystem.com
2 rtb-csync.smartadserver.com s.amazon-adsystem.com
2 pixel.rubiconproject.com 1 redirects
2 dis.criteo.com
2 pipedream.wistia.com fast.wistia.com
2 api.useproof.com cdn.useproof.com
2 sp.analytics.yahoo.com pages.upwellness.com
2 connect.facebook.net pages.upwellness.com
connect.facebook.net
2 trc.taboola.com cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
pages.upwellness.com
2 tr.outbrain.com amplify.outbrain.com
pages.upwellness.com
2 s.pinimg.com pages.upwellness.com
s.pinimg.com
2 d34qb8suadcc4g.cloudfront.net pages.upwellness.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com pages.upwellness.com
1 tag.trovo-tag.com a.clickcertain.com
1 i.liadm.com 1 redirects
1 sync.taboola.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 sync-amazon.ads.yieldmo.com s.amazon-adsystem.com
1 pi.ispot.tv 1 redirects
1 lciapi.ninthdecimal.com 1 redirects
1 loadus.exelator.com s.amazon-adsystem.com
1 token.rubiconproject.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 usermatch.krxd.net s.amazon-adsystem.com
1 lm.serving-sys.com s.amazon-adsystem.com
1 bs.serving-sys.com 1 redirects
1 odr.mookie1.com s.amazon-adsystem.com
1 ads.samba.tv 1 redirects
1 usersync.samplicio.us s.amazon-adsystem.com
1 www.imdb.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 public-prod-dspcookiematching.dmxleo.com s.amazon-adsystem.com
1 amazon.partners.tremorhub.com 1 redirects
1 tags.bluekai.com 1 redirects
1 dsum-sec.casalemedia.com 1 redirects
1 aa.agkn.com 1 redirects
1 s.thebrighttag.com
1 distillery.wistia.com fast.wistia.com
1 analytics.proofapi.com cdn.useproof.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 match.sharethrough.com
1 contextual.media.net
1 www.gstatic.com cdn.useproof.com
1 widget.us.criteo.com pages.upwellness.com
1 sslwidget.criteo.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 views.unsplash.com pages.upwellness.com
1 flask.nextdoor.com pages.upwellness.com
1 static.hotjar.com pages.upwellness.com
1 mug.criteo.com pages.upwellness.com
1 stats.g.doubleclick.net www.google-analytics.com
1 embed-ssl.wistia.com pages.upwellness.com
1 business.newsbreak.com static.newsbreak.com
1 cdn.js.customerlabs.co pages.upwellness.com
1 rp4.liadm.com pages.upwellness.com
1 rp.liadm.com 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 assets.ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1 events.ub-analytics.com pages.upwellness.com
1 static.newsbreak.com pages.upwellness.com
1 ads.nextdoor.com pages.upwellness.com
1 amplify.outbrain.com pages.upwellness.com
1 cdn.taboola.com pages.upwellness.com
1 cdnjs.cloudflare.com pages.upwellness.com
1 live.upwellness.com pages.upwellness.com
1 dynamic.criteo.com pages.upwellness.com
1 b-code.liadm.com pages.upwellness.com
1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com pages.upwellness.com
1 pages.upwellness.com
1 go.welldaily.com 1 redirects
1 www.wm74trk.com 1 redirects
1 trkw.bloodsugarfit.com 1 redirects
1 bloodsugarfit.ontraport.com 1 redirects
269 128

This site contains no links.

Subject Issuer Validity Valid
pages.upwellness.com
R3
2023-03-28 -
2023-06-26
3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01
2023-02-21 -
2024-02-07
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-10-09 -
2023-11-10
a year crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-02-28 -
2024-01-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
live.upwellness.com
R3
2023-03-14 -
2023-06-12
3 months crt.sh
store.upwellness.com
R3
2023-03-14 -
2023-06-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-28 -
2023-08-08
a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-27 -
2023-04-19
2 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-09 -
2024-02-11
a year crt.sh
nextdoor.com
Amazon RSA 2048 M02
2023-02-07 -
2023-06-02
4 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2023-03-13 -
2024-04-12
a year crt.sh
newsbreak.com
Amazon RSA 2048 M01
2023-02-24 -
2023-08-23
6 months crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01
2023-03-11 -
2024-04-08
a year crt.sh
assets.ubembed.com
Amazon RSA 2048 M01
2023-02-21 -
2024-02-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
cdn.js.customerlabs.co
Amazon RSA 2048 M01
2023-02-28 -
2023-10-26
8 months crt.sh
www.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
www.google.de
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.wistia.com
Amazon RSA 2048 M01
2023-01-31 -
2024-02-29
a year crt.sh
*.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-09 -
2023-04-09
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
*.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-10-01 -
2023-11-02
a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02
2022-11-17 -
2023-12-17
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-01-03 -
2023-06-28
6 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
teads.tv
R3
2023-02-21 -
2023-05-22
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M01
2023-02-10 -
2023-06-11
4 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-21 -
2023-08-16
6 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
itm.ivitrack.com
R3
2023-02-03 -
2023-05-04
3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01
2023-02-11 -
2023-08-04
6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-23
a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-28 -
2023-12-29
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-15
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M02
2023-02-10 -
2023-07-01
5 months crt.sh
hook.customerlabs.co
Amazon RSA 2048 M01
2023-02-21 -
2023-12-12
10 months crt.sh
*.herokuapp.com
Amazon RSA 2048 M01
2023-02-23 -
2023-05-31
3 months crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA
2023-02-16 -
2023-05-17
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-02-26
a year crt.sh
*.samplicio.us
Amazon RSA 2048 M01
2022-11-16 -
2023-12-15
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-03-29
a year crt.sh
usermatch.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-21 -
2024-02-20
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
trovo-tag.com
Amazon RSA 2048 M01
2023-03-01 -
2023-06-06
3 months crt.sh
a.usbrowserspeed.com
Amazon RSA 2048 M01
2022-12-01 -
2023-12-30
a year crt.sh

This page contains 9 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Frame ID: BF4DFAF0D50645906B39EA01DF30A700
Requests: 177 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 3BAE560C8E6E7569049F050241280864
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 95EE6C25B544BE1F208F433AF7A2A848
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900&dcc=t
Frame ID: 8F7703CFF5A026C4D5EA5F1D873B971A
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: DCE01854D2785076BD0E2B7AA14DB3C8
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30
Frame ID: 133014F70D182FC5E915100C6EEDA91B
Requests: 27 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Frame ID: 2234AE2DCF52989FC7084E9E3CECD620
Requests: 44 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Frame ID: 6AD79AA7AB8E1016F40EB2979212C774
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 5F6915B042527B99725107E8DE63F27D
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bloodsugarfit.ontraport.com/c/s/Xe3/WL8HQ/s/dhkl/60zP/6cTh07/sGCF0kkxje/P/P/K7/bXU9aHR0cHMlM0ElMkYlMkZ0c... HTTP 302
    https://trkw.bloodsugarfit.com/963124ed-b5ac-434d-b653-86dad525054c?offer=&sub2=roelandimlenaerts@gmail.com... HTTP 302
    https://www.wm74trk.com/28KL6/26B6MK1/?sub1=MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&sub5=wkoslpo23hg... HTTP 302
    https://go.welldaily.com/aff_c?offer_id=67&aff_id=115&source=&aff_sub=MW6FW-04-01-23-PM3-Golden-Reviv... HTTP 302
    https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

269
Requests

80 %
HTTPS

23 %
IPv6

85
Domains

128
Subdomains

91
IPs

9
Countries

7642 kB
Transfer

11928 kB
Size

117
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bloodsugarfit.ontraport.com/c/s/Xe3/WL8HQ/s/dhkl/60zP/6cTh07/sGCF0kkxje/P/P/K7/bXU9aHR0cHMlM0ElMkYlMkZ0cmt3LmJsb29kc3VnYXJmaXQuY29tJTJGOTYzMTI0ZWQtYjVhYy00MzRkLWI2NTMtODZkYWQ1MjUwNTRjJTNGb2ZmZXIlM0QlMjZzdWIyJTNEcm9lbGFuZGltbGVuYWVydHMlNDBnbWFpbC5jb20lMjZmcm9tJTNEJTdCJTdCY2FtcGFpZ24uZnJvbV9uYW1lJTdEJTdEJTI2c3ViamVjdCUzRCU3QiU3QmNhbXBhaWduLnN1YmplY3QlN0QlN0QlMjZzdWIxJTNETVc2RlctMDQtMDEtMjMtUE0zLUdvbGRlbi1SZXZpdmUtRi1TLTAxJm1oPWY1ZDJmMzdlMDFjZDg5/Z HTTP 302
    https://trkw.bloodsugarfit.com/963124ed-b5ac-434d-b653-86dad525054c?offer=&sub2=roelandimlenaerts@gmail.com&from={{campaign.from_name}}&subject={{campaign.subject}}&sub1=MW6FW-04-01-23-PM3-Golden-Revive-F-S-01 HTTP 302
    https://www.wm74trk.com/28KL6/26B6MK1/?sub1=MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&sub5=wkoslpo23hgl57nn2fh9n540&sub3=217.114.218.28 HTTP 302
    https://go.welldaily.com/aff_c?offer_id=67&aff_id=115&source=&aff_sub=MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&aff_sub2=&aff_sub3=217.114.218.28&aff_sub4=&aff_sub5=8045c43c1b7d49d0819054a9af232c28 HTTP 302
    https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://rp.liadm.com/j?dtstmp=1680390247109&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1680390247109&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true
Request Chain 72
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Z7goZKmZEs_A9u8PvYSm4Ag&sscte=1&crd=&pscrd=Ek9DaEVJOEt5Zm9RWVEtT0QxbkxlMnFJbTFBUkltQU1NRUJURWxuU0M1QnN3WDRBaUt0c092NENtQmNXekRHSWhwSnVwUUtaSkYwWFVVNzFnGlhDaEFJOEt5Zm9RWVFuOXpWX3VMVnFNUWpFaTRBX19UbHRlWXZ1eGY3cDFINVhWUkZEbW55d3A5T2kyYk9NRWNvVGI5X1ZiSWlwY0RlSDBweFk3SFBrTTQx HTTP 302
  • https://www.google.com/pagead/1p-conversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEt5Zm9RWVEtT0QxbkxlMnFJbTFBUkltQU1NRUJURWxuU0M1QnN3WDRBaUt0c092NENtQmNXekRHSWhwSnVwUUtaSkYwWFVVNzFnGlhDaEFJOEt5Zm9RWVFuOXpWX3VMVnFNUWpFaTRBX19UbHRlWXZ1eGY3cDFINVhWUkZEbW55d3A5T2kyYk9NRWNvVGI5X1ZiSWlwY0RlSDBweFk3SFBrTTQx&is_vtc=1&ocp_id=Z7goZKmZEs_A9u8PvYSm4Ag&cid=CAQSKQDUE5ym8OD1sIFqVSUdqYoFkDN_y70SqC0rEXiFdaLU0zPe97NPKvXQ&random=84170831 HTTP 302
  • https://www.google.de/pagead/1p-conversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEt5Zm9RWVEtT0QxbkxlMnFJbTFBUkltQU1NRUJURWxuU0M1QnN3WDRBaUt0c092NENtQmNXekRHSWhwSnVwUUtaSkYwWFVVNzFnGlhDaEFJOEt5Zm9RWVFuOXpWX3VMVnFNUWpFaTRBX19UbHRlWXZ1eGY3cDFINVhWUkZEbW55d3A5T2kyYk9NRWNvVGI5X1ZiSWlwY0RlSDBweFk3SFBrTTQx&is_vtc=1&ocp_id=Z7goZKmZEs_A9u8PvYSm4Ag&cid=CAQSKQDUE5ym8OD1sIFqVSUdqYoFkDN_y70SqC0rEXiFdaLU0zPe97NPKvXQ&random=84170831&ipr=y&prhg=0
Request Chain 84
  • https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=PkJVJHxTeWVrUXVaTktvQ2JBVDR4NXNScEt3OE9walQzNXRZdWpyQ2VkSFFJWHp0TzhFMldOVnR1bTl5bFlKVzg3ajcxeDF2UnBldkg5QVJiT01MSWRmRkswTHI0Q1IySzRXeGd6QzF3amJheE83TmdCOE40eDdxUlNtekZuLytRcTRWempvMi9keDlEcHF6VkZyZ2Q2V09IQWYvQXZrbGJFZklranZDR0F6Y2FOV2pFeU81cm9zTk92dzI0Qmg5dE05cjdDekI1bjRMMkJSTDdyMVp2cVp3QVIzYUR0K212czFtelpDUW04ZzdKaUZnNHFSQk9pN3poaVlGOHM4Y2lpcE1WYm96MFJ3UmNEd0JQS1ZNaG40WnhhZz09fA&cppv=2
Request Chain 140
  • https://sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ05pSWk0MCUyRkVPSkhtU2RqanowMWo2OTVGSFA5UmJ1N3F1VTNSWXBrcEk1N3FsJTJCVFM1ck1YOVFJOGIyeG4lMkJnSTM4a2Fnd0VXdVNKRG9XSzhvekxEaktqVzN1SlBiOWVHR2RKMHRZU0UxZVo0dkxXd01hYzFSQSUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1029a6681efd5683f702ef55da9a4c%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&dtycbr=61837 HTTP 302
  • https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ05pSWk0MCUyRkVPSkhtU2RqanowMWo2OTVGSFA5UmJ1N3F1VTNSWXBrcEk1N3FsJTJCVFM1ck1YOVFJOGIyeG4lMkJnSTM4a2Fnd0VXdVNKRG9XSzhvekxEaktqVzN1SlBiOWVHR2RKMHRZU0UxZVo0dkxXd01hYzFSQSUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1029a6681efd5683f702ef55da9a4c%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&dtycbr=61837
Request Chain 161
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900&dcc=t
Request Chain 164
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hVxClnLLYB-GO5iyIGSgqVyfLtZh0lnPzJqBwg&google_cm&google_hm=ay1oVnhDbG5MTFlCLUdPNWl5SUdTZ3FWeWZMdFpoMGxuUHpKcUJ3Zw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVxClnLLYB-GO5iyIGSgqVyfLtZh0lnPzJqBwg&google_gid=CAESEEUe9VUKpPo4nlPCSILc6hk&google_cver=1&google_ula=913071,0
Request Chain 166
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8031681129766253805
Request Chain 167
  • https://secure.adnxs.com/setuid?entity=52&code=k-njNxEnLLYB-GO5iyIGSgqVyfLtZvDUfqYGP1UA HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-njNxEnLLYB-GO5iyIGSgqVyfLtZvDUfqYGP1UA
Request Chain 178
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XpduEHLLYB-GO5iyIGSgqVyfLtZr9SCiv2eJuA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XpduEHLLYB-GO5iyIGSgqVyfLtZr9SCiv2eJuA&C=1
Request Chain 179
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ismv2h3PaVhzjC8LE5uBIdoqsKUOeyLm HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ismv2h3PaVhzjC8LE5uBIdoqsKUOeyLm
Request Chain 180
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CFLEkXLLYB-GO5iyIGSgqVyfLta8SHhqiz7yzg HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CFLEkXLLYB-GO5iyIGSgqVyfLta8SHhqiz7yzg
Request Chain 189
  • https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d HTTP 302
  • https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-fps&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d HTTP 302
  • https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Request Chain 202
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XDaWjW35mDekr_t9bv_SHvXdmBKZNy2l
Request Chain 213
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sFmFdEIQ_kXZ_IMUVS49yMltAa3-l7sc
Request Chain 214
  • https://ib.adnxs.com/setuid/a9?entity=188&code=Ia4c2rPQTu6TesOxUBtHfA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Ia4c2rPQTu6TesOxUBtHfA
Request Chain 215
  • https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=hSldxRa7QlGnz-2TYARw3A&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=e218b79d-090b-4454-bc0d-4004cff2d4dd
Request Chain 217
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=219833204473005166881&ex=neustar.biz
Request Chain 218
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=WQkfHt2ERWS2vYf-BjL2Ig&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCi4aAZEPDF2p8lYVlmVBQAA
Request Chain 219
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ad85cf8ca8546aac3ab1ee8617866f81
Request Chain 220
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Request Chain 221
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=MOP70CIFSkeqCE_iC6e6YA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=MOP70CIFSkeqCE_iC6e6YA
Request Chain 222
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=21c1ca4e-9213-4102-ac8c-31712bf4bdfa
Request Chain 223
  • https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=f12a22b8e6ed480da38fbf33d9d28291
Request Chain 225
  • https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
  • https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=y-hjPPu8VE2pEmP4Ez5s_L2XLBgVe1gCB8qKhb~A&status=OK&ex=gemini
Request Chain 226
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Request Chain 227
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Request Chain 229
  • https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=e218b79d-090b-4454-bc0d-4004cff2d4dd&ex=improvedigital.com
Request Chain 231
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10fcfdb6a2a9f8780
Request Chain 232
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VaAn_LHlSHasuFXMLOFmxQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VaAn_LHlSHasuFXMLOFmxQ
Request Chain 233
  • https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=D5U3gtOYSYWOjym1FFT9Aw&redirectId=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=D5U3gtOYSYWOjym1FFT9Aw
Request Chain 234
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=k2Np0Z9kRHGcrQvHj5EzPw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=59123808017656252062321847423938913321
Request Chain 236
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5887070762062618442
Request Chain 237
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=82fb074c-d0e1-11ed-af82-1ac054420106 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=82fb06d5-d0e1-11ed-af82-1ac054420106
Request Chain 238
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2213964a02-036e-4c60-8609-059775103f55%22,%22Time%22:%2220230401T230410.039904%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIdjZmnvlWYYg9sZPCnYbJM&google_cver=1
Request Chain 241
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=e81930a2a36e7291a96694223748ca74
Request Chain 243
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=LXqPWFZwdkkG9YpsLzz7MDc4ZAQ4ZgIC
Request Chain 245
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=6B02C209F944DB37
Request Chain 246
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8031681129766253805&ex=appnexus.com
Request Chain 247
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=5ainEyQKQbuDf7usyc3woQ&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=5ainEyQKQbuDf7usyc3woQ
Request Chain 248
  • https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=bs4i3xq_a9ZeBGhEJSZb4w&ex=rubiconproject.com&status=ok
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=NVT5rqL_Q22BgMbu57VCTw& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Request Chain 251
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8686AB82864BD44895B02A17634
Request Chain 252
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a643d920d05422ed5a30e744f35a4b4ca79cb45de60c6c62a05553a89831d191
Request Chain 254
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=70607F63-810D-4016-91C3-0CCD779F520F
Request Chain 256
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=db3a6783-46e7-4a2b-a6fc-739173ca18a6-tuctb223dea
Request Chain 260
  • https://a.clickcertain.com/px/ta/?ccid=3f861cd9-833d-4566-b952-e1c408e934df HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=3f861cd9-833d-4566-b952-e1c408e934df&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=3f861cd9-833d-4566-b952-e1c408e934df&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=cb3956d5-1945-4884-afd7-735b6e33517a
Request Chain 261
  • https://a.usbrowserspeed.com/cs?puid=22604785-5b92-55c7-9732-156d0ee8abee&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
  • https://a.clickcertain.com/px/t/?done=true&uid=f8581f34-7169-4684-afec-a6f5083a72ac&hem=
Request Chain 262
  • https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Request Chain 263
  • https://a.clickcertain.com/px/r/?ccid=3f861cd9-833d-4566-b952-e1c408e934df HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=3f861cd9-833d-4566-b952-e1c408e934df&ccid=3f861cd9-833d-4566-b952-e1c408e934df&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d3f861cd9%25252d833d%25252d4566%25252db952%25252de1c408e934df%252526anx_uId%25253d%252524UID HTTP 303
  • https://a.clickcertain.com/px/li/?ccid=3f861cd9-833d-4566-b952-e1c408e934df&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d3f861cd9%25252d833d%25252d4566%25252db952%25252de1c408e934df%252526anx_uId%25253d%252524UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d3f861cd9%2d833d%2d4566%2db952%2de1c408e934df%26anx_uId%3d%24UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D3f861cd9%2D833d%2D4566%2Db952%2De1c408e934df%26anx_uId%3D%24UID&google_gid=CAESEEzmekervvtq_cDiQ2k-oJI&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=3f861cd9-833d-4566-b952-e1c408e934df&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=3f861cd9-833d-4566-b952-e1c408e934df&anx_uId=8031681129766253805 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=3f861cd9-833d-4566-b952-e1c408e934df&expires=5&user_group=0
Request Chain 265
  • https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=82c4b81d-d0e1-11ed-b2cd-79bb4d1d39a7 HTTP 302
  • https://a.clickcertain.com/px/smart/a/?type=img&c=24d1add2443e239&partner_id=193f0456&partner_rid=82c4b81d-d0e1-11ed-b2cd-79bb4d1d39a7 HTTP 302
  • https://a.clickcertain.com/px/img/?c=24d1add2443e239 HTTP 302
  • https://a.clickcertain.com/px/img/g/?start_cm=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1 HTTP 302
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEEzmekervvtq_cDiQ2k-oJI&google_cver=1
Request Chain 267
  • https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

269 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pages.upwellness.com/uc-grplus-fps/
Redirect Chain
  • https://bloodsugarfit.ontraport.com/c/s/Xe3/WL8HQ/s/dhkl/60zP/6cTh07/sGCF0kkxje/P/P/K7/bXU9aHR0cHMlM0ElMkYlMkZ0cmt3LmJsb29kc3VnYXJmaXQuY29tJTJGOTYzMTI0ZWQtYjVhYy00MzRkLWI2NTMtODZkYWQ1MjUwNTRjJTNGb2...
  • https://trkw.bloodsugarfit.com/963124ed-b5ac-434d-b653-86dad525054c?offer=&sub2=roelandimlenaerts@gmail.com&from={{campaign.from_name}}&subject={{campaign.subject}}&sub1=MW6FW-04-01-23-PM3-Golden-R...
  • https://www.wm74trk.com/28KL6/26B6MK1/?sub1=MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&sub5=wkoslpo23hgl57nn2fh9n540&sub3=217.114.218.28
  • https://go.welldaily.com/aff_c?offer_id=67&aff_id=115&source=&aff_sub=MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&aff_sub2=&aff_sub3=217.114.218.28&aff_sub4=&aff_sub5=8045c43c1b7d49d0819054a9af232c28
  • https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
311 KB
43 KB
Document
General
Full URL
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
afd61f7c216daba748c6f27559679858178690671f7538dfc34cffdd9baf438f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
42859
content-location
https://pages.upwellness.com/uc-grplus-fps/
content-type
text/html; charset=utf-8
date
Sat, 01 Apr 2023 23:04:06 GMT
etag
"an:12e41d4cb15f423bbfe29245a6b6be15"
link
<https://pages.upwellness.com/uc-grplus-fps/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
6d2c7105-ebae-455a-91f2-47af4209ed5f
x-unbounce-variant
an
x-unbounce-visitorid
12e41d4c-b15f-423b-bfe2-9245a6b6be15

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 01 Apr 2023 23:04:06 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
1029a6681efd5683f702ef55da9a4c
X-Request-Id
6fe68daa4dbc7ded10599094343f9e69
X-Robots-Tag
noindex, nofollow
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 01:22:01 GMT
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-version-id
F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified
Wed, 23 Nov 2022 23:24:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
6126126
etag
"3d27e56a34e34b278ab5e182cbc3b587"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
QHtrt-JZ62HU5CmCSo1WuEPPihwoOjhqB7icirCx3VqLnkPT1ZL2gA==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 21:41:41 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-version-id
TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified
Tue, 17 Jan 2023 21:14:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
6398546
etag
"fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1865
x-amz-cf-id
F-wtb6_ya56bZ-VBVjfD7qQ81_x8ivDnoEaKGq20k2Pk5ZuZtwlDcQ==
/
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
12 KB
3 KB
Script
General
Full URL
https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
657a4979a12ebd67c8cc296346835cd92f88c281a4fe0e45d9b227fcf13f7ef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
x-backend-region
eu_west_1
x-amz-cf-pop
FRA56-P3
age
4975
etag
W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.0
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
accept-ranges
none
x-amz-apigw-id
Ct62xHukDoEFwSg=
a-057g.min.js
b-code.liadm.com/
42 KB
14 KB
Script
General
Full URL
https://b-code.liadm.com/a-057g.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 02:36:00 GMT
content-encoding
gzip
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
73686
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
_vqgrDLLOI3N-CjwucRCSMuIoNh22sJUhTlMNCMClva1ZM1BvCWQJA==
js
www.googletagmanager.com/gtag/
131 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-624541243
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f190d450c3bc29d42f05d0c2c0542f2d82edacfc2f609cf7141bcffe552b728b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51777
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
js
www.googletagmanager.com/gtag/
131 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10838597190
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd1bcad45855a0ac063e3bb291ca81fdc488f8f67418de98c334376547c168b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51719
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
js
www.googletagmanager.com/gtag/
227 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-458254939
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b127236065b9c431073d14f3595385b46c1295764f1ad1cb2eac52af7dd72e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76835
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
ld.js
dynamic.criteo.com/js/ld/
44 KB
15 KB
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=102531
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
def564fc498bc5147cf79aa16e5a6f93789115cc0f4740b0b089df37fa6ba132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
js
www.googletagmanager.com/gtag/
189 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-862759327
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b88a15ffcd595f00e288f147d93204674b94ebab04b0e27f5d660afdd6974d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69186
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
e8xcaqkjm4.jsonp
fast.wistia.com/embed/medias/
6 KB
2 KB
Script
General
Full URL
https://fast.wistia.com/embed/medias/e8xcaqkjm4.jsonp
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
604a7e9c994c5cf65a51454cf948fe4912e296375272a41123efa279e65c156f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
age
25232
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length
1828
x-request-id
61b73917538f2634cb611ffb1b5282c7
x-served-by
cache-iad-kcgs7200033-IAD, cache-hhn-etou8220072-HHN
x-runtime
0.057926
referrer-policy
strict-origin-when-cross-origin
x-browser-version
111
x-timer
S1680390247.907057,VS0,VE1
etag
W/"604a7e9c994c5cf65a51454cf948fe49"
x-download-options
noopen
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
59, 1
E-v1.js
fast.wistia.com/assets/external/
633 KB
116 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
931fd923e90a601be221b5f5385c848538f99f99b830db1f7960ced43545fc23
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2959
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
117763
x-served-by
cache-iad-kcgs7200157-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390247.906986,VS0,VE0
etag
"e283dcdd3238b39eef970f469d383f84"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
73, 243
swatch
fast.wistia.com/embed/medias/e8xcaqkjm4/
5 KB
5 KB
Image
General
Full URL
https://fast.wistia.com/embed/medias/e8xcaqkjm4/swatch
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
access-control-request-method
*
via
1.1 dfbe3a6f5b354f9a5f95a5a6814ce14e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD89-P2
age
631000
edge-cache-tag
9c999aa0107b556d5cd5f59d9dd7e014
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
270
content-disposition
inline
content-length
4891
x-served-by
cache-iad-kcgs7200082-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Tue, 05 Oct 2021 16:24:56 UTC
x-timer
S1680390247.906846,VS0,VE1
etag
KTO7iHMFy31bRBoB_X8SLpxC2Uc=
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, no-cache, max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
3BsjyajtQ1KxAARLk1m6gATfOnBU5ca4kFgdSr-WqaE8Dnj6ob8WxA==
x-cache-hits
263, 1
jquery.min.js
live.upwellness.com/services/scripts/jquery/
87 KB
31 KB
Script
General
Full URL
https://live.upwellness.com/services/scripts/jquery/jquery.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-168-254.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Sep 2022 09:48:00 GMT
server
nginx
etag
W/"63298c50-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
UCInvisibleLink
store.upwellness.com/cgi-bin/
432 B
811 B
Script
General
Full URL
https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.116.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-169.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
251
UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/
2 KB
1 KB
Script
General
Full URL
https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.116.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-169.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
744
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/
84 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
756092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27198
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWDlVrEdRV2qnn0ovh7WmVRjjj%2FOgoSUq0s5MwBxhzOqMVEae2p5HfWCF0PIFCglNyj%2FYgAxFAylwk5gBVyf2zz1Q2mN76NrqnDL%2B6V42DJy3WP7StE%2FLmPp7kWN6I9FhZXL7PNCnJefbTF5BFpdSqME"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b147822ce77918c-FRA
expires
Thu, 21 Mar 2024 23:04:06 GMT
main.bundle-5dc4c52.z.js
builder-assets.unbounce.com/published-js/
103 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 14:23:29 GMT
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-version-id
kRVHVyTD37.mZJGsoa3yeb_.YFqecWLY
x-amz-cf-pop
FRA2-C1
age
1327238
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33506
last-modified
Mon, 30 Jan 2023 22:32:27 GMT
server
AmazonS3
etag
"93cda5192fa133de0887d04f5cbbc334"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VYjOtPJAtLbkuIsXYCTSQxR9488DM2mxxeSUEESR8snGPDJmpEruGQ==
proof.js
cdn.useproof.com/
486 KB
487 KB
Script
General
Full URL
https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XPPVXV74HJGSFZPS
age
37278071
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
497733
x-amz-id-2
iFZMTmqYDg1vFLpWrsN+2ZZJD8Hqaw8yStR3XTY5ak3D17lu0EYIO3Lz38i7xBtuX7agJVjQqn8=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"0426397a9b31146729ac86c5be8595d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDs%2F5EhbjqikTpWGfvlU3sAwww1arwYqc0FuoUELF%2Fa4x9anwEwJgY9EzcoHFcbi5IkQSPH7nzyABEvsqmOZGVWezdQ4v%2BxP1upV9GR4j4SDHA9gzASezGIwtqak5RApU0jSj43HxvLKnc345ung"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
7b1478238878920b-FRA
core.js
s.pinimg.com/ct/
1 KB
752 B
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
x-cdn
fastly
etag
"6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
484
ytc.js
s.yimg.com/wi/
16 KB
6 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:03:55 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
9N7AW7NQZ099C7XM
age
13
x-amz-server-side-encryption
AES256
x-amz-id-2
pjGbcFe4OiVCx3YJGs9klpUPEVDtdL+WKwS74xLfecFA5Q1rztIBRGtRoAskDW6bmY03rhd0hkncgW5SGUUKrw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
tfa.js
cdn.taboola.com/libtrc/unip/1225872/
58 KB
18 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dd7d12d4cc195e05cd72a9623588ecabf14c71d7037558b22cee18309ee35b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
lbGvRh7bbdHCjxZmiWng2jlHfLOJD8Ds
content-encoding
gzip
via
1.1 varnish
date
Sat, 01 Apr 2023 23:04:07 GMT
x-amz-request-id
JGX4YBDN87E8JGW2
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18202
x-amz-id-2
nr5tsIU+Yjx+6BiB20WnW1QSZAoMOOwL80VUaFAeiHh1DSfmI/8hDpo0mYfL2Tn00hCc5LxMuV4=
x-served-by
cache-hhn-etou8220064-HHN
last-modified
Sun, 26 Mar 2023 11:19:51 GMT
server
AmazonS3
x-timer
S1680390247.013400,VS0,VE103
etag
"90223f6bb30466ad3ded8b0890170164"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
obtp.js
amplify.outbrain.com/cp/
20 KB
7 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 23:04:07 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Mar 2023 14:14:18 GMT
Server
AkamaiNetStorage
ETag
"f5b26a8a79c33830b47954a53cc355f9:1679753797.689802"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6385
Expires
Sat, 01 Apr 2023 23:24:07 GMT
ndp.js
ads.nextdoor.com/public/pixel/
6 KB
3 KB
Script
General
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.12.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-12-74.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 19:54:11 GMT
server
istio-envoy
etag
W/"6425e8e3-19c7"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
4
events.js
analytics.tiktok.com/i18n/pixel/
3 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d871514eb3439a656065beacb34b530e34f548ecaa14139bf5430b1802601944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id
5eca329
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=92
content-length
1364
pragma
no-cache
server
nginx
x-tt-logid
20230401230407030FA7FDA03C3DB395AB
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
92,23.36.161.90
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f2141e32b44fc6d9b9990216846c3662be1607d8aba4a93f23c6f4c387b1fb1409e6a1d859fab3ec394a7568b40ddd161abfa3d848fa6a4b941c20c8952c04c7465eb85f66985c3d634404cd0b3f7c5a8
expires
Sat, 01 Apr 2023 23:04:07 GMT
nbpixel.js
static.newsbreak.com/business/tracking/
8 KB
3 KB
Script
General
Full URL
https://static.newsbreak.com/business/tracking/nbpixel.js?t=1680393600000
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
date
Sat, 01 Apr 2023 13:55:58 GMT
x-amz-cf-pop
FRA60-P3
age
32894
x-cache
Hit from cloudfront
last-modified
Thu, 14 Oct 2021 07:49:18 GMT
server
AmazonS3
etag
W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
iN9hrmFQnndxK62XLvMGXf6JjwUAqUMIEPOuZYELVlAtpwuI70unMw==
gtm.js
www.googletagmanager.com/
175 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48c6a6948497c66461886751361d31b82ee1eb402b38d2a75449b4db5f2f0c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65520
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:07 GMT
events.js
analytics.tiktok.com/i18n/pixel/
3 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4e1c87ce55f63bfa3d6b49ff80016ed85e563553a4a1ff3012b6653ea1577fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id
5eca32a
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
content-length
1365
pragma
no-cache
server
nginx
x-tt-logid
202304012304071B8987AF368061E3ED87
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
91,23.36.161.90
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f2141e32b44fc6d9b9990216846c3662b4dc5f78a622ebd69bb2ce4c5d8d9c31249a403ddab3cc6c0609e88acc1ae1d4ade26d8c078354a372861b861e9905818c4bd6f7b13c0b06de8af537d9a970a2d
expires
Sat, 01 Apr 2023 23:04:07 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
42 KB
42 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:28 GMT
x-amz-version-id
lJAmakYKgdsFfju9rAQ_NzyoVi2.uFzt
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082399
etag
"e3753887ecf5fb15513cde566e26a803"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
43016
x-amz-cf-id
hAeifZrGm7uXVfGXa9JM0ykDyvxqE_JQKfJIHSF8HSePzNVvSotsNQ==
d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
121 KB
121 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:32 GMT
x-amz-version-id
BKVxmHo89kyERTnWcn0VwVcCrf2b5OO6
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082396
etag
"8623460fd509c8bce7623df03b517ef6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
123673
x-amz-cf-id
0SBUn26Ps01ngT_3iVdsJ2BMlUGgaYhpd89FT8HwVzhMksK8XXaLIw==
cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
34 KB
35 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 15:59:32 GMT
x-amz-version-id
uxBUg74jY0Y1i_4VyMH60o9xW0QePNIj
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
15836675
etag
"57ad6757695bd394d132dffc6cf3d1fd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
35034
x-amz-cf-id
XoUQOpUR6Yb3vshVFQcgVFx1j4QOoHYeA9s-CYvxrmyNCNnS6t1_fA==
a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
185 KB
186 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:06:38 GMT
x-amz-version-id
au.ApT0XP8axgvPpnxd4g7.IOce6tuGq
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14810250
etag
"ce5156cacf580d0e35ff189b67aacfbc"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
189879
x-amz-cf-id
OMfDtlSaseV8x-jlgOjzZ3Qg3YDIby6EmsAZISvQe2QBf571VpeQCg==
aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
167 KB
167 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:32 GMT
x-amz-version-id
QS0pP_ZeSDsPG_tDzM.REht8tGo9nZPS
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082396
etag
"981ccd318264bd584234aaec828d43ce"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
170550
x-amz-cf-id
-201kR23PuBBbkSQWuGLOGFDeDGO94uieZVm5BRBcyXeWztsUq2DUw==
d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
91 KB
92 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:32 GMT
x-amz-version-id
7LCThZSUle7eZdJUw8pzfb8V8juuLqKH
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082396
etag
"fc4db20401afee8c48e1ca79db0f0ec7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
93607
x-amz-cf-id
nK6edPstawyTVywuyUwVBuREiAZFGSpjtHJDtvNaunXiH8Sm8KDQeA==
f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
393 KB
394 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 23:25:42 GMT
x-amz-version-id
83kQBtYIphc_dei_VsMT5haUCjNGXhhw
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16155505
etag
"056ca93a156b7b1ffad3e735ce3b7550"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
402177
x-amz-cf-id
nXGhZ0-D4VL1pMJKbpLbZt8t8N4oLmifWoQEmwpZUHHdOF_cDBzvCw==
5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
117 KB
117 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:33 GMT
x-amz-version-id
oGmxOfer.hDO1KT81sQ61EDCeHTa2tQb
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082395
etag
"3e061c61f1b29bc2e19ae6c9a78f8819"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
119389
x-amz-cf-id
lykz9HdWA5rdUiG74n9bmTBMSIWHnbgPCmFCatEOlvUb6p_Qj4sHdw==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
date
Sun, 05 Mar 2023 17:27:36 GMT
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
5858647
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
HRcAhBdqtcVETu1FzOI-QvF9OARSVJgEqwL2FNs6m_8zYXkkzWiWUQ==
i
events.ub-analytics.com/
43 B
282 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1680390246874&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=f1814a2e-8936-44b1-a352-5c70a046bb4a&dtm=1680390246871&vp=1600x1200&ds=1600x17230&vid=1&sid=999a431f-fa16-4697-8cbb-91da7f9d2fde&duid=67cd981b-f242-4f72-a4cd-146387184bf6&uid=12e41d4c-b15f-423b-bfe2-9245a6b6be15&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNmQyYzcxMDUtZWJhZS00NTVhLTkxZjItNDdhZjQyMDllZDVmIiwidmFyaWFudElkIjoiYW4iLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.88.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-88-80.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
bundle.js
assets.ubembed.com/universalscript/releases/v0.180.0/
174 KB
48 KB
Script
General
Full URL
https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 18:00:56 GMT
content-encoding
gzip
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 20:53:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1573392
etag
W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
QFN8cUVy3kaj_CooJbL47d7Vu6jtxxKoXd49P_hBCF1-K3Lnd_g9Lw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1680390246948&cv=11&fst=1680390246948&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be4899df885f644dd41b1d44a9825f4a3282cd93294b05bfddec1d96f319f009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
131 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91c4cd304b12bf5b2d106e5f52694c5591a71078481e1a75e97e75819397cdea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51734
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
js
www.googletagmanager.com/gtag/
227 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2651d6505ed936078ae2f19dba66522bf26f6a45d00933cd6ce4563f249b9b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76992
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
js
www.googletagmanager.com/gtag/
189 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b807b5710be11b6800a63212dc6b8bb26b0e03b11adeeacd550737a0430ac4f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69206
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:06 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1680390246993&cv=11&fst=1680390246993&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d97d3fc6112cde238da1b8afd8e722bab97bfe66367abc90de7c322b38c06df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/458254939/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/458254939/?random=1680390247009&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f32c84613efd5d0d2ae3a88eaee3168bd2a3c15969e032818742b43dcd7e15a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1628
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1680390247020&cv=11&fst=1680390247020&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bc84fe38461648e4209bc92657a1541d1e2ae8f9b55e1b2e03d5a2098d729da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1680390247109&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessio...
  • https://rp4.liadm.com/j?dtstmp=1680390247109&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessi...
13 B
552 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1680390247109&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Server
34.230.229.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-229-216.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
x-pixel-event-id
76a4bc62-f17d-4417-9e8e-89a1f2b9722d
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
b951c0d8d9621da3
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Sat, 01 Apr 2023 23:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1680390247109&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true
access-control-allow-origin
https://pages.upwellness.com
request-time
0
access-control-allow-credentials
true
trace-id
cd6b1b50ab2fc9f6
content-length
0
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1680390247133&cv=11&fst=1680390247133&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b9a3fa4e5a401b4b3825cd72d79074e50545ed4dfc4d96160b7b0c092941fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.da2a1c8f.js
s.pinimg.com/ct/lib/
57 KB
17 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-cdn
fastly
etag
"b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
17556
cachedClickId
tr.outbrain.com/
35 B
194 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 23:04:07 GMT
X-TraceId
7b75ea710805f7ef58516422749e7c7d
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/
53 B
225 B
Image
General
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=09390376342785112&referrer=&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 23:04:07 GMT
Cache-Control
no-cache
X-TraceId
efc33a09659e4b8e294ec23ef220beea
Content-Length
53
Content-Type
image/gif;
videoThumbnail.js
fast.wistia.com/assets/external/
72 KB
20 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/videoThumbnail.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
108cc0de5a6c65309500778c8d8111f3fdf8fb5cc4c6f9855779a8ad46ddb404
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3103
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20271
x-served-by
cache-iad-kiad7000082-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390247.230112,VS0,VE0
etag
"53855ec4f219dd68fe28986ce026cede"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
31, 6
syncframe
gum.criteo.com/ Frame 3BAE
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
04971705dcd7ef441d0cdfed3de59b62af5c279b75c2b60d14116a1ccaf23acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 23:04:06 GMT
server
Kestrel
server-processing-duration-in-ticks
1099207
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 22:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3535
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 02 Apr 2023 00:05:12 GMT
js
www.googletagmanager.com/gtag/
131 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-675938688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08ef2d862119d73211a8d3b128bf7a864082ae0d1385e946d3f683e5c01973dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51773
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 01 Apr 2023 23:04:07 GMT
cl4975ot4arrr6.js
cdn.js.customerlabs.co/
196 KB
197 KB
Script
General
Full URL
https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-97.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f

Request headers

Referer
https://pages.upwellness.com/
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
q7mG7hlker5FRiUNkg8qVdDD2fjHsOUI
date
Sat, 01 Apr 2023 23:04:08 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
201018
last-modified
Mon, 20 Feb 2023 17:59:47 GMT
server
AmazonS3
etag
"cef37c380b37f6c7fbe85e3594e7f2d8"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET, PUT, POST, DELETE
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag, x-amz-meta-custom-header
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
dfg7hhanLXhdCQf1eDaUyz5qpCJ2dXmoFCH-Y1b1Z9-sCkiM12ec9w==
thumbnailTextOverlay-v2.js
fast.wistia.com/assets/external/
84 KB
26 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9ece6c2b4f12d493789048c794f3cb6a6fbaea7df9a08d1c037d8f2ec1ccd9d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
720
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
26688
x-served-by
cache-iad-kjyo7100135-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390247.288898,VS0,VE1
etag
"d1189bd3142d46f7698d31669c07ea2c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
54, 1
pixel.gif
business.newsbreak.com/tracking/
0
0
Ping
General
Full URL
https://business.newsbreak.com/tracking/pixel.gif?id=ID-1585718645907906561&uid=1-wx13t31a-lfykyt0y&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&ts=1680390246780&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20111&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by
Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1680393600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.7.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-7-180.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

json
trc.taboola.com/1225872/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1225872/trc/3/json?tim=1680390247292&data=%7B%22id%22%3A960%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680390247286%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680390247292%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
001ccf0acd793b4336bacc24c495d85411364c136aee697431a0e572a384b5e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220064-HHN
server
nginx
x-timer
S1680390247.313477,VS0,VE20
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
main.MTU1Nzk2ZDUwMw.js
analytics.tiktok.com/i18n/pixel/static/
259 KB
68 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
457a6bbd32523a72293e8041d1ba07046b5f2c936c20b63b3e6786545ecfcb7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id
5eca39f
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230328150752129DAC5AA0CBA4BEA515
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
013629509ea0347ef1ff1ba8ce32a7ff886b0b1228f779d6f75d16fff637c839213044039f47d54987b5d60256980c4c3fbc8dbca98e7c8db62b473ff4e9009a9929d5831e5a4ec6f7f978b7e68a22c37bc567327b3b881c84901f7ed53d5144a8
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
69014
/
www.google.com/pagead/1p-user-list/458254939/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/458254939/?random=1680390246993&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1561411320&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/458254939/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/458254939/?random=1680390246993&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1561411320&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTU1Nzk2ZDUwMA.js
analytics.tiktok.com/i18n/pixel/static/
238 KB
65 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cb922ba96736c011c5c8e3bad8312a52b45f3afd24ed8791d050c52ea2b2f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id
5eca3ac
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202303281506555508384DECEA08A454A9
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01536155a7702ba72927f5f0aa1c98198541d0357c9942cfbbb08cf518df5d6614545389631db4b991089143048cfc7729089be769b48b02a2c3e80d1cf25f82bf17263a15b4d69f63542c1e1341313435cedfaf571798de8a705a10907f4c45aa
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
66257
/
ct.pinterest.com/user/
533 B
605 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1680390247332&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pin-unauth
dWlkPU9XRXhObVk1WVRBdE56UXpOQzAwTkRFd0xUbG1ZbVF0TldNM01qTTVOMlV3Tnpkaw
pragma
no-cache
content-encoding
gzip
referrer-policy
origin
date
Sat, 01 Apr 2023 23:04:07 GMT
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pages.upwellness.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
x-pinterest-rid
1061634628647747
content-length
372
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10838597190/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/10838597190/?random=1680390247133&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=289543983&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10838597190/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/10838597190/?random=1680390247133&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=289543983&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/862759327/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/862759327/?random=1680390247020&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=491627454&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/862759327/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/862759327/?random=1680390247020&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=491627454&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
invisibleLink.jsp
store.upwellness.com/affiliate/
245 B
1 KB
Script
General
Full URL
https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-fps/%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.116.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-169.compute-1.amazonaws.com
Software
Apache /
Resource Hash
42a3e0b9bad87ff95c1d0c032e0b53d3eeb15168b6a00aa882706127a4ea9d74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
172
/
www.google.com/pagead/1p-user-list/624541243/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/624541243/?random=1680390246948&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=512719689&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/624541243/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/624541243/?random=1680390246948&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=512719689&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
247 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1680390247339
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
7761725927087101
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/458254939/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages...
  • https://www.google.com/pagead/1p-conversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-...
  • https://www.google.de/pagead/1p-conversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-g...
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEt5Zm9RWVEtT0QxbkxlMnFJbTFBUkltQU1NRUJURWxuU0M1QnN3WDRBaUt0c092NENtQmNXekRHSWhwSnVwUUtaSkYwWFVVNzFnGlhDaEFJOEt5Zm9RWVFuOXpWX3VMVnFNUWpFaTRBX19UbHRlWXZ1eGY3cDFINVhWUkZEbW55d3A5T2kyYk9NRWNvVGI5X1ZiSWlwY0RlSDBweFk3SFBrTTQx&is_vtc=1&ocp_id=Z7goZKmZEs_A9u8PvYSm4Ag&cid=CAQSKQDUE5ym8OD1sIFqVSUdqYoFkDN_y70SqC0rEXiFdaLU0zPe97NPKvXQ&random=84170831&ipr=y&prhg=0
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/458254939/?random=797504509&cv=11&fst=1680390247009&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEt5Zm9RWVEtT0QxbkxlMnFJbTFBUkltQU1NRUJURWxuU0M1QnN3WDRBaUt0c092NENtQmNXekRHSWhwSnVwUUtaSkYwWFVVNzFnGlhDaEFJOEt5Zm9RWVFuOXpWX3VMVnFNUWpFaTRBX19UbHRlWXZ1eGY3cDFINVhWUkZEbW55d3A5T2kyYk9NRWNvVGI5X1ZiSWlwY0RlSDBweFk3SFBrTTQx&is_vtc=1&ocp_id=Z7goZKmZEs_A9u8PvYSm4Ag&cid=CAQSKQDUE5ym8OD1sIFqVSUdqYoFkDN_y70SqC0rEXiFdaLU0zPe97NPKvXQ&random=84170831&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1680390247404&cv=11&fst=1680390247404&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&hn=www.googleadservices.com&frm=0&auid=1458025374.1680390247&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3768348c8f415612d642864472d5157538ac456d8b4f3292b77702f652edb384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0b76a8eda7c331eb805ad8af326f611e.png
embed-ssl.wistia.com/deliveries/
96 KB
96 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/0b76a8eda7c331eb805ad8af326f611e.png?image_crop_resized=1920x1080
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 10:22:24 GMT
access-control-request-method
*
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
386595
edge-cache-tag
0b76a8eda7c331eb805ad8af326f611e
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
306
content-disposition
inline
surrogate-key
0b76a8eda7c331eb805ad8af326f611e thumbnail-delivery
last-modified
Thu, 23 Sep 2021 14:58:31 UTC
server
envoy
etag
MCRQ8DYfj2ieeWrQGMrwuPDRHns=
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
jWQ7DYRTB5qci781x7AZiv-IdQoVy53BGuiu9m2STqZmvSHKsHWYiw==
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
json
trc.taboola.com/1523626/trc/3/
3 KB
1 KB
Script
General
Full URL
https://trc.taboola.com/1523626/trc/3/json?tim=1680390247471&data=%7B%22id%22%3A348%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680390247286%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680390247295%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4778a4d71fe5221c53e48770e1fee2827680f5ebfc91d9bb1833478808a0155f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220064-HHN
server
nginx
x-timer
S1680390247.488775,VS0,VE19
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
hls_video.js
fast.wistia.com/assets/external/engines/
486 KB
112 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d66423cf25677e284ead37e8c20158a3f3ef68ef7fbf7ad1f9a6c955f067330e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3084
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
114669
x-served-by
cache-iad-kiad7000113-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390248.510623,VS0,VE0
etag
"cc911f76e87ef8862695efcd6e85686d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
54, 52
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28307243-3&cid=1329566415.1680390248&jid=1529344586&gjid=1681887263&_gid=1441025350.1680390248&_u=YGBAiEABBAAAAEAAI~&z=174398059
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 01 Apr 2023 23:04:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=789393003&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=1529344586&gjid=1681887263&cid=1329566415.1680390248&tid=UA-28307243-3&_gid=1441025350.1680390248&gtm=45He33t0n81M3S986P&z=1326153520
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17935
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
identify_08840.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_08840.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id
5eca423
date
Sat, 01 Apr 2023 23:04:07 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230328150648A28A4CEB52A5B778CBF6
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0135befa4fdb3e118b3943a43c1eb26eae57ffae279e0af8996a435ce89b30d12fa28ae1c4f679401dccd6cd87323a7eac83305fd38beb0417c1464ccff58edb4b55c2432d3c9bace9adf33723c73550d6ae8d2ff577ce58801a7cea19b8a56363
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=7
content-length
30769
pixel
analytics.tiktok.com/api/v2/
0
696 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
9ebae43b.5eca451
date
Sat, 01 Apr 2023 23:04:07 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time
121,23.36.161.90
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=29, inner; dur=26
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230401230407EC5D114526B5F9F77BC0
x-cache-remote
TCP_MISS from a23-220-104-23.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.220.104.23
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4ff96144759bf5851e6fd248c8588a567887b19a64c750f0a61aaf678b3d0de3bfb84dadefe8d249cb4961ef84ead211da48eb0b896c90ea0d5e6c1b64c0b65c9dae799db2c2b34cf6b424977ddab52fb3416032ded75a93ad4038881a859577b0
expires
Sat, 01 Apr 2023 23:04:07 GMT
pixel
analytics.tiktok.com/api/v2/
0
697 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3909fdf8.5eca452
date
Sat, 01 Apr 2023 23:04:07 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time
113,23.36.161.90
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=26, inner; dur=23
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023040123040780E883CD75FD24FC45CD
x-cache-remote
TCP_MISS from a23-220-104-26.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
26,23.220.104.26
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4ff96144759bf5851e6fd248c8588a5678b518c5d0ac2e235e3e88de951bb0bd5a892dfb3e7b978e22cb9fb5c771339f69979c230513b7a0c20950a181dee88dea5e15df8e269b5992865b3e8d1e3b304484095d93f7b8da8ab1d9e95a69eb8f1b
expires
Sat, 01 Apr 2023 23:04:07 GMT
pixel
analytics.tiktok.com/api/v2/
0
552 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-118.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
x-akamai-request-id
5eca453
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202304012304073B12BC8D8B6F9D400D83
x-cache
TCP_MISS from a23-36-161-90.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
196,23.36.161.90
x-tt-trace-host
01836b4158833be2f07bf617cf27212a4f2141e32b44fc6d9b9990216846c3662bdc0d2712943a57dc4a51a1140635f89a9e9a48b18c01535753eaf876579c946dd5bf8b7b233d2aa4611009dc9c19adb42a5ac17c71977755bd4fddc28705acc4
server-timing
inner; dur=103, cdn-cache; desc=MISS, edge; dur=5, origin; dur=195
content-length
0
expires
Sat, 01 Apr 2023 23:04:07 GMT
sid
mug.criteo.com/ Frame 3BAE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=PkJVJHxTeWVrUXVaTktvQ2JBVDR4NXNScEt3OE9walQzNXRZdWpyQ2VkSFFJWHp0TzhFMldOVnR1bTl5bFlKVzg3ajcxeDF2UnBldkg5QVJiT01MSWRmRkswTHI0Q1IySzRXeGd6QzF3amJheE83TmdCOE40eDdxUlNtek...
428 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=PkJVJHxTeWVrUXVaTktvQ2JBVDR4NXNScEt3OE9walQzNXRZdWpyQ2VkSFFJWHp0TzhFMldOVnR1bTl5bFlKVzg3ajcxeDF2UnBldkg5QVJiT01MSWRmRkswTHI0Q1IySzRXeGd6QzF3amJheE83TmdCOE40eDdxUlNtekZuLytRcTRWempvMi9keDlEcHF6VkZyZ2Q2V09IQWYvQXZrbGJFZklranZDR0F6Y2FOV2pFeU81cm9zTk92dzI0Qmg5dE05cjdDekI1bjRMMkJSTDdyMVp2cVp3QVIzYUR0K212czFtelpDUW04ZzdKaUZnNHFSQk9pN3poaVlGOHM4Y2lpcE1WYm96MFJ3UmNEd0JQS1ZNaG40WnhhZz09fA&cppv=2
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
02a8d707669f7d95f015f1bb49d881a92e352d614585cca3ba9e33558f5fd6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1565043
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=PkJVJHxTeWVrUXVaTktvQ2JBVDR4NXNScEt3OE9walQzNXRZdWpyQ2VkSFFJWHp0TzhFMldOVnR1bTl5bFlKVzg3ajcxeDF2UnBldkg5QVJiT01MSWRmRkswTHI0Q1IySzRXeGd6QzF3amJheE83TmdCOE40eDdxUlNtekZuLytRcTRWempvMi9keDlEcHF6VkZyZ2Q2V09IQWYvQXZrbGJFZklranZDR0F6Y2FOV2pFeU81cm9zTk92dzI0Qmg5dE05cjdDekI1bjRMMkJSTDdyMVp2cVp3QVIzYUR0K212czFtelpDUW04ZzdKaUZnNHFSQk9pN3poaVlGOHM4Y2lpcE1WYm96MFJ3UmNEd0JQS1ZNaG40WnhhZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
329300
content-length
0
expires
0
/
www.google.com/pagead/1p-user-list/675938688/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/675938688/?random=1680390247404&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=195901408&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/675938688/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/675938688/?random=1680390247404&cv=11&fst=1680390000000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=195901408&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10056129.json
s.yimg.com/wi/config/
46 B
375 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10056129.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
x-amz-version-id
2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
ZRHFY04Q42HQ9JEW
age
2
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
RrI3LwvLnGGuwj0Y+2BEV2s9I+z/+BeiXvZuhvn+2fDzPP8qgjsohZ6Aa5H5NR9ZjIk9nUK1Sho=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 27 Sep 2022 22:00:05 GMT
server
ATS
etag
"fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
10175858.json
s.yimg.com/wi/config/
46 B
675 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10175858.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:51:26 GMT
x-amz-version-id
a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
GHC2AX76DT2B2V92
age
51162
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
soRBG932nsl6eZXKx2NaRnreT6y9pv/zojYgBoVe9icrAX1MadtMlFHKhokc016fD0RA3MwFDlM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Sun, 19 Feb 2023 18:55:23 GMT
server
ATS
etag
"7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1329566415.1680390248&jid=1529344586&_u=YGBAiEABBAAAAEAAI~&z=325744378
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1329566415.1680390248&jid=1529344586&_u=YGBAiEABBAAAAEAAI~&z=325744378
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 23:04:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zqVb4lL6p5WshpGofcnyY3yRhGqbxzQ2xm25E8U/2A3iDW7vLc2jIrPFt8i4KosWnKXRHre+HlTvYUHb8CsCeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-795540.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-795540.js?sv=6
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
cc231c280dce3603412d1aa9dd7180c0c86d220ef9cb997b838fa5cc9c613298
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 23:04:07 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/9d0e98fc36fe8d4e3d8416f26e52b1ab
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
pwQ4vZkmuEZJTCi4LV1-PanoQfKpaGtrgJNGbuIjIyZZLPgm6n2sRA==
bat.js
bat.bing.com/
40 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 01 Apr 2023 23:04:07 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 99100158D5FC4DFC9A4744A4F6DBA715 Ref B: FRA31EDGE0616 Ref C: 2023-04-01T23:04:07Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
e8xcaqkjm4.m3u8
fast.wistia.com/embed/medias/
935 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
age
0
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length
935
x-request-id
05ef33207cca862e2f3809307594587b
x-served-by
cache-iad-kjyo7100147-IAD, cache-hhn-etou8220076-HHN
x-runtime
0.030134
referrer-policy
strict-origin-when-cross-origin
x-browser-version
111
x-timer
S1680390248.752524,VS0,VE93
etag
W/"0fa56fcfcf95ba949a3a9883d09eca6a"
x-download-options
noopen
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
625, 1
blank.gif
fast.wistia.com/assets/images/
1 KB
2 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pages.upwellness.com/
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
55, 2406
date
Sat, 01 Apr 2023 23:04:07 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
85707
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kiad7000052-IAD, cache-hhn-etou8220076-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 23:13:56 GMT
x-timer
S1680390248.752626,VS0,VE0
etag
"64276934-4be"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel
flask.nextdoor.com/
0
112 B
Image
General
Full URL
https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&ndclid=&rf=&sem=&tm=0
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.6.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-6-198.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
context-id
1f2f49cc-c53f-4586-b4b7-a9fd371da243
fa19e886-4026-4b64-b5c6-66b70f0ad84b
https://pages.upwellness.com/
5 KB
0
Stylesheet
General
Full URL
blob:https://pages.upwellness.com/fa19e886-4026-4b64-b5c6-66b70f0ad84b
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
v
views.unsplash.com/
0
0
Image
General
Full URL
https://views.unsplash.com/v?app_id=27955&photo_id=0tgmnmiyq9y,0tgmnmiyq9y,0tgmnmiyq9y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

css
fonts.ub-assets.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
66e32af742f610da7a788c1279d34cce52b6248cca65aa733f35592d0fb5804b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
677b12ec-0171-4dc8-b6a0-c732c33942f3
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
CuHATGG1oAMFYqQ=
content-length
665
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-6428b868-37cffa985dece5dc486b5cdc
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
Jc41tZm38Lw7lI9FKPjeveexb3ncsouSC9IqS-RqQZabs-d6_UlgNQ==
2181c4f3-upwellness-logo_104201o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
4 KB
4 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2181c4f3-upwellness-logo_104201o000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:37 GMT
x-amz-version-id
OtTs_SZSYdNFf.JD9dztVbH4Qsdv4mtF
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082391
etag
"7b6c725ae1e3af92af160df87ba31720"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3678
x-amz-cf-id
xIawSofB8yOaks3g_dA8zLnXnrrvwiXzZAaDGePp1jF2aL47YdptHg==
32f07f71-whitecheck_100p00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
542 B
933 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100p00w000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 14:18:57 GMT
x-amz-version-id
mb6yE59uJIovRekLOjaV008PE_6raGv0
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Wed, 30 Mar 2022 15:37:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
31308311
etag
"4825b4ea0d4c880b6307c2e7132ee9a6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
542
x-amz-cf-id
g3QzFO95e1zNd_nfrXunyzQUOsDG7y4TsjH42bBolJP8XuO9SBDHEg==
95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
16 KB
17 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 23:25:44 GMT
x-amz-version-id
1RE_Jy5aH0Aby9dXdD_cmp61I1qdhWdE
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16155504
etag
"65bf040063564f89972c66052d155a51"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16499
x-amz-cf-id
QrtGSyVwoOFokNcWGaEE9IVk9dFZTOp6_I88UQJnmn6dKxOdquxWcQ==
5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
3 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 04:53:57 GMT
x-amz-version-id
8.HCHz3uB1qbvRa9hTANVKn2FdSyXNUO
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Sun, 11 Dec 2022 04:46:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
9569411
etag
"88263fec2db483b6e115f831a65022a9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2981
x-amz-cf-id
QPCQ4FBbpnqMR9w4ZSDpGxosdg44vxoRZnrT03ua9b9sV0kIrXlvkw==
ac1a08cd-inflammation-1_108t09u08b09p009005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
44 KB
44 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ac1a08cd-inflammation-1_108t09u08b09p009005028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 16:30:50 GMT
x-amz-version-id
xMQL9u5rA0k3PvpLpoGRqdjAC035h8Oa
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Wed, 30 Mar 2022 15:37:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
31041198
etag
"359ed3bb81729f290b18d9b109cf06a1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
44857
x-amz-cf-id
cFhMP9ZZXRqWOSfuR5FdN5LbW89XR71BPVGMSfXmMEdxUemst7B4Iw==
4cac7528-white-215136347-1_10dm0c7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
26 KB
27 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/4cac7528-white-215136347-1_10dm0c7000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:43 GMT
x-amz-version-id
hjK9g6o_1SltTDZNyGkcqSm0mNIyb_8t
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082385
etag
"816661072aa7266a68ff0387b3c14c4e"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
27101
x-amz-cf-id
Q2AD4wzTybVxSZz2IX1ZmvaUJXnucgA7ubIygQfQni0rIjkbrw5ztA==
100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
23 KB
23 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id
PU1XtoJ_NKjiY2dzb_v66fhrDoflqkqe
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:12:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
6773352
etag
"9e943cd62e2bfe0bc4e138564aa93a3e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
23241
x-amz-cf-id
emOCwdXDsxA-ZIMmoVSrDP9OEAQGk3wUC48bdM8RKpnuEcbgSK1-QQ==
55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
92 KB
93 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 19 May 2022 03:34:07 GMT
x-amz-version-id
Df8tbWVkWhSvcwDYzwCLqzd78iw0rD2H
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 15:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27459001
etag
"49e2d3fbfeb102084be57d44c2246bb6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
94271
x-amz-cf-id
NvCarTdX7bK0ZZh3EhrcEFUGMEHEvgNdB-426SPtf_qO7Ax0f0YI9g==
d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
22 KB
22 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
57Z4rctKvSvLXDtNryODFyZ06WhO83xm
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"4b457e95483072fff9080800977a4a8c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
22266
x-amz-cf-id
TO_jRXc86BhYqyHv-SXN7AS0F-zQ-ObZq6rE_PuDVbPZd1D5aEy8mw==
bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
73 KB
73 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id
cXUtwpU3l2sc7Veu3DhMl39KIvBdMq_a
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:12:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
6773352
etag
"866a3982d7193270694f5153cacfd6f1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
74374
x-amz-cf-id
GGcPAdjxAP13Fj6SZd5LerOSz01exwq2ySGKmo9G_8Zug659a976lA==
d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
17 KB
18 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
Z4M_LCkc.M8ClC9_zciJCkEqb3ywXWvJ
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"1ec345ee01c3de0754cc0a131de2cc90"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
17818
x-amz-cf-id
qUhyJpeXPE-zaZIXu4OxpxA8AU2N-IrRffGwsW8ifUT2NZlvkuvNow==
a72f1bbb-lr-283136986-1_109o0en000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
51 KB
51 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a72f1bbb-lr-283136986-1_109o0en000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 18 May 2022 09:30:57 GMT
x-amz-version-id
C.IAXR_JjUZl40YZ52LWSx90d4jP2Zi5
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 15:31:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27523991
etag
"6de55b9cb1893772e0b63bbbfd24d503"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
52060
x-amz-cf-id
mcwtwsiHE-gCSQNZks5ZuzWexHnfUNeRDnrNN67zBQ_HIQ78NOSlpg==
d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
26 KB
27 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
8nuDet0zaeGYit7InuYG43BO.ktJdhos
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"e0f67241c0cda7c8283f88e34e2a62b1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
26863
x-amz-cf-id
JE8smbQCcZZS9Svj2Sm_6EjRuFhi96rWum_KjzhBAQYVj94_s5mUtA==
da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
45 KB
45 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:06:39 GMT
x-amz-version-id
fwBkXL8dGrCuLZHxPzAJPHJJ1oyGBmCS
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14810249
etag
"95c55c95d92c456dd43b16b64f4b3ff5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
45619
x-amz-cf-id
0X1Vo5sAHlXx2L7upqIE1l6FCJNHS3Swrm_q6H-lj9lTKD_ZZqGbCg==
5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
1 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:06:39 GMT
x-amz-version-id
jJFo9RnN8p23UXxRXBVPmegkgFS8vtSp
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14810249
etag
"6f566bf0ca15c5ac601a04d4b7fb5559"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1092
x-amz-cf-id
-6uFJWFD4jAGJR0yX1hQbWVkDRKIwpAva3_7OcoUoV0yHxZ6wOTcaA==
50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
926 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
PC7CQy0eDmnyFroGiTD0c1PbMiLbiVUs
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"c4dea36dfe1ed65d42e45c3b855c61e3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
926
x-amz-cf-id
ivQ_SAOrKPcMHMEj0wGEozwS6Po43WQobr8u6cGCEpHX0IXvdj7SGg==
56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
16 KB
16 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 16 May 2022 01:16:29 GMT
x-amz-version-id
sK6LIXh1k1w9Dq4.v3dWdrNMX5Dbmmh0
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 21:29:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27726459
etag
"8ca90ce9d5610ced95d378903074b5dd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16228
x-amz-cf-id
SxAiFIudkQiq9n7-f0J3-dqmvfHHo8qmObW_fM6bl2_M6CtKkhsasg==
0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
67 KB
67 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 18 May 2022 09:30:57 GMT
x-amz-version-id
w_ilv_nYoKh_ojcycrmfG9bUH5LJZmTy
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 17 May 2022 15:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27523991
etag
"8a35e1ec124590183b3b65717bbdf858"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
68470
x-amz-cf-id
Bj7Xh5CphBAEEO8WNPG-R8h0_HBi2YveJKu74LwgmYCFr3z7DCRppQ==
52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
308 B
700 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 23:25:47 GMT
x-amz-version-id
__G13ZuuJBjbuwqXEUHaUQ9DXsqL09d5
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16155501
etag
"664e0b74b02a5184054577ac4e266e5d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
308
x-amz-cf-id
rK_nFcyp1Xg2L8uLDqt0HNkQpzGuBi8a_VgQrixE0cADv3SDtfVGqw==
7f01bac7-five-stars-original_103m012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
778 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/7f01bac7-five-stars-original_103m012000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
T_eIj8pVjP0mam_BgH3cQxCSHzP_7kjP
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"918ec8903473fef53c9ba0b9cf21cd8b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
778
x-amz-cf-id
ss0YnWw8-wEo2cQEYsv6aVNQkcGHtvTvNKA6FE4BBKqr0TiizwoFGQ==
8c77d1de-rightarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
1009 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8c77d1de-rightarrow-angle_102n02m000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
LcB.d91X4q7v9W5oMFNrL3MIqDw0oZCv
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"6eeccde26d2dc7f37f4370ec5f7bdef3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1009
x-amz-cf-id
6bdKjp0ymlfoYOfm2nN8KKxoKGGtUPiKq6_lWwNvuCw5v1yXH-fQmw==
382a6532-leftarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
1 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_102n02m000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
_KOnTR6u5yg_uENEe_gTscmxD1eOdtDj
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"38636c9904e9e46c854a0c55d99255c9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1060
x-amz-cf-id
TrW88NikdrrAQ5nR66nI9Maz3kIRveVGlt5KfimcP1Ie79drk5oQHw==
382a6532-leftarrow-angle_1046045000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_1046045000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 16:03:49 GMT
x-amz-version-id
.Zw3kpL7phu2GR6zNnjuADYt2b1Ja27u
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 21:02:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
12121219
etag
"c1a8b03787621838c3a03591dad5f219"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1875
x-amz-cf-id
YYmwrRqx-V6qbbCkY4nE89TO23Rxbg4I9LdNQbZ0usdi7KyRsYtD4A==
0a4cf109-rightarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
1020 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0a4cf109-rightarrow-hr_102v02w000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:06:39 GMT
x-amz-version-id
fv0vUPoVHNUL8aLL._iWY0GjxhixSED9
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14810249
etag
"efe6e12ca3ee76495ec9ae8ee9198ca5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1020
x-amz-cf-id
IEpqd17gKx6OQVmu11Fx68eAzq5nFWVqvRu0xS5hsjY-4BDVoZ5Hdg==
29f0369a-lefftarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/29f0369a-lefftarrow-hr_102v02w000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 23:25:48 GMT
x-amz-version-id
b1D4RUmC9fnmonM6vfCLmVNLXjR9hkLJ
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
16155500
etag
"032c54654550e68afaa8897a89466d3b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1155
x-amz-cf-id
QTxaOA1rFcDZx-Zt_vcP7kdzu_3ky4J8crfMc43MBLtO63GaopcTFA==
32f07f71-whitecheck_100m00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
464 B
856 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100m00t000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 07 May 2022 18:51:48 GMT
x-amz-version-id
ZtphmbbSCuoCdS_IToRdo0vbD3kyuYmD
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 21:29:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
28440740
etag
"a04ce831c57d2ab68e6238b18207182b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
464
x-amz-cf-id
kSGonDHi3Sx0UUxc--pKCHAjzkc_RqFw4Na1K5ZGUZuKU_97VQlcsA==
70db8b32-gr-charleyhull-color-square1643654151841-1646087587850.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
382 KB
383 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/70db8b32-gr-charleyhull-color-square1643654151841-1646087587850.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
042095a945a89bdee47dce9e27f452ee539aaa495f247e0967ae28ef37ac8d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 00:59:58 GMT
x-amz-version-id
ssynUVKzXkiwRROylJsL4YFw5HbhUVyE
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:12:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
7077850
etag
"eebff3d5cbe85e83397993d25c26a739"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
391562
x-amz-cf-id
iEGc6BxkQIlP71hPb8_GtTJAJvdM-FvvI6cbwsPpRtJQNf2BX0H5lg==
9e30cf5c-upwellness-marketing-chrissy-oneill-co-south-florida-wedding-photographer60-1-1646922951104_10b10b100000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
16 KB
17 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/9e30cf5c-upwellness-marketing-chrissy-oneill-co-south-florida-wedding-photographer60-1-1646922951104_10b10b100000000000001o.jpeg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
780dd06801c452a3e54f4c9571c34c58c8de41420e1c94098e122b9b5bf7ebb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id
nfT9OCCYc3WOpeSPjJO8NkoQ5uaZhnRc
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:12:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
6773352
etag
"e740fdf442268622328ba5ff3657a223"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16570
x-amz-cf-id
mEcQDtXOt-n8hWWpOf04Mca3UpEbEUcsAKPmBg5lPJRr1WItPtHaIA==
85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
11 KB
12 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
olYWBB7sUhrZfiAXN2g0lnQYzSt.t5_t
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082382
etag
"5cb3c3f5b3507c11c9caac73d0935f02"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
11539
x-amz-cf-id
BZwaBd8H3VZ_gjQJhqNRttqSubQYtywUnzV-0hOwHrFetjxbHQ1CyA==
8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
56 KB
56 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 20:17:43 GMT
x-amz-version-id
BHlwnlpYBIYP7VxO8QvZ00xP27mRrXF8
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
22214785
etag
"b1ac86144722d6bb5139c086266e3a29"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
57139
x-amz-cf-id
J0ogVVc1PUXev24wThQqDzgfW-eK9yjgIi243hrl_z2OdJ_mEuNJjQ==
2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
62 KB
63 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id
K7YKh2rVKtdI_R7tjush7xnrGERPd59L
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14082383
etag
"c20ef03d9c4142b86e99acdee2bda368"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
63662
x-amz-cf-id
lNt1cLFmygUnMmDcYR7rzeHdFiO0mwkuYIVMcZh9ly6xyT8pvWnhOw==
85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
41 KB
41 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 20:17:43 GMT
x-amz-version-id
G9sOCdCokvJnPdIwzdpdg2bhrUJfkb1m
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 19:03:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
22214785
etag
"3a2b95d01cb23a2899f17b0099a335ca"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
41717
x-amz-cf-id
ZRMINP2d4xjbvkzN1INcY7oUSa3jrNVlSSMmffLXhfB549TpnWqRiw==
85dd4373-newshadow-goldenrevive-rt-front_10910h3000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/
49 KB
49 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_10910h3000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5444b48af5940e46bff886e60bba6fc2c1c6705f30a1c8d0577d710fcb9b5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id
H0wxkeJZ4SkZWEVSfBb2GhffTpS9zniI
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:12:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
6773352
etag
"2b195f509b97cf523257ce393cf5e75f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
49713
x-amz-cf-id
TcJJcDeOlC8H7uEEbniz9n3Y-tTzNNFwGfLXdSaV7iM-CfpBGz4G6w==
index.html
cdn.useproof.com/proxy/ Frame 95EE
325 B
816 B
Document
General
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, no-transform, public
cf-cache-status
DYNAMIC
cf-ray
7b1478288c62920b-FRA
content-length
325
content-type
text/html
date
Sat, 01 Apr 2023 23:04:08 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OmyBeHj0aHYmjXIE8gNOw%2Bp8qAFev5zZ%2BdOZYDmabmDJVLX%2B4pQfktpiiSARciRlFCyArb94t8mPOVfxVjvH3aMCX9FPMiqVGYxr%2BiYwAzo3i9a%2FDVlEN0Ycsb0aK0v96rjygoK060KNx28eZPN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
Nis4hqft/sdDnbNsSXhqifqkt+q5zLg8Du9b+FG7oepPt6aJSPINxTSG4OtbQO26cKageqv3pgo=
x-amz-request-id
ZRHBM6CSYZVV3QTZ
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/
0
538 B
Stylesheet
General
Full URL
https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.4727112147870025&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.116.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-116-169.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:07 GMT
server
Apache
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
302615157369859
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/302615157369859?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
152c160410af5f711c1a295bce01dc67db937b5ff0542a47ce08e2d49981b118
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 01 Apr 2023 23:04:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
RP12hg6v0ButkvyWzvorJq5eSXdCe3Nk+F6UyqW+ZKQlapU0iAIDzQgiXGbLEYDshoA8VBStFVcvlf1FRhpexQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
27015508.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/27015508.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sat, 01 Apr 2023 23:04:07 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5208DF2E30C240E69BF246A37FC504B5 Ref B: FRA31EDGE0616 Ref C: 2023-04-01T23:04:07Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
287 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=fc0fb529-2951-471a-a888-2a576491845a&sid=8196a3a0d0e111eda8a0933363ba4b38&vid=81969680d0e111edba715dd99176c2d5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&r=&lt=2654&evt=pageLoad&sv=1&rn=839356
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 01 Apr 2023 23:04:07 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 267855FFD58A425AA8A6D76E6912E49A Ref B: FRA31EDGE0616 Ref C: 2023-04-01T23:04:07Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
a18adcb3fe4d694342677106235399fede11a10f.m3u8
embed-cloudfront.wistia.com/deliveries/
13 KB
14 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 13:44:12 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
465595
edge-cache-tag
a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
208
content-length
13708
surrogate-key
a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WoVYbs5ewW1Tys7O-fJzbR-Jkqh6Y_ImNcDgrSMqkNy_OTVhUmwE5A==
expires
Tue, 26 Mar 2024 13:44:12 GMT
modules.76304821fe35d593f0f4.js
script.hotjar.com/
264 KB
68 KB
Script
General
Full URL
https://script.hotjar.com/modules.76304821fe35d593f0f4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 07:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
227280
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68985
last-modified
Thu, 30 Mar 2023 07:56:01 GMT
etag
"fa9caf97b169b97f64425fac5776898a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
GfxY0FV9IYUzp9MWw1QJeX1HmTuZVhZcHv2fyZ19UjJ6Vg6WPTxt6g==
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ...
  • https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ...
8 KB
4 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ05pSWk0MCUyRkVPSkhtU2RqanowMWo2OTVGSFA5UmJ1N3F1VTNSWXBrcEk1N3FsJTJCVFM1ck1YOVFJOGIyeG4lMkJnSTM4a2Fnd0VXdVNKRG9XSzhvekxEaktqVzN1SlBiOWVHR2RKMHRZU0UxZVo0dkxXd01hYzFSQSUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1029a6681efd5683f702ef55da9a4c%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&dtycbr=61837
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3a2e0c94b9c305e759b47b269c0a851d60dd3125772a3fdce7caa33607b21d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
30369961
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ05pSWk0MCUyRkVPSkhtU2RqanowMWo2OTVGSFA5UmJ1N3F1VTNSWXBrcEk1N3FsJTJCVFM1ck1YOVFJOGIyeG4lMkJnSTM4a2Fnd0VXdVNKRG9XSzhvekxEaktqVzN1SlBiOWVHR2RKMHRZU0UxZVo0dkxXd01hYzFSQSUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1029a6681efd5683f702ef55da9a4c%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&dtycbr=61837
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4995617
timing-allow-origin
*
content-length
0
expires
0
seg-1-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/
2 MB
2 MB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 10:26:27 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
359229
edge-cache-tag
a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
309
content-length
1690872
surrogate-key
a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XLfYd_gg2vvlsPoT2v3fHqdP0ek0k_KZXB4tiGhtECNMKWZmbQAGsg==
expires
Wed, 27 Mar 2024 19:16:58 GMT
sp.pl
sp.analytics.yahoo.com/
43 B
632 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2001%20Apr%202023%2023%3A04%3A08%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sat, 01 Apr 2023 23:04:08 GMT
sp.pl
sp.analytics.yahoo.com/
43 B
246 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sat, 01 Apr 2023 23:04:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 19:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4074986
x-amzn-requestid
509c95d3-d3f5-450b-8dc9-809d9e060ac8
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ASqTvGLXoAMF24w=
content-length
23578
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63ea8a7e-62e0d88b0540430257ad28f9
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
I8r03Wzpzld_AF9RR0FWcinHZEzF78PXrvIvJiO5BnNVSxS0tn5-SA==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 22:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23040
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4061993
x-amzn-requestid
35ad0eaa-45b2-44ed-8c1f-e72d038ed981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ATKCBHF_oAMFswA=
content-length
23041
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63eabd3f-2544a270629baf0b10ca5257
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
adwktjG5R_BMgCCM4qyN87B-6oOjsuUgCE2f5aOOfxHvj4HRsvgg_g==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v23/
22 KB
23 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 07:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
22504
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
11115464
x-amzn-requestid
0eeca113-a111-42bc-b382-515fe732dea1
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cGFpGHoNoAMFi6g=
content-length
22518
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637f1ca0-4c4051a9384d4ea536c98450
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
meIFanE2d-d_nXI9lRbGVfgaQa6q5__ka3vn4MScXaTCQ2qSk2m69A==
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.ub-assets.com/fonts/s/lato/v23/
24 KB
25 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 02:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
24448
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
11134603
x-amzn-requestid
5c78490c-903c-4244-8d05-c500e0575a9c
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cFW6lFbuIAMFk1Q=
content-length
24405
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637ed1dd-6ec8de144f04329e1800368c
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
kEFaxcJM4K3t1pCTrhCmZ_atFx8S5kW1k8H73a0-toZvsnxUDb0kiQ==
TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/
25 KB
26 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 08:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
25372
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
11111194
x-amzn-requestid
877691e5-3417-4b49-8163-f0c54f281c49
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cGQESGUNIAMFSjg=
content-length
25400
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637f2d4e-35b3abcf63b80835248cde86
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Dn86GBqGX7YglMiYSN5LCJGfJPgGPS_7yVo8UJAnkoyr77fcgmmYpA==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
/
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 02:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23236
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
11134604
x-amzn-requestid
d5f0e607-e4e8-4d89-987f-0b390146696c
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cFW6aFQnIAMFqyg=
content-length
23067
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637ed1dc-294102c971ae42444a896f1f
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
umXUebcwhsQ28gj7W53paKTfRIBJILal0Gbz9vrST9I5PKw-EahXEQ==
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&if=false&ts=1680390248155&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&fbp=fb.1.1680390248154.1250324485&it=1680390247866&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 23:04:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&if=false&ts=1680390248157&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680390248154.1250324485&it=1680390247866&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 23:04:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&if=false&ts=1680390248159&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&fbp=fb.1.1680390248154.1250324485&it=1680390247866&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 23:04:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame 95EE
389 KB
114 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/4.5.0/firebase.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116073
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 14:56:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 18:05:15 GMT
proxy.js
cdn.useproof.com/proxy/ Frame 95EE
112 KB
112 KB
Script
General
Full URL
https://cdn.useproof.com/proxy/proxy.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/proxy/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
x-amz-version-id
FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KANG42Q0C9APJ6FB
age
24605952
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
114404
x-amz-id-2
8PDk2zGeJ79BDndcONzUIVPyJ10oJ43AbUXFVlgVD4ErQCUWnKIxBTOInl/86yz5l1g6xaTGwO4=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"9f4d60f4f2b143cadacb2b8b3a901401"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOnWFUQ7AmgQEogF1wYHW7jba8RdYvllFB%2Fj7RmI80PIdxTSZ5KsB9mYL1HAg271nDsB7BX3zdEkGTXyweP55CshY8dthIdyzdCKJv0hMlCbQlkaqa%2BLFwNiPnv4EJFVogRvh1uQ%2FvoxTOqSgQxJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
7b14782b3e29920b-FRA
66177e2a-e259-4231-bef0-da18063f7fc7
https://pages.upwellness.com/
89 KB
0
Other
General
Full URL
blob:https://pages.upwellness.com/66177e2a-e259-4231-bef0-da18063f7fc7
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
91220
Content-Type
text/javascript
trtc0limNRYJwhvfi9uRqUFQo0w1
api.useproof.com/pixel/ Frame 95EE
787 B
1 KB
XHR
General
Full URL
https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
content-encoding
br
x-amzn-remapped-content-length
787
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
81098e81-d33d-49c7-bad3-15f3fffeb570
surrogate-control
no-store
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
CuHAZHxaIAMFZIA=
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
etag
W/"313-+rkeP2UpHjKs6MCqLnNipDqgc1I"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0sDSJeWgCI8IATjKvYRE%2B%2FO8uWacdS8PVMd2%2FeAr93bt%2FnaMxiCLuKe7dC0VAQFUpbKTFJJH1KUPB2kccsnVK9FlQ0ujBg5CWfF5mvw4F7c2K2GYrzexLzC%2FRbfg8rJt54xM7puxxBmAiITvG%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
7b14782cddf368fb-FRA
x-amzn-remapped-date
Sat, 01 Apr 2023 23:04:08 GMT
x-amz-cf-id
H7-R8W2U3ifdMo2c91teETuS68WyFfW1qtOssLfNY1oBxwoNmD78nQ==
expires
0
577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8
embed-cloudfront.wistia.com/deliveries/
13 KB
14 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 08:31:10 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
570778
edge-cache-tag
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
76
content-length
13708
surrogate-key
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
168FKnSxbDiVQlxn0CLsMtEpRol2U_7mbhpE_6oDo2zOYz62IkwF6A==
expires
Mon, 25 Mar 2024 08:31:10 GMT
seg-2-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/
268 KB
269 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-2-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 13:17:58 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
294369
edge-cache-tag
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
110
content-length
274104
surrogate-key
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DWHny7m6rlpDFgQ4Bhc4PJvANdEx88vZ04p9FNSWps5Hs4V31aI5dw==
expires
Thu, 28 Mar 2024 13:17:58 GMT
seg-3-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/
265 KB
266 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-3-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:30:19 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
214429
edge-cache-tag
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
120
content-length
271096
surrogate-key
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
p59Pc3GP_ISIfp_vS75oHKoJ9Mh48cLb2RjurzbXXJmZrqho-uPEzw==
expires
Fri, 29 Mar 2024 11:30:19 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/
59 KB
16 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23d80fbefcb0dad6d0c58d575b7bc7a0c1afe369e2880eeb0b86d27ac0879237
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2914
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
16047
x-served-by
cache-iad-kiad7000105-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390249.613059,VS0,VE0
etag
"0063f37b2bcd96520ff3a8de3c0d036e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
46, 69
iu3
s.amazon-adsystem.com/ Frame 8F77
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...
1 KB
2 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900&dcc=t
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1029a6681efd5683f702ef55da9a4c&n=tune&AFFID=477232&subid=115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
17a92698df3697d3b11690ad4e7972c6c409ba49aabe9585f05d69a10cbba1f1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1429
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 01 Apr 2023 23:04:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
52W7YG90288WXTRXVC9Z

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 01 Apr 2023 23:04:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
7CS7YZSHJRD39J27VQYD
ct.html
ct.pinterest.com/ Frame DCE0
565 B
426 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sat, 01 Apr 2023 23:04:08 GMT
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
7749887020864935
mput
pipedream.wistia.com/
2 B
136 B
XHR
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.213.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-213-160.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:08 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
sync
x.bidswitch.net/ul_cb/ Frame 1330
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30
43 B
345 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30
Protocol
H2
Server
35.158.72.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-72-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Qp0IZHLLYB-GO5iyIGSgqVyfLtYXR0LATdv9oA&expires=30
date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1330
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-hVxClnLLYB-GO5iyIGSgqVyfLtZh0lnPzJqBwg&google_cm&google_hm=ay1oVnhDbG5MTFlCLUdPNWl5SUdTZ3FWeWZMdFpoMGxuU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVxClnLLYB-GO5iyIGSgqVyfLtZh0lnPzJqBwg&google_gid=CAESEEUe9VUKpPo4nlPCSILc6hk&google_cver=1&google_ula=913071,0
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVxClnLLYB-GO5iyIGSgqVyfLtZh0lnPzJqBwg&google_gid=CAESEEUe9VUKpPo4nlPCSILc6hk&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
673716
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-hVxClnLLYB-GO5iyIGSgqVyfLtZh0lnPzJqBwg&google_gid=CAESEEUe9VUKpPo4nlPCSILc6hk&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1330
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8031681129766253805
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8031681129766253805
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1126601
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 01 Apr 2023 23:04:08 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
62a7e6ca-105b-48b6-803f-c14153887e06
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8031681129766253805
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 1330
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-njNxEnLLYB-GO5iyIGSgqVyfLtZvDUfqYGP1UA
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-njNxEnLLYB-GO5iyIGSgqVyfLtZvDUfqYGP1UA
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-njNxEnLLYB-GO5iyIGSgqVyfLtZvDUfqYGP1UA
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:08 GMT
AN-X-Request-Uuid
6f966c4d-3a14-4556-9a17-4e3dc15767b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:08 GMT
AN-X-Request-Uuid
626bd4f8-de40-43b7-9035-677f2a9411a8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-njNxEnLLYB-GO5iyIGSgqVyfLtZvDUfqYGP1UA
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 1330
61 B
802 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Y4itanLLYB-GO5iyIGSgqVyfLtZ1OhA-mQdXAg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 01 Apr 2023 23:04:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sat, 01 Apr 2023 23:04:08 GMT
tap.php
pixel.rubiconproject.com/ Frame 1330
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-a9XPL3LLYB-GO5iyIGSgqVyfLtbHAxWt8aMqVg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 1330
0
363 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-OXbdBHLLYB-GO5iyIGSgqVyfLtZN0Bxhs9e3rw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.230.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-230-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1330
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-SvcnynLLYB-GO5iyIGSgqVyfLtZG5eR1U9Ty5g
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1330
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-RStL6XLLYB-GO5iyIGSgqVyfLtZcIfYrsS_fGw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28263
um
criteo-sync.teads.tv/ Frame 1330
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-7fItNHLLYB-GO5iyIGSgqVyfLta8fQzxwZ9cCg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Sat, 01 Apr 2023 23:04:08 GMT
pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 1330
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-PAkSNHLLYB-GO5iyIGSgqVyfLtYMFfDMvF8xRA&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 1330
0
399 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-CZLBVHLLYB-GO5iyIGSgqVyfLtb84cH3E_HF2A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 1330
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-W1t7cXLLYB-GO5iyIGSgqVyfLtZEXYu8sFo99Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
last-modified
Mon, 04 Oct 2021 14:04:49 GMT
server
nginx
accept-ranges
bytes
etag
"615b0a01-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 1330
49 B
235 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-ClPwAXLLYB-GO5iyIGSgqVyfLtYO9NMQH1UfMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 1330
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XpduEHLLYB-GO5iyIGSgqVyfLtZr9SCiv2eJuA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XpduEHLLYB-GO5iyIGSgqVyfLtZr9SCiv2eJuA&C=1
43 B
766 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XpduEHLLYB-GO5iyIGSgqVyfLtZr9SCiv2eJuA&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-XpduEHLLYB-GO5iyIGSgqVyfLtZr9SCiv2eJuA&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
demconf.jpg
dpm.demdex.net/ Frame 1330
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ismv2h3PaVhzjC8LE5uBIdoqsKUOeyLm
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ismv2h3PaVhzjC8LE5uBIdoqsKUOeyLm
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ismv2h3PaVhzjC8LE5uBIdoqsKUOeyLm
Protocol
HTTP/1.1
Server
34.249.44.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-44-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-0d6696b06.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
n0eVLYUESaE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v046-0d7e6a16f.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
l7D8m7gbQaE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ismv2h3PaVhzjC8LE5uBIdoqsKUOeyLm
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ad.360yield.com/ul_cb/ Frame 1330
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-CFLEkXLLYB-GO5iyIGSgqVyfLta8SHhqiz7yzg
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CFLEkXLLYB-GO5iyIGSgqVyfLta8SHhqiz7yzg
43 B
447 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CFLEkXLLYB-GO5iyIGSgqVyfLta8SHhqiz7yzg
Protocol
H2
Server
54.216.181.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-181-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:09 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-CFLEkXLLYB-GO5iyIGSgqVyfLta8SHhqiz7yzg
date
Sat, 01 Apr 2023 23:04:09 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 1330
42 B
274 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-I3vUenLLYB-GO5iyIGSgqVyfLtZwvOopKvAzrA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 1330
0
884 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-m58wsnLLYB-GO5iyIGSgqVyfLtY6mjy0LxAf_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.141.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-141-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 1330
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-gVP0RHLLYB-GO5iyIGSgqVyfLtZfo_kscXi7oQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 23:04:09 GMT
Cache-Control
no-cache
X-TraceId
dc78c002554a5cc9aac084036c928a04
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1330
42 B
582 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-rwHSPHLLYB-GO5iyIGSgqVyfLta9GRK1Bg_Kag
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 1330
43 B
407 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-ix_jpHLLYB-GO5iyIGSgqVyfLtaW_77U6rjUCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:5e0f:bbb8:a1ca:1064 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 01 Apr 2023 23:04:09 GMT
server
Apache-Coyote/1.1
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 1330
43 B
153 B
Image
General
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-3YMwaXLLYB-GO5iyIGSgqVyfLtYF-nAGr77yWA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:09 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 1330
0
400 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Jhe2C3LLYB-GO5iyIGSgqVyfLtZp1VEcFlJjSw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.187.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-187-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 31 Mar 2023 23:04:09 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 1330
0
38 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-Q_jIfHLLYB-GO5iyIGSgqVyfLtYLDYpGnqqlow&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.84.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
content-length
0
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d
  • https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-fps&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d
  • https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
3 KB
2 KB
Script
General
Full URL
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Protocol
H2
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
744035b44b3a8036af2d187ea0d9a95876fa22078a3e899dc02352867cc17a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
content-encoding
br
x-frontend
cc-nginx-54f86d7794-99q8g:cc-nginx-54f86d7794-99q8g
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
30eeb57b-3000-4fd3-8c66-93b63bcd150e
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kik5kasBhEgzCcRy89y3UsLe0lZM5oWqlYpZJyE5savQBdHC1EaLu5B08wOcseEM5QDr%2F6lA2BDuzf4qtwa14pffQRu0IxRjxRE%2B5Cd%2FEUsTMr4GhdbYWX%2BgJaGPF5WomixrV4cMXPFxMgiipuWKkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
7b1478331d6a366f-FRA

Redirect headers

date
Sat, 01 Apr 2023 23:04:09 GMT
x-frontend
cc-nginx-54f86d7794-kq55x:cc-nginx-54f86d7794-kq55x
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
379b0d03-cfcf-4b55-92a6-f28b4f69ef94
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGL4%2B73fLKnPAL4ezAVvoW7OdTTeZyOAOhxFCd7M5XbWzGbN24MQhiA44n3cUa%2B4ZG%2BaIwV9TsJK63t3i6QYamU6Od10vggEhzsftmxyF3sdPNi1tpMOo6QKny%2B8DlEnLv%2Bo2k5GvTkHhEYCVjgmSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
location
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
cf-ray
7b1478321c50366f-FRA
externalIds
io.v2.customerlabs.co/
0
0
Image
General
Full URL
https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d&id=cl4975ot4arrr6&uid=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-191-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

interFontFace.js
fast.wistia.com/assets/external/
44 KB
18 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/interFontFace.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8fb6fd9cc5b9c9629d9877e2934bcf8ebb01d7a546e3882dc26d0b9d603f8d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3000
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18156
x-served-by
cache-iad-kjyo7100175-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390249.647709,VS0,VE0
etag
"d2edcc75b2e78ecab471dbf94e1b7bdf"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19, 29
seg-4-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/
276 KB
277 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-4-v1-a1.ts
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 08:08:22 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
312946
edge-cache-tag
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
177
content-length
283128
surrogate-key
577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZsoAndrY4g7J5raHAyKdJF26gwm8PcikTPDl2pGtXTTZS3EIMMzkYg==
expires
Thu, 28 Mar 2024 08:08:22 GMT
blank.gif
fast.wistia.com/assets/images/
1 KB
2 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pages.upwellness.com/
Origin
https://pages.upwellness.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
55, 2407
date
Sat, 01 Apr 2023 23:04:08 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
85708
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kiad7000052-IAD, cache-hhn-etou8220076-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 23:13:56 GMT
x-timer
S1680390249.663290,VS0,VE0
etag
"64276934-4be"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
e8xcaqkjm4.m3u8
fast.wistia.com/embed/medias/
935 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
age
1
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length
935
x-request-id
05ef33207cca862e2f3809307594587b
x-served-by
cache-iad-kjyo7100147-IAD, cache-hhn-etou8220076-HHN
x-runtime
0.030134
referrer-policy
strict-origin-when-cross-origin
x-browser-version
111
x-timer
S1680390249.664449,VS0,VE0
etag
W/"0fa56fcfcf95ba949a3a9883d09eca6a"
x-download-options
noopen
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
625, 2
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&if=false&ts=1680390248677&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40id%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fe8xcaqkjm4%22%2C%22%40type%22%3A%22VideoObject%22%2C%22duration%22%3A%22PT7M34S%22%2C%22name%22%3A%22GRP_FPS_MINIVSL1%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2F9c999aa0107b556d5cd5f59d9dd7e014.jpg%3Fimage_crop_resized%3D640x360%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fe8xcaqkjm4%3Fwseektoaction%3Dtrue%22%2C%22uploadDate%22%3A%222021-09-22%22%2C%22description%22%3A%22an%20UpWellness%20video%22%2C%22contentUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2Fa18adcb3fe4d694342677106235399fede11a10f.m3u8%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SeekToAction%22%2C%22target%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%26wtime%3D%7Bseek_to_second_number%7D%22%2C%22startOffset-input%22%3A%22required%20name%3Dseek_to_second_number%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=3&o=30&fbp=fb.1.1680390248154.1250324485&it=1680390247866&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 23:04:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
unip
trc-events.taboola.com/1225872/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1579&scd=0&ssd=1&est=1680390247288&ver=36&isls=true&src=i&invt=1500&msa=16030&rv=1&tim=1680390248868&vi=1680390247286&ri=a68971e90f85ed1ae61a4c89f6824618&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1523626/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1580&scd=0&ssd=1&est=1680390247288&ver=36&isls=true&src=i&invt=1500&msa=16030&rv=1&tim=1680390248869&vi=1680390247286&ri=c70ea899b266b5417c8ce917ccf58fec&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
register
live-visitor-counts.herokuapp.com/lvc/ Frame
0
0
Preflight
General
Full URL
https://live-visitor-counts.herokuapp.com/lvc/register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-248-82.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.useproof.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin,Content-Length,Content-Type
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin
https://cdn.useproof.com
Access-Control-Max-Age
43200
Connection
keep-alive
Content-Length
0
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
Cowboy
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Via
1.1 vegur
register
live-visitor-counts.herokuapp.com/lvc/ Frame 95EE
0
200 B
XHR
General
Full URL
https://live-visitor-counts.herokuapp.com/lvc/register
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-248-82.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://cdn.useproof.com
Date
Sat, 01 Apr 2023 23:04:09 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
0
Vary
Origin
track
analytics.proofapi.com/ Frame 95EE
74 B
721 B
XHR
General
Full URL
https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252200045a45-6476-4594-8887-b747c1f88793%2522%252C%2522captureIds%2522%253A%255B%2522-LOTAsTUT3N4RJrbQ3gp%2522%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522notificationId%2522%253A%2522-LOTAsTUT3N4RJrbQ3gp%2522%252C%2522campaignVariant%2522%253A%2522-MnloSbpswbbq1Mjqbrx%2522%252C%2522campaignVersion%2522%253A18%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1029a6681efd5683f702ef55da9a4c%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-fps%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522activityNotifications%2522%253Atrue%252C%2522liveVisitorCount%2522%253Atrue%252C%2522hotStreaks%2522%253Atrue%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1029a6681efd5683f702ef55da9a4c%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01%2522%252C%2522actionBlurb%2522%253A%2522Purchased%2520Golden%2520Revive%2520%252B%2522%252C%2522activityLimit%2522%253A10%252C%2522restartActivityList%2522%253Atrue%252C%2522visitorThreshold%2522%253A2%257D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
694dc392a90a82821a2bbaf4e7c3cb73c99e476527e55430a7388baa3c0fd3ae

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"4a-N1I7d5/W1mYwyfmN9jtwryRAe8M"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.useproof.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PepWRaF7cyAVFvJfRiDnv40po7ekbGEXWuhWs849pzRKvkOJKmhitfy7yNasfb4KLj5m6rqom2CdAJ2BHLmdBslQs9ybNfERhduQwhV5lECa%2FyBLTKcw3Oolcfl%2FQK%2FmxMFf1pQ%2B03ZkLMT3WbWbt2VEHUuI"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7b14783029b93837-FRA
access-control-allow-headers
X-Requested-With,content-type
x
distillery.wistia.com/
0
96 B
XHR
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.191.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-191-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
max-age=0, private, must-revalidate
usermatch.gif
beacon.krxd.net/ Frame 1330
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XDaWjW35mDekr_t9bv_SHvXdmBKZNy2l
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XDaWjW35mDekr_t9bv_SHvXdmBKZNy2l
Protocol
H2
Server
52.19.86.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-86-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=82 t=1680390249
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XDaWjW35mDekr_t9bv_SHvXdmBKZNy2l
date
Sat, 01 Apr 2023 23:04:08 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1240744
content-length
0
cl
io.v2.customerlabs.co/
0
324 B
Ping
General
Full URL
https://io.v2.customerlabs.co/cl
Requested by
Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-191-215.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://pages.upwellness.com
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length
0
Access-Control-Allow-Methods
POST, OPTIONS
firstVisit
io.v2.customerlabs.co/cl/
0
324 B
Ping
General
Full URL
https://io.v2.customerlabs.co/cl/firstVisit
Requested by
Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-191-215.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://pages.upwellness.com
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length
0
Access-Control-Allow-Methods
POST, OPTIONS
cl
io.v2.customerlabs.co/
0
324 B
Ping
General
Full URL
https://io.v2.customerlabs.co/cl
Requested by
Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-191-215.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://pages.upwellness.com
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length
0
Access-Control-Allow-Methods
POST, OPTIONS
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&if=false&ts=1680390249154&sw=1600&sh=1200&v=2.9.100&r=stable&ec=4&o=30&cs_est=true&fbp=fb.1.1680390248154.1250324485&it=1680390247866&coo=false&eid=cl4975ot4arrr622ca592f-c274-4a43-a3d2-6077c575ddef&tm=1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 23:04:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/
0
15 B
Image
General
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01&rl=&if=false&ts=1680390249178&cd[start_time]=2023-04-01T23%3A04%3A09.164Z&cd[customerlabs_user_id]=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d&sw=1600&sh=1200&v=2.9.100&r=stable&ec=5&o=30&fbp=fb.1.1680390248154.1250324485&it=1680390247866&coo=false&eid=cl4975ot4arrr6c3031528-9dc4-41af-8fd0-efea36a491ad&tm=2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 23:04:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
trtc0limNRYJwhvfi9uRqUFQo0w1
api.useproof.com/reporting/captures/ Frame 95EE
2 B
463 B
XHR
General
Full URL
https://api.useproof.com/reporting/captures/trtc0limNRYJwhvfi9uRqUFQo0w1?pixelId=trtc0limNRYJwhvfi9uRqUFQo0w1&integrationId=-LOTAsTUT3N4RJrbQ3gp&limit=10
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
42b72952-ed5f-4741-9e40-bbb73de51908
surrogate-control
no-store
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
CuHAhGu4IAMF7qQ=
content-length
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tah990USq2JU27aqhCGLz0zVqClfKcadPpv1SgaEzOznMkVnLZ99XXQU0sg0x5hfqd3LM3DowA%2FjaHPCQyKXWbUJPZudKP1de2DS5gWVhcTNZLf9N1smUUxIIzGNkakP6QeVXg39zadxnbLM%2Bbvs"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
7b147831c9f168fb-FRA
x-amzn-remapped-date
Sat, 01 Apr 2023 23:04:09 GMT
x-amz-cf-id
1gQ6YroXLwuIQ0M8CzsFE6GHotTICoEY070gp2zRenYYvHF26YEPAA==
expires
0
domain
live-visitor-counts.herokuapp.com/lvc/ Frame 95EE
24 B
272 B
XHR
General
Full URL
https://live-visitor-counts.herokuapp.com/lvc/domain
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-248-82.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
643fd78049a2ac54868ac280dfd00582bb9a256d96594cc26f4bdf8e3439f2af

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sat, 01 Apr 2023 23:04:09 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://cdn.useproof.com
Connection
keep-alive
Content-Length
24
domain
live-visitor-counts.herokuapp.com/lvc/ Frame
0
0
Preflight
General
Full URL
https://live-visitor-counts.herokuapp.com/lvc/domain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-248-82.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.useproof.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin,Content-Length,Content-Type
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin
https://cdn.useproof.com
Access-Control-Max-Age
43200
Connection
keep-alive
Content-Length
0
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
Cowboy
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Via
1.1 vegur
pr
s.amazon-adsystem.com/v3/ Frame 2234
7 KB
7 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
744d10422befb3794011e8613afa4c9022cd73a0d2eb1bb2bd5d3e206190c8c9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=980372670530145900&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
6911
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 01 Apr 2023 23:04:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5WBMSEZY1X1A6Q1E5Z7M
mput
pipedream.wistia.com/
2 B
135 B
XHR
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.213.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-213-160.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pages.upwellness.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:09 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
cs
s.thebrighttag.com/ Frame 1330
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sFmFdEIQ_kXZ_IMUVS49yMltAa3-l7sc
35 B
267 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sFmFdEIQ_kXZ_IMUVS49yMltAa3-l7sc
Protocol
H2
Server
18.223.64.90 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-64-90.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:09 GMT
x-bt-requestid
82abce70-d0e1-11ed-aa60-0000ac1702e3
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sFmFdEIQ_kXZ_IMUVS49yMltAa3-l7sc
date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1254513
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ib.adnxs.com/setuid/a9?entity=188&code=Ia4c2rPQTu6TesOxUBtHfA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Ia4c2rPQTu6TesOxUBtHfA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Ia4c2rPQTu6TesOxUBtHfA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YPYYEY98CRRS1Q9T1NG9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
AN-X-Request-Uuid
fe2f2b33-e895-4fb5-97d4-c57f9bc7210b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=Ia4c2rPQTu6TesOxUBtHfA
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=hSldxRa7QlGnz-2TYARw3A&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=e218b79d-090b-4454-bc0d-4004cff2d4dd
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=e218b79d-090b-4454-bc0d-4004cff2d4dd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8E3MNQE6JD5Q9RNXX1RM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=e218b79d-090b-4454-bc0d-4004cff2d4dd
access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:09 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
rtb-csync.smartadserver.com/redir/ Frame 2234
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=s18S4i6jTJucpmED_lj-Ww&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:08 GMT
transfer-encoding
chunked
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268
  • https://s.amazon-adsystem.com/ecm3?id=219833204473005166881&ex=neustar.biz
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=219833204473005166881&ex=neustar.biz
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QN6JMJ8TJ9QAP6VKV0GN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:09 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://s.amazon-adsystem.com/ecm3?id=219833204473005166881&ex=neustar.biz
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=WQkfHt2ERWS2vYf-BjL2Ig&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCi4aAZEPDF2p8lYVlmVBQAA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCi4aAZEPDF2p8lYVlmVBQAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
51NPP6KEJK2338T8MNZN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCi4aAZEPDF2p8lYVlmVBQAA
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ad85cf8ca8546aac3ab1ee8617866f81
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ad85cf8ca8546aac3ab1ee8617866f81
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZFNY8W309H91MPVTRYM6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=ad85cf8ca8546aac3ab1ee8617866f81
date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KQV9Z856X5QS5GK55GY3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date
Sat, 01 Apr 2023 23:04:09 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=MOP70CIFSkeqCE_iC6e6YA
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=MOP70CIFSkeqCE_iC6e6YA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=MOP70CIFSkeqCE_iC6e6YA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9C7F7CQS3ZSQDK6RJ219
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=MOP70CIFSkeqCE_iC6e6YA
date
Sat, 01 Apr 2023 23:04:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=21c1ca4e-9213-4102-ac8c-31712bf4bdfa
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=21c1ca4e-9213-4102-ac8c-31712bf4bdfa
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AQRGXY5ACNCQJWFTQZBN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
Location
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=21c1ca4e-9213-4102-ac8c-31712bf4bdfa
Date
Sat, 01 Apr 2023 23:04:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
  • https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=f12a22b8e6ed480da38fbf33d9d28291
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=f12a22b8e6ed480da38fbf33d9d28291
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CMGGFHTMS2HHBJPT7XS3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=f12a22b8e6ed480da38fbf33d9d28291
date
Sat, 01 Apr 2023 23:04:09 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 2234
0
122 B
Image
General
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=Lrvd6PNhSe-_ghmV5m_vsw&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-js5tb
date
Sat, 01 Apr 2023 23:04:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
  • https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
  • https://s.amazon-adsystem.com/ecm3?id=y-hjPPu8VE2pEmP4Ez5s_L2XLBgVe1gCB8qKhb~A&status=OK&ex=gemini
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=y-hjPPu8VE2pEmP4Ez5s_L2XLBgVe1gCB8qKhb~A&status=OK&ex=gemini
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T4R8TQ956040HS9VGASC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=y-hjPPu8VE2pEmP4Ez5s_L2XLBgVe1gCB8qKhb~A&status=OK&ex=gemini
date
Sat, 01 Apr 2023 23:04:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EAKFYRWDFDAZ2Y7Y1BY4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1680390249616038-383
Expires
Sat, 01 Apr 2023 23:04:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VXK1DRBK5HPGKPTTBMVX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 01 Apr 2023 23:04:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=30KV2YYY3QCJ8DPXP7QD:sn=www.imdb.com
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
Server
x-amz-rid
30KV2YYY3QCJ8DPXP7QD
x-frame-options
SAMEORIGIN
vary
Content-Type,Accept-Encoding,User-Agent
location
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag
noindex, nofollow
x-amz-cf-id
0uYKEKOlOHTq0nwYLgX-4mX_9SLzKFdbk9OX7M5_kP6QSw1ayOOy2Q==
usermatch.gif
beacon.krxd.net/ Frame 2234
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=BeRANamiSjqhoey-Gshfeg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.86.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-86-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1680390249
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
  • https://s.amazon-adsystem.com/ecm3?id=e218b79d-090b-4454-bc0d-4004cff2d4dd&ex=improvedigital.com
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=e218b79d-090b-4454-bc0d-4004cff2d4dd&ex=improvedigital.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1XA59ZBMNKQY878TZB47
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=e218b79d-090b-4454-bc0d-4004cff2d4dd&ex=improvedigital.com
access-control-allow-origin
*
date
Sat, 01 Apr 2023 23:04:09 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel.gif
usersync.samplicio.us/amazon/ Frame 2234
0
186 B
Image
General
Full URL
https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.92.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-92-231.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:10 GMT
x-ratelimit-remaining
0
location
https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control
no-cache, no-store, must-revalidate
x-ratelimit-reset
0
x-ratelimit-limit
0
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10fcfdb6a2a9f8780
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10fcfdb6a2a9f8780
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E5KV3KEPZN885J3DKE8G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 01 Apr 2023 23:04:10 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods
HEAD,OPTIONS,GET
content-type
text/html; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10fcfdb6a2a9f8780
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
critical-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers
Content-Type, Authorization
content-length
94
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VaAn_LHlSHasuFXMLOFmxQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VaAn_LHlSHasuFXMLOFmxQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VaAn_LHlSHasuFXMLOFmxQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KWXYBN6SP6DCP9W5SY8X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VaAn_LHlSHasuFXMLOFmxQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=D5U3gtOYSYWOjym1FFT9Aw&redirectId=2545
  • https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=D5U3gtOYSYWOjym1FFT9Aw
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=D5U3gtOYSYWOjym1FFT9Aw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZSY1CYFA0VJBZX365EJM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=43689445c94675ed4a755e725b7236b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=D5U3gtOYSYWOjym1FFT9Aw
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1680390249751082-427
Expires
Sat, 01 Apr 2023 23:04:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=k2Np0Z9kRHGcrQvHj5EzPw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=59123808017656252062321847423938913321
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=59123808017656252062321847423938913321
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JSMERQ88VADFWPC9F7VD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v046-05db1e5fa.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
pI2VwQwhSyE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=59123808017656252062321847423938913321
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
v2
odr.mookie1.com/t/ Frame 2234
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=c1PqOWhBTXe9ul6Tte0w7A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5887070762062618442
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5887070762062618442
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2CPBKQJGP84GP8WT1JBP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5887070762062618442
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=82fb074c-d0e1-11ed-af82-1ac054420106
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=82fb06d5-d0e1-11ed-af82-1ac054420106
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=82fb06d5-d0e1-11ed-af82-1ac054420106
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XXR0G8J992EG58ZPG27Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 01 Apr 2023 23:04:10 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=82fb06d5-d0e1-11ed-af82-1ac054420106
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
69
Connection
keep-alive
Content-Length
0
acs
lm.serving-sys.com/lm/ Frame 2234
Redirect Chain
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2213964a02-036e-4c60-8609-059775103f55%22,%22Time%22:%2220230401T230410.039904%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
0
159 B
Image
General
Full URL
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2213964a02-036e-4c60-8609-059775103f55%22,%22Time%22:%2220230401T230410.039904%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
18.198.226.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-226-167.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:10 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
location
https://lm.serving-sys.com/lm/acs?json={"GUID":"13964a02-036e-4c60-8609-059775103f55","Time":"20230401T230410.039904"}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
365
expires
Sun, 05-Jun-2005 22:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIdjZmnvlWYYg9sZPCnYbJM&google_cver=1
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIdjZmnvlWYYg9sZPCnYbJM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZG0J9YQZJ3CH2ZPV2D1R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIdjZmnvlWYYg9sZPCnYbJM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
usermatch.krxd.net/um/ Frame 2234
20 B
20 B
Image
General
Full URL
https://usermatch.krxd.net/um/v2?partner=amzn
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.233.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-233-35.compute-1.amazonaws.com
Software
/
Resource Hash
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
usermatch-a012-ash-prod.krxd.net
date
Sat, 01 Apr 2023 23:04:10 GMT
content-type
text/plain; charset=utf-8
x-age
0
content-length
20
x-cache
MISS
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=e81930a2a36e7291a96694223748ca74
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=e81930a2a36e7291a96694223748ca74
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4HGWFQ050R095G2DBCCT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 01 Apr 2023 23:04:10 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=e81930a2a36e7291a96694223748ca74
content-length
0
x-amz-cf-id
qBpFtvXjbxH4hGAzpAhSYOkLz6uw4XkGCOVz8gFf_4ss6emeZcntuQ==
cm
us-u.openx.net/w/1.0/ Frame 2234
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=LXqPWFZwdkkG9YpsLzz7MDc4ZAQ4ZgIC
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index&id=LXqPWFZwdkkG9YpsLzz7MDc4ZAQ4ZgIC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NMA1QWA4HAA3DRCVBJW9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://s.amazon-adsystem.com/ecm3?ex=index&id=LXqPWFZwdkkG9YpsLzz7MDc4ZAQ4ZgIC
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
xuid
eb2.3lift.com/ Frame 2234
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=8341&xuid=o-xxoNiRSv2jt5ORiRwb4g&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=6B02C209F944DB37
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=6B02C209F944DB37
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J0QWQWNFB2JHA7KYFR4W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:22 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=6B02C209F944DB37
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8031681129766253805&ex=appnexus.com
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=8031681129766253805&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8MC13EK99F00JK98S8X1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 01 Apr 2023 23:04:10 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
95403244-041e-466c-b92c-4d82cfbc9016
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=8031681129766253805&ex=appnexus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=5ainEyQKQbuDf7usyc3woQ&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
  • https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=5ainEyQKQbuDf7usyc3woQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=5ainEyQKQbuDf7usyc3woQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QQEBEY1XWJ79EQYAG0RC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=5ainEyQKQbuDf7usyc3woQ
date
Sat, 01 Apr 2023 23:04:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2179&pt=n
  • https://s.amazon-adsystem.com/ecm3?id=bs4i3xq_a9ZeBGhEJSZb4w&ex=rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=bs4i3xq_a9ZeBGhEJSZb4w&ex=rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MS5QZXPFJPD9VTWC3NHK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=bs4i3xq_a9ZeBGhEJSZb4w&ex=rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=NVT5rqL_Q22BgMbu57VCTw&
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
44WCVXPGCFMXJXDQW4GA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadus.exelator.com/load/ Frame 2234
0
324 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8686AB82864BD44895B02A17634
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8686AB82864BD44895B02A17634
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C52SA0BHPKW56E4A75VC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 01 Apr 2023 23:04:10 GMT
Server
openresty/1.15.8.2
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=2D1EC8686AB82864BD44895B02A17634
Access-Control-Allow-Origin
https://www.homedepot.com
Access-Control-Expose-Headers
User-NDAT
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
P3P
CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection
keep-alive
Content-Length
151
Expires
Sat, 01 Apr 2023 23:04:09 GMT
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a643d920d05422ed5a30e744f35a4b4ca79cb45de60c6c62a05553a89831d191
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a643d920d05422ed5a30e744f35a4b4ca79cb45de60c6c62a05553a89831d191
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JZD4K3YTJK4QW4TR2XM3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=a643d920d05422ed5a30e744f35a4b4ca79cb45de60c6c62a05553a89831d191
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
retry-after
0
expires
0
sync
sync-amazon.ads.yieldmo.com/ Frame 2234
0
37 B
Image
General
Full URL
https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=K-Xrex2ZTm6oCobEAdp3qg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.84.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-84-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=70607F63-810D-4016-91C3-0CCD779F520F
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=70607F63-810D-4016-91C3-0CCD779F520F
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8JMF3S8CPF7WEYKZ3G3M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=70607F63-810D-4016-91C3-0CCD779F520F
date
Sat, 01 Apr 2023 23:04:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 2234
0
48 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072986&val=US3i6OabSh-ZMpX-4eSRzg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Accept
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 2234
Redirect Chain
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=db3a6783-46e7-4a2b-a6fc-739173ca18a6-tuctb223dea
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=db3a6783-46e7-4a2b-a6fc-739173ca18a6-tuctb223dea
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BeRANamiSjqhoey-Gshfeg&dmt=3&ex-pl-n-g-hmt=NVT5rqL_Q22BgMbu57VCTw&ep=ttam_T219Ay-cPciHbT10k5mg2aWBvWBXbRUBx0PMf5_Ab37W_RyVpafLfhBVUhru1aQL4_dyzg_0WI5IfffrCmNO-lHxZJdLKNmFOuxtRTLSC2o_fRekGbWUnIbO9rV6S0za55aFqxevne5YvBx4DoMm9pLu7rK4mm0oSiOmbL1YOLhzXGkn3OtOiiS-YRNk8MXtJF1EbMA7PZ6DiajScFxj2OTuPE7LV-BdZZzDavnUbMbQMtMNjU-EFuSQ5uGVDyG3bBt1l5yU1W40VnR4SaiIrLKkbD_UPc6KDfeOtDcte_2h14efoT4e4FnRIgY8y7wOwuXZX1ejveCekbC_rLVWoQXXR2l-skbuY7oepq1VkawVeQwsp-NRnIQJ5wAaSfIiDyfYSdXg27egbhe79PxxGajBzb67Erp7EbOjl9X4N6cexZu98wDqMs4eAJQRfKMCZfW4jwRNvMttQ0p9iivodUwKL3ZBCb8sfZmkK8ff7voH1wCmkwpWA6hNKQckO_6RmtrIGfYs4wnbFpYBizRjBCwUehbfa3rmIMi6ijNhPn6gm_JgaYKaRMBMitzZ-xVwNJM9UbQTnpDIUQ9tjh1n-g6srdF5cUyFQyJt7TdRCG2Ma13DG4arEIhzU2r5wfY2bBtWpxCX574ykTkAt3j__wjr4GKBkyP6ynWcqgTuo0S1CPWqyKiWScKbihMUOIrbK7VDEwqkUJYpWhiYfWdWNS9J5ALraBkRY9IDcvgVoBKK0IWuy6-YLHtTF7y5Pj-veE05Zry8kwMr3dI_A
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 23:04:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8JD40ZR5KCDJDF3K8C7K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=db3a6783-46e7-4a2b-a6fc-739173ca18a6-tuctb223dea
date
Sat, 01 Apr 2023 23:04:10 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29218
/
a.clickcertain.com/px/cont/ Frame 6AD7
1 KB
981 B
Document
General
Full URL
https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b2f6befe5ad8607af02cf9fe5db440d97740b05b8b557296048a330d634d42a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7b147833fe79366f-FRA
content-encoding
br
content-type
text/html
date
Sat, 01 Apr 2023 23:04:09 GMT
etag
W/"M2Y4NjFjZDlnODMzZGc0NTY2Z2I5NTJnZTFjNDA4ZTkzNGRmLXow"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBXEHMgRo1msXvc%2BjXTn59%2BcpGTuVB89Xs0Iq7r1hANdWQPOfVn5r7BXLJYoo10szmd1MH%2BtZsSeTflUxkhTTyODECr9W751H%2Bmbjsq3jTeEBUBjll%2Br3IqRcwA4swmTDyvqbftoxkhev8H%2FRSGEmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frontend
cc-nginx-54f86d7794-w4x8h:cc-nginx-54f86d7794-w4x8h
x-requestid
1623ae66-7275-463e-9196-5d684d2adcee
allIntegrations.js
fast.wistia.com/assets/external/
21 KB
6 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e6bf86abf81e714770dc292dd4f8f6011b39c26926371f73ca998bad56f611e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:09 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2915
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5630
x-served-by
cache-iad-kjyo7100133-IAD, cache-hhn-etou8220072-HHN
x-browser-version
111
last-modified
Fri, 31 Mar 2023 18:39:47 GMT
server
AmazonS3
x-timer
S1680390250.634670,VS0,VE0
etag
"20a9da51c39bb7efa5f93e7518b58a9e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
0f9fd3a08fa2487071f820e7f844e0fa5977034c
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38, 38
externalIds
io.v2.customerlabs.co/
0
0
Image
General
Full URL
https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1680390248154.1250324485&customerlabs_user_id=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d&id=cl4975ot4arrr6&uid=cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d&t=0&sc=1600%20x%201200
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-191-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

/
a.clickcertain.com/px/ta/ Frame 6AD7
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=3f861cd9-833d-4566-b952-e1c408e934df
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=3f861cd9-833d-4566-b952-e1c408e934df&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=3f861cd9-833d-4566-b952-e1c408e934df&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=cb3956d5-1945-4884-afd7-735b6e33517a
0
497 B
Image
General
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=cb3956d5-1945-4884-afd7-735b6e33517a
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Protocol
H2
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
x-frontend
cc-nginx-54f86d7794-99q8g:cc-nginx-54f86d7794-99q8g
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
18cb96a1-7e32-4062-9159-0c64bf97b683
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEF%2BhSFFqnSiI5SzGMpmaG9xMOfAsPJt9lvF5%2BczplsxTwar8Y%2FgggFpaomKiGDOAbjd6%2BPisUJdML785vDof6V1e5iO5WDXHukS3mSBuoAOjdZmC3auoEV6e4SB%2FOWaJDk3Al16stTewD7%2BVlUwow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b147836c974366f-FRA

Redirect headers

date
Sat, 01 Apr 2023 23:04:10 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://a.clickcertain.com/px/ta/?done=true&ta_id=cb3956d5-1945-4884-afd7-735b6e33517a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
a.clickcertain.com/px/t/ Frame 6AD7
Redirect Chain
  • https://a.usbrowserspeed.com/cs?puid=22604785-5b92-55c7-9732-156d0ee8abee&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
  • https://a.clickcertain.com/px/t/?done=true&uid=f8581f34-7169-4684-afec-a6f5083a72ac&hem=
0
335 B
Image
General
Full URL
https://a.clickcertain.com/px/t/?done=true&uid=f8581f34-7169-4684-afec-a6f5083a72ac&hem=
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Protocol
H2
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
x-frontend
cc-nginx-54f86d7794-99q8g:cc-nginx-54f86d7794-99q8g
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
f90ccd2b-84b6-492c-b6f1-09cd6c7fa96d
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FXD452CvgOhWtP3qZ5AyYk3vHfaJLrnR%2B7N2SBP4qhWi7vRNbxoMoi0J6orH9vWK92k%2BZqOjdxWY2XbBlto0JAcKhm2RB3DWU4Z0ZLYqnyk6JKxy90YTEdPxehT0r2A%2BoMJ8m%2BuT55I6cPMPmivyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b14783bef93366f-FRA

Redirect headers

location
https://a.clickcertain.com/px/t/?done=true&uid=f8581f34-7169-4684-afec-a6f5083a72ac&hem=
date
Sat, 01 Apr 2023 23:04:10 GMT
server
awselb/2.0
content-length
119
content-type
text/html; charset=utf-8
fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 6AD7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/fivebyfive
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
27 B
27 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Protocol
HTTP/1.1
Server
52.31.9.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-9-42.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 23:04:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
27
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date
Sat, 01 Apr 2023 23:04:09 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 6AD7
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=3f861cd9-833d-4566-b952-e1c408e934df
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=3f861cd9-833d-4566-b952-e1c408e934df&ccid=3f861cd9-833d-4566-b952-e1c408e934df&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://a.clickcertain.com/px/li/?ccid=3f861cd9-833d-4566-b952-e1c408e934df&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D3f861cd9%2D833d%2D456...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=3f861cd9-833d-4566-b952-e1c408e934df&anx_uId=$UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=3f861cd9-833d-4566-b952-e1c408e934df&anx_uId=8031681129766253805
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=3f861cd9-833d-4566-b952-e1c408e934df&expires=5&user_group=0
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=179&user_id=3f861cd9-833d-4566-b952-e1c408e934df&expires=5&user_group=0
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Protocol
H2
Server
35.158.72.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-72-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 01 Apr 2023 23:04:10 GMT
x-frontend
cc-nginx-54f86d7794-kqcfg:cc-nginx-54f86d7794-kqcfg
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
783672ae-cae9-4bc4-9be4-1efb26b065d1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAS4fxbhLd8uFix8RGQPppfkNTSr%2B24gwxB8iD29OxDPQl0Yfjw5NTmZIGxmLVq1eGtEJowKcI8D1%2FWRuy8rw%2BtAS3OwFHM7JT5%2FzvagivTr98h0XFtksc4bskM2Jmhm9spKHrdEca%2Ff4zSSCxpOuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://x.bidswitch.net/sync?dsp_id=179&user_id=3f861cd9-833d-4566-b952-e1c408e934df&expires=5&user_group=0
cf-ray
7b14783bdf84366f-FRA
193f0456
tag.trovo-tag.com/ Frame 5F69
490 B
760 B
Document
General
Full URL
https://tag.trovo-tag.com/193f0456
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=3f861cd9-833d-4566-b952-e1c408e934df&cn=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-56.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
47df1155f7d82b22cb835502c866424862f7ab82aa624f1243d15d07adeb9c80

Request headers

Referer
https://a.clickcertain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
490
content-type
text/html
date
Sat, 01 Apr 2023 23:04:09 GMT
server
CloudFront
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-cf-id
pmKcgJrRaitGgv8s-zBcVX9Q4P5qZ17LMZE6fADzWbue688P4KPlOA==
x-amz-cf-pop
FRA60-P2
x-cache
LambdaGeneratedResponse from cloudfront
/
a.clickcertain.com/px/img/g/ Frame 5F69
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=82c4b81d-d0e1-11ed-b2cd-79bb4d1d39a7
  • https://a.clickcertain.com/px/smart/a/?type=img&c=24d1add2443e239&partner_id=193f0456&partner_rid=82c4b81d-d0e1-11ed-b2cd-79bb4d1d39a7
  • https://a.clickcertain.com/px/img/?c=24d1add2443e239
  • https://a.clickcertain.com/px/img/g/?start_cm=1
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
  • https://a.clickcertain.com/px/img/g/?google_gid=CAESEEzmekervvtq_cDiQ2k-oJI&google_cver=1
0
335 B
Image
General
Full URL
https://a.clickcertain.com/px/img/g/?google_gid=CAESEEzmekervvtq_cDiQ2k-oJI&google_cver=1
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol
H2
Server
2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.trovo-tag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
x-frontend
cc-nginx-54f86d7794-kqcfg:cc-nginx-54f86d7794-kqcfg
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
651bc243-e67a-4b76-882b-cf7973e7697d
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHOYCv1oVlWsYZQcb3LgooK8Yedw9%2BscnB6BWWtqDl4ie9RU3%2FDggfR9AHlXUUBeP1UrPnBke3JnEv9RhuHWElzbT5kTw%2BkoRI2yJ9PDyY11K%2BUwDh2lOBTW%2Bqb4Ygq6u0CW5wzd0dwf0pLlNEk2Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b1478398cff366f-FRA

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 23:04:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.clickcertain.com/px/img/g/?google_gid=CAESEEzmekervvtq_cDiQ2k-oJI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lds
a.usbrowserspeed.com/ Frame 5F69
0
149 B
Image
General
Full URL
https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.177.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-177-234.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.trovo-tag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 23:04:10 GMT
server
awselb/2.0
fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 5F69
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/fivebyfive
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
27 B
27 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Requested by
Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol
HTTP/1.1
Server
52.31.9.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-9-42.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.trovo-tag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 23:04:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
27
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date
Sat, 01 Apr 2023 23:04:10 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
unip
trc-events.taboola.com/1225872/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=0&ssd=1&est=1680390247288&ver=36&isls=true&src=i&invt=3000&msa=16030&rv=1&tim=1680390251870&vi=1680390247286&ri=a68971e90f85ed1ae61a4c89f6824618&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Sat, 01 Apr 2023 23:04:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1523626/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4582&scd=0&ssd=1&est=1680390247288&ver=36&isls=true&src=i&invt=3000&msa=16030&rv=1&tim=1680390251871&vi=1680390247286&ri=c70ea899b266b5417c8ce917ccf58fec&ref=null&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1029a6681efd5683f702ef55da9a4c%26n%3Dtune%26AFFID%3D477232%26subid%3D115_MW6FW-04-01-23-PM3-Golden-Revive-F-S-01
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Sat, 01 Apr 2023 23:04:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| ub function| pintrk object| dotq object| _tfa function| obApi function| gtag object| dataLayer function| ndp string| TiktokAnalyticsObject object| ttq function| nbpix object| UnbounceSnowplowNamespace function| ubSnowplow function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| LI object| __li__evt_bus object| liQ object| liQ_instances object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| wistiajsonp-/embed/medias/e8xcaqkjm4.jsonp function| apiObj object| Criteo object| criteo_q string| GoogleAnalyticsObject function| ga function| FBQ function| FBQ_SETUP string| ClAnalyticsObject object| _cl string| deviceType object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| $ function| jQuery object| ube string| __ultraaff_r string| __ultraaff_u object| gaplugins object| gaGlobal object| gaData object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| YAHOO object| _uca function| fbq function| _fbq function| hj object| _hjSettings object| uetq function| ucAnpFailback function| ucAnpCallback function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| proofInitialized string| output number| output2 function| UET function| UET_init function| UET_push object| ueto_7a6dbceed9 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Czzle object| CLabsgbVar number| clinterval string| cl71459p1 object| cl71459p2 object| cl71459p3 boolean| cl71459p4 string| cl71459p5 string| cl71459p6 string| cl71459mid string| cl71469p1 object| cl71469p2 object| cl71469p3 boolean| cl71469p4 string| cl71469p5 string| cl71469p6 string| cl71469mid number| processPendingIdx function| _add_ctag object| body

117 Cookies

Domain/Path Name / Value
pages.upwellness.com/uc-grplus-fps/ Name: ubpv
Value: an%2C6d2c7105-ebae-455a-91f2-47af4209ed5f
i.liadm.com/s Name: _li_ss
Value: CgA
bloodsugarfit.ontraport.com/ Name: sess_
Value: pstb2wbgh6ydftfs
bloodsugarfit.ontraport.com/ Name: contact_identity_id
Value: 323144
bloodsugarfit.ontraport.com/ Name: op_id_ver
Value: %242a%2408%243uOy6qgjQIdBIoCHFVhuOOWM%2F2MytfZ77DcDiP1qDL9Z3tzr26TAW
bloodsugarfit.ontraport.com/ Name: contact_id
Value: 323144
bloodsugarfit.ontraport.com/ Name: op_loopTrack
Value: bloodsugarfit.ontraport.com/c/s/Xe3/WL8HQ/s/dhkl/60zP/6cTh07/sGCF0kkxje/P/P/K7/bXU9aHR0cHMlM0ElMkYlMkZ0cmt3LmJsb29kc3VnYXJmaXQuY29tJTJGOTYzMTI0ZWQtYjVhYy00MzRkLWI2NTMtODZkYWQ1MjUwNTRjJTNGb2ZmZXIlM0QlMjZzdWIyJTNEcm9lbGFuZGltbGVuYWVydHMlNDBnbWFpbC5jb20lMjZmcm9tJTNEJTdCJTdCY2FtcGFpZ24uZnJvbV9uYW1lJTdEJTdEJTI2c3ViamVjdCUzRCU3QiU3QmNhbXBhaWduLnN1YmplY3QlN0QlN0QlMjZzdWIxJTNETVc2RlctMDQtMDEtMjMtUE0zLUdvbGRlbi1SZXZpdmUtRi1TLTAxJm1oPWY1ZDJmMzdlMDFjZDg5/Z
.trkw.bloodsugarfit.com/ Name: 963124ed-b5ac-434d-b653-86dad525054c-v4
Value: EwVj9L7_VzTUqdvvTQBYTUJ8hMQj8C0yjTDOp6mFOts
.trkw.bloodsugarfit.com/ Name: cc-v4
Value: zFrXDvLpWe%2B6MEx7LnRjw3nk3ZxpsPApSmS9To7bPAN%2BtTIYPOM54k2xXLnTdoLQanINXQD3AMucgCJl69lYnl3trrV12319iB2XcS30YI078kMo8mN0XGsE3Fo5eoaoIbvNQSH6RLz2HiWfhXCtXQ%3D%3D
www.wm74trk.com/ Name: uniqueClick_26B6MK1
Value: 5d6d21bc-6c98-4746-823d-5fa4e6a84b95:1680390246
www.wm74trk.com/ Name: transaction_id
Value: 8045c43c1b7d49d0819054a9af232c28
go.welldaily.com/ Name: enc_aff_session_67
Value: ENC036e449296d6c253ddd95f9b81d8e61306646fb9bb7114420f439817307053ed9d27130de5cee91d391700339d221587eceeb003390940d934de6d9ee4453d2e6aa5a267d0d5bd6d318417d2c2463a7017e3860708a8a9c89c6d475209c74fd6cb32c8d2c58b5f1088622511c99743d0e46a5e86ef68aac266f40c5c224177101cfe900f68a71d16b697593f25518005d93d759b8f7048bbef6a3ce4fe19dedb88a127c19c32ed8d5683c9e5ae2b0e6846fb17987e37bc65100a8177840c3b23a9010a2a7b
go.welldaily.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/ Name: ubvs
Value: 12e41d4c-b15f-423b-bfe2-9245a6b6be15
.upwellness.com/ Name: ubvt
Value: v2%7C12e41d4c-b15f-423b-bfe2-9245a6b6be15%7C6d2c7105-ebae-455a-91f2-47af4209ed5f%3Aan%3Aweighted
.upwellness.com/ Name: _li_dcdm_c
Value: .upwellness.com
.upwellness.com/ Name: _lc2_fpi
Value: f0f26c15fa8f--01gwzh0mfw5php0w0yhksk7zwf
.upwellness.com/ Name: _gcl_au
Value: 1.1.1458025374.1680390247
.tiktok.com/ Name: _ttp
Value: 2NqSidlTjnrTXrzgLm6iAaUzUdY
.upwellness.com/ Name: __nbpix_uid
Value: 1-wx13t31a-lfykyt0y
.doubleclick.net/ Name: IDE
Value: AHWqTUlzRpHYIT3Fv4fAfJNC4Zv4FWktYPQ5IFQwX4ybh8ljAYZgRoW2cmPCEIpv
.criteo.com/ Name: uid
Value: 226d595c-d78d-41c3-a03e-41c13736ab97
.liadm.com/ Name: lidid
Value: b409afde-f596-417f-ae8c-6c3bfaa751b9
.upwellness.com/ Name: UltraCartShoppingCartID
Value: 8F8D13ACC0878A01873F1053F61F8B00
.upwellness.com/ Name: ucacid
Value: 1386950399.354151
.store.upwellness.com/ Name: ucacid
Value: 1386950399.354151
store.upwellness.com/ Name: JSESSIONID
Value: abcM_SaKsoOJpqghK2xfh
store.upwellness.com/ Name: LBJSESSIONID
Value: abcM_SaKsoOJpqghK2xfh.n246
.upwellness.com/ Name: _ga
Value: GA1.2.1329566415.1680390248
.upwellness.com/ Name: _gid
Value: GA1.2.1441025350.1680390248
.upwellness.com/ Name: _dc_gtm_UA-28307243-3
Value: 1
.upwellness.com/ Name: _tt_enable_cookie
Value: 1
.upwellness.com/ Name: _ttp
Value: HIROCrU3pYx4nNP-vV8TWzqAZWF
.pages.upwellness.com/ Name: _pin_unauth
Value: dWlkPU9XRXhObVk1WVRBdE56UXpOQzAwTkRFd0xUbG1ZbVF0TldNM01qTTVOMlV3Tnpkaw
pages.upwellness.com/ Name: outbrain_cid_fetch
Value: true
.unsplash.com/ Name: ugid
Value: cfd9236926ab560b56f2f9ab273af3815601300
.upwellness.com/ Name: _uetsid
Value: 8196a3a0d0e111eda8a0933363ba4b38
.upwellness.com/ Name: _uetvid
Value: 81969680d0e111edba715dd99176c2d5
.upwellness.com/ Name: cto_bundle
Value: WRPAuF9LazJpd1p6bFYlMkI3c3pVTXo4S1pZc0J2T0NhZnNkSTRKZ05pSWk0MCUyRkVPSkhtU2RqanowMWo2OTVGSFA5UmJ1N3F1VTNSWXBrcEk1N3FsJTJCVFM1ck1YOVFJOGIyeG4lMkJnSTM4a2Fnd0VXdVNKRG9XSzhvekxEaktqVzN1SlBiOWVHR2RKMHRZU0UxZVo0dkxXd01hYzFSQSUzRCUzRA
.bing.com/ Name: MUID
Value: 01E7E01CC4FC6176199EF2FAC57760E7
store.upwellness.com/ Name: AWSALB
Value: ATi4g6NVOSCRBWZXN14Ksy0kF8CmIdELiBywpawEcWLfWugaB/dOGpg0+GUmY/LrMqzwxGWAquIPCQefVfrj/hRHt1DFivI0J7dBht1CVBBJYbri9nJ/4SegkKlj
store.upwellness.com/ Name: AWSALBCORS
Value: ATi4g6NVOSCRBWZXN14Ksy0kF8CmIdELiBywpawEcWLfWugaB/dOGpg0+GUmY/LrMqzwxGWAquIPCQefVfrj/hRHt1DFivI0J7dBht1CVBBJYbri9nJ/4SegkKlj
.store.upwellness.com/ Name: UPWEL-ANP
Value: 6141
.upwellness.com/ Name: _hjSessionUser_795540
Value: eyJpZCI6IjI0ZmEwNTA4LTQ1ZjMtNWUwMy1iMGJhLTM1ODczM2YxYWNlMyIsImNyZWF0ZWQiOjE2ODAzOTAyNDgwMjYsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/ Name: _hjFirstSeen
Value: 1
.upwellness.com/ Name: _hjIncludedInSessionSample_795540
Value: 1
.upwellness.com/ Name: _hjSession_795540
Value: eyJpZCI6IjlkZTcyMTdiLTQ4NWMtNDEyNS1iZDBhLTUyODk5MmU0NDc4OSIsImNyZWF0ZWQiOjE2ODAzOTAyNDgwMzUsImluU2FtcGxlIjp0cnVlfQ==
.upwellness.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.upwellness.com/ Name: cl4975ot4arrr6_source
Value: Direct
.upwellness.com/ Name: cl4975ot4arrr6_session_starts
Value: 1680390248100
.upwellness.com/ Name: cl4975ot4arrr6_utmParams
Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.upwellness.com/ Name: cl4975ot4arrr6_uid
Value: cl4975ot4arrr6c9a7e084-6535-453e-b431-72b44de4547d
.upwellness.com/ Name: cl4975ot4arrr6_sid
Value: CL-0c794879-14c7-4140-bd78
.upwellness.com/ Name: cl4975ot4arrr6_gid
Value: cl4975ot4arrr651c1c22a-ad7a-46ef-b824-0b95ff828ed6
.upwellness.com/ Name: _fbp
Value: fb.1.1680390248154.1250324485
.yahoo.com/ Name: A3
Value: d=AQABBGi4KGQCEE0wV0eMcyZ0UxUG6ODi8GkFEgEBAQEJKmQyZAAAAAAA_eMAAA&S=AQAAAo3QINtAJJq_xJyW9kKPlOk
.adnxs.com/ Name: uuid2
Value: 8031681129766253805
match.sharethrough.com/ Name: AWSALBCORS
Value: fBvwG+pLEH6rMU0INT5F9BdQWV138wRm6CbowB+hEbq7a64uZYa/dZ1hR35UyFVVD2VqacxtRUe0fExUMUIFpMfhQmy5WIhXmf1F1PQoV5IqVVVowgZcyviklRCg
.media.net/ Name: visitor-id
Value: 3233918488281234000V10
.media.net/ Name: data-c-ts
Value: 1680390248
.media.net/ Name: data-c
Value: k-Y4itanLLYB-GO5iyIGSgqVyfLtZ1OhA-mQdXAg~~3
.bidswitch.net/ Name: tuuid
Value: 83f982b2-2353-4255-b9ee-87ae4b616c6e
.bidswitch.net/ Name: c
Value: 1680390248
.bidswitch.net/ Name: tuuid_lu
Value: 1680390248
.demdex.net/ Name: demdex
Value: 59123808017656252062321847423938913321
.casalemedia.com/ Name: CMID
Value: ZCi4aAZEPDF2p8lYVlmVBQAA
.casalemedia.com/ Name: CMPS
Value: 5219
.casalemedia.com/ Name: CMPRO
Value: 5219
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%228241e910-d0e1-11ed-87ff-37188d65ddd9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%228241e910-d0e1-11ed-87ff-37188d65ddd9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%228241e910-d0e1-11ed-87ff-37188d65ddd9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%228241e910-d0e1-11ed-87ff-37188d65ddd9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-m58wsnLLYB-GO5iyIGSgqVyfLtY6mjy0LxAf_A%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/ Name: dpm
Value: 59123808017656252062321847423938913321
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-rwHSPHLLYB-GO5iyIGSgqVyfLta9GRK1Bg_Kag&KRTB&23144-uid:k-rwHSPHLLYB-GO5iyIGSgqVyfLta9GRK1Bg_Kag&KRTB&23286-uid:k-rwHSPHLLYB-GO5iyIGSgqVyfLta9GRK1Bg_Kag&KRTB&23287-uid:k-rwHSPHLLYB-GO5iyIGSgqVyfLta9GRK1Bg_Kag
.360yield.com/ Name: tuuid
Value: e218b79d-090b-4454-bc0d-4004cff2d4dd
.360yield.com/ Name: tuuid_lu
Value: 1680390249
.upwellness.com/ Name: cl4975ot4arrr6_session_ends
Value: 1680392049176
.amazon-adsystem.com/ Name: ad-id
Value: A65sbrooj0nVqNUs7XbulWg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.krxd.net/ Name: _kuid_
Value: PeGR6WM8
.tremorhub.com/ Name: tvid
Value: fe3af15892e94090bea289ae70006b17
.tremorhub.com/ Name: tv_UICR
Value: k-ix_jpHLLYB-GO5iyIGSgqVyfLtaW_77U6rjUCQ
.adnxs.com/ Name: anj
Value: dTM7k!M40<F7/.XF']wIg2E?^nV*#X!]tc18i_it:z!9CUYaI%CG#wTGW%WdYr'xscQ1?ZZlIF2D=D-3>N#RV=8'P?YoM[$[5'1i'zZ72<QJ<KIw=A1?[(5_=NkA!1PLJn18dO+2g_DVJ]qtTIyno-?(9v^d/2)Ld$SLI6'1e.
a.clickcertain.com/ Name: _ccpx_u
Value: 3f861cd9%2d833d%2d4566%2db952%2de1c408e934df
.360yield.com/ Name: umeh
Value: !38,0,1742598249,-1!416,0,1742598249,-1
.tremorhub.com/ Name: tv_UIAM
Value: f12a22b8e6ed480da38fbf33d9d28291
.agkn.com/ Name: ab
Value: 0001%3AKt%2FNkNwqsb9y9%2Fd%2FOdCAtSkvjPFo3bW1
a.clickcertain.com/ Name: _ccpx_24a3d6f0fe7dd9c
Value: 1
.360yield.com/ Name: um
Value: !38,P1rXRNmdoC3QaNqTul6OcHfoP6qDnGIwO2gu8zu.sQ64frNAfAtrxt7jS270LWgJXQSWDxKe,1688166249!416,3trTqLCXSGtG69NSiQwc1Czp,1688166249
.myvisualiq.net/ Name: tuuid
Value: 21c1ca4e-9213-4102-ac8c-31712bf4bdfa
.myvisualiq.net/ Name: c
Value: 1680390249
.myvisualiq.net/ Name: tuuid_lu
Value: 1680390249
.upwellness.com/ Name: cl4975ot4arrr6_eidsTracked
Value: true
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~2aun:195g~2aun:19b9~2aun"
.bluekai.com/ Name: bku
Value: b/X99sZTvsx+ce6b
.bluekai.com/ Name: bkpa
Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.ads.stickyadstv.com/ Name: UID
Value: 43689445c94675ed4a755e725b7236b
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: D5U3gtOYSYWOjym1FFT9Aw
.adform.net/ Name: C
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1680390249971
.tapad.com/ Name: TapAd_DID
Value: cb3956d5-1945-4884-afd7-735b6e33517a
.adform.net/ Name: uid
Value: 5887070762062618442
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bidr.io/ Name: bito
Value: AAI2aE7IUXEAACFXKgfenA
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.samba.tv/ Name: sambapxid
Value: 10fcfdb6a2a9f8780
.pubmatic.com/ Name: KRTBCOOKIE_290
Value: 23219-5ainEyQKQbuDf7usyc3woQ&KRTB&23261-5ainEyQKQbuDf7usyc3woQ
.pubmatic.com/ Name: PugT
Value: 1680390250
.spotxchange.com/ Name: audience
Value: 82fb06d5-d0e1-11ed-af82-1ac054420106
a.clickcertain.com/ Name: _ccpx
Value: 24d1add2443e239
a.clickcertain.com/ Name: _ccpx_24d1add2443e239
Value: 1
.ispot.tv/ Name: pt
Value: v2:a643d920d05422ed5a30e744f35a4b4ca79cb45de60c6c62a05553a89831d191|007e62170498bcae8757fa01cb1c21782bcf1f91535ef0cda342ee008421d084
.semasio.net/ Name: SEUNCY
Value: 6B02C209F944DB37
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 70607F63-810D-4016-91C3-0CCD779F520F
.ninthdecimal.com/ Name: ndat
Value: aMgeLWQouGpbiUS9NHahAg==
.a.usbrowserspeed.com/ Name: tuid
Value: f8581f34-7169-4684-afec-a6f5083a72ac

4 Console Messages

Source Level URL
Text
worker info URL: blob:https://pages.upwellness.com/66177e2a-e259-4231-bef0-da18063f7fc7
Message:
[log] > Debug logs enabled for "main"
network error URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://usermatch.krxd.net/um/v2?partner=amzn
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.remarketstats.com
a.twiago.com
a.usbrowserspeed.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.nextdoor.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
bloodsugarfit.ontraport.com
bs.serving-sys.com
builder-assets.unbounce.com
business.newsbreak.com
c1.adform.net
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
eb2.3lift.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events.ub-analytics.com
exchange.mediavine.com
fast.wistia.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
io.v2.customerlabs.co
lciapi.ninthdecimal.com
live-visitor-counts.herokuapp.com
live.upwellness.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
odr.mookie1.com
pages.upwellness.com
pi.ispot.tv
pipedream.wistia.com
pixel.rubiconproject.com
pixel.tapad.com
public-prod-dspcookiematching.dmxleo.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
s.thebrighttag.com
s.yimg.com
sb.scorecardresearch.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-amazon.ads.yieldmo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tag.trovo-tag.com
tags.bluekai.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
trkw.bloodsugarfit.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
views.unsplash.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.imdb.com
www.wm74trk.com
x.bidswitch.net
100.20.6.198
104.111.217.42
104.200.30.45
108.138.17.119
13.224.189.30
13.32.121.21
13.32.99.127
13.32.99.41
141.226.228.48
142.250.185.226
151.101.129.181
151.101.130.132
151.101.192.84
151.101.193.131
151.101.65.44
172.217.18.2
178.250.1.11
178.250.1.9
18.185.141.58
18.185.61.227
18.193.209.105
18.198.226.167
18.223.64.90
18.66.122.56
18.66.137.97
18.66.97.53
185.255.84.153
185.64.190.78
185.64.190.80
185.80.39.216
185.86.138.153
185.94.180.126
188.65.124.66
2.16.107.129
2.17.187.27
2.18.235.93
2.23.197.190
209.170.211.179
212.82.100.181
212.82.100.182
23.35.237.86
23.36.163.118
2600:1f18:612b:4200:5e0f:bbb8:a1ca:1064
2600:1f18:730:b120:6f9e:97b:4367:31b2
2600:9000:223c:1200:8:8845:1500:93a1
2600:9000:223e:c000:1e:c86:4140:93a1
2600:9000:223e:da00:1e:c86:4140:93a1
2600:9000:2250:c800:1d:11cf:5800:93a1
2606:4700:20::681a:832
2606:4700:20::ac43:4549
2606:4700:3034::ac43:a9b0
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9a
2a02:2638:3::e
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::622
2a04:4e42:8d::84
2a06:98c1:3120::3
3.122.13.136
3.126.202.50
3.221.88.80
3.224.39.38
3.228.92.231
3.71.149.231
3.93.168.254
34.107.190.195
34.111.113.62
34.117.157.22
34.160.236.64
34.230.229.216
34.249.44.119
35.158.72.189
35.169.233.35
35.244.159.8
37.157.5.142
37.252.171.22
37.252.171.85
44.195.191.171
52.10.177.234
52.19.86.255
52.210.234.44
52.22.191.215
52.222.229.186
52.222.236.63
52.222.250.38
52.29.230.222
52.31.9.42
52.4.213.160
52.46.155.104
52.49.84.227
52.88.12.74
52.89.7.180
54.146.248.82
54.147.116.169
54.155.55.194
54.157.92.208
54.216.181.39
54.78.254.47
69.173.144.138
69.173.144.139
70.42.32.255
74.119.119.150
76.223.111.18
77.243.60.138
85.215.5.31
001ccf0acd793b4336bacc24c495d85411364c136aee697431a0e572a384b5e5
016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29
02a8d707669f7d95f015f1bb49d881a92e352d614585cca3ba9e33558f5fd6a1
042095a945a89bdee47dce9e27f452ee539aaa495f247e0967ae28ef37ac8d42
04971705dcd7ef441d0cdfed3de59b62af5c279b75c2b60d14116a1ccaf23acd
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08ef2d862119d73211a8d3b128bf7a864082ae0d1385e946d3f683e5c01973dd
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
108cc0de5a6c65309500778c8d8111f3fdf8fb5cc4c6f9855779a8ad46ddb404
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d
152c160410af5f711c1a295bce01dc67db937b5ff0542a47ce08e2d49981b118
17a92698df3697d3b11690ad4e7972c6c409ba49aabe9585f05d69a10cbba1f1
1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67
1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062
23d80fbefcb0dad6d0c58d575b7bc7a0c1afe369e2880eeb0b86d27ac0879237
24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2651d6505ed936078ae2f19dba66522bf26f6a45d00933cd6ce4563f249b9b49
26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09
2b2f8884f06e588675848471606a49693553a2d032a32fce85a5203ae7c796a6
2b9a3fa4e5a401b4b3825cd72d79074e50545ed4dfc4d96160b7b0c092941fe9
2bc84fe38461648e4209bc92657a1541d1e2ae8f9b55e1b2e03d5a2098d729da
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
2e6bf86abf81e714770dc292dd4f8f6011b39c26926371f73ca998bad56f611e
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4
30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3768348c8f415612d642864472d5157538ac456d8b4f3292b77702f652edb384
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b
3a2e0c94b9c305e759b47b269c0a851d60dd3125772a3fdce7caa33607b21d6f
3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
42a3e0b9bad87ff95c1d0c032e0b53d3eeb15168b6a00aa882706127a4ea9d74
4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265
44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883
457a6bbd32523a72293e8041d1ba07046b5f2c936c20b63b3e6786545ecfcb7f
4778a4d71fe5221c53e48770e1fee2827680f5ebfc91d9bb1833478808a0155f
47df1155f7d82b22cb835502c866424862f7ab82aa624f1243d15d07adeb9c80
480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c
48c6a6948497c66461886751361d31b82ee1eb402b38d2a75449b4db5f2f0c61
4a8fb6fd9cc5b9c9629d9877e2934bcf8ebb01d7a546e3882dc26d0b9d603f8d
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5
4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1c87ce55f63bfa3d6b49ff80016ed85e563553a4a1ff3012b6653ea1577fe9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2f6befe5ad8607af02cf9fe5db440d97740b05b8b557296048a330d634d42a
5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c
604a7e9c994c5cf65a51454cf948fe4912e296375272a41123efa279e65c156f
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2
6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371
643fd78049a2ac54868ac280dfd00582bb9a256d96594cc26f4bdf8e3439f2af
657a4979a12ebd67c8cc296346835cd92f88c281a4fe0e45d9b227fcf13f7ef3
66e32af742f610da7a788c1279d34cce52b6248cca65aa733f35592d0fb5804b
694dc392a90a82821a2bbaf4e7c3cb73c99e476527e55430a7388baa3c0fd3ae
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
744035b44b3a8036af2d187ea0d9a95876fa22078a3e899dc02352867cc17a62
744d10422befb3794011e8613afa4c9022cd73a0d2eb1bb2bd5d3e206190c8c9
75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae
77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d
780dd06801c452a3e54f4c9571c34c58c8de41420e1c94098e122b9b5bf7ebb9
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
7dd7d12d4cc195e05cd72a9623588ecabf14c71d7037558b22cee18309ee35b4
7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d
8d97d3fc6112cde238da1b8afd8e722bab97bfe66367abc90de7c322b38c06df
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c4cd304b12bf5b2d106e5f52694c5591a71078481e1a75e97e75819397cdea
931fd923e90a601be221b5f5385c848538f99f99b830db1f7960ced43545fc23
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67
a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
afd61f7c216daba748c6f27559679858178690671f7538dfc34cffdd9baf438f
b127236065b9c431073d14f3595385b46c1295764f1ad1cb2eac52af7dd72e00
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638
b807b5710be11b6800a63212dc6b8bb26b0e03b11adeeacd550737a0430ac4f1
b88a15ffcd595f00e288f147d93204674b94ebab04b0e27f5d660afdd6974d17
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8
bd1bcad45855a0ac063e3bb291ca81fdc488f8f67418de98c334376547c168b2
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
be4899df885f644dd41b1d44a9825f4a3282cd93294b05bfddec1d96f319f009
bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5444b48af5940e46bff886e60bba6fc2c1c6705f30a1c8d0577d710fcb9b5b0
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb922ba96736c011c5c8e3bad8312a52b45f3afd24ed8791d050c52ea2b2f407
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc231c280dce3603412d1aa9dd7180c0c86d220ef9cb997b838fa5cc9c613298
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650
d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38
d66423cf25677e284ead37e8c20158a3f3ef68ef7fbf7ad1f9a6c955f067330e
d871514eb3439a656065beacb34b530e34f548ecaa14139bf5430b1802601944
d9ece6c2b4f12d493789048c794f3cb6a6fbaea7df9a08d1c037d8f2ec1ccd9d
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
def564fc498bc5147cf79aa16e5a6f93789115cc0f4740b0b089df37fa6ba132
df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f190d450c3bc29d42f05d0c2c0542f2d82edacfc2f609cf7141bcffe552b728b
f32c84613efd5d0d2ae3a88eaee3168bd2a3c15969e032818742b43dcd7e15a4
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf