pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.transformationinsider.com/a/1165/click/12667/8788493/c786eb17cd78e28387590016debf4e75d838dc54/34ded52bafc4ff47c94c739d0783...
Effective URL:
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_g...
Submission: On June 01 via manual (June 1st 2022, 10:34:53 pm UTC) from US — Scanned from DE

Summary HTTP 171 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 39 domains to perform 171 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com. The Cisco Umbrella rank of the primary domain is 915952.
TLS certificate: Issued by R3 on May 6th 2022. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.31.40.31 52.31.40.31	16509 (AMAZON-02) (AMAZON-02)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
2	108.157.4.22 108.157.4.22	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:1a00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.131 151.101.1.131	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:ee00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	208.83.60.221 208.83.60.221	36529 (AXXA-RACKCO) (AXXA-RACKCO)
4	54.157.50.116 54.157.50.116	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3033::6815:40e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:4b::84 2a04:4e42:4b::84	54113 (FASTLY) (FASTLY)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2.20.157.165 2.20.157.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.23.180.42 23.23.180.42	14618 (AMAZON-AES) (AMAZON-AES)
41	143.204.214.118 143.204.214.118	16509 (AMAZON-02) (AMAZON-02)
1	52.204.197.236 52.204.197.236	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	108.157.4.69 108.157.4.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.58.146 65.9.58.146	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1 1	2600:1f18:730... 2600:1f18:730:b110:6bc4:b288:af66:f0fb	14618 (AMAZON-AES) (AMAZON-AES)
1	34.202.82.185 34.202.82.185	14618 (AMAZON-AES) (AMAZON-AES)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
6	54.158.193.187 54.158.193.187	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	34.226.127.56 34.226.127.56	14618 (AMAZON-AES) (AMAZON-AES)
5	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	108.157.4.113 108.157.4.113	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.65.181 151.101.65.181	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.4.6 99.86.4.6	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:37a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 9	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
1	54.74.116.255 54.74.116.255	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.117 108.157.4.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	44.198.82.75 44.198.82.75	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4	3.210.192.5 3.210.192.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.174.20.52 54.174.20.52	14618 (AMAZON-AES) (AMAZON-AES)
1	52.54.116.217 52.54.116.217	14618 (AMAZON-AES) (AMAZON-AES)
171	53

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.transformationinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.40.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-40-31.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-22.dus51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:1a00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:ee00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.83.60.221 (United States)

ASN36529 (AXXA-RACKCO, US)

upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.157.50.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-50-116.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:40e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4b::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.157.165 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-165.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.180.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-180-42.compute-1.amazonaws.com

180470.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 143.204.214.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-118.fra53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.197.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-197-236.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-69.dus51.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-146.fra56.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:6bc4:b288:af66:f0fb (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.82.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-82-185.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.158.193.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-193-187.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.226.127.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-127-56.compute-1.amazonaws.com

180470.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

embed-fastly.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-113.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.181 (United States)

ASN54113 (FASTLY, US)

views.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:37a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:4acf (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.116.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-117.dus51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.82.75 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-82-75.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.210.192.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-192-5.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.20.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-20-52.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.116.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-116-217.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	2 MB
21	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4378 embed-ssl.wistia.com — Cisco Umbrella Rank: 19307 embed-fastly.wistia.com — Cisco Umbrella Rank: 8954 distillery.wistia.com — Cisco Umbrella Rank: 6098 pipedream.wistia.com — Cisco Umbrella Rank: 6429	1 MB
9	clickcertain.com 5 redirects a.clickcertain.com — Cisco Umbrella Rank: 2954	6 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	254 KB
7	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 114456 io.v2.customerlabs.co — Cisco Umbrella Rank: 114322	151 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	308 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	766 B
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 191	7 KB
6	upwellness.com pages.upwellness.com — Cisco Umbrella Rank: 915952 upwellness.com — Cisco Umbrella Rank: 650231 store.upwellness.com	70 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6117	979 B
5	google.com www.google.com — Cisco Umbrella Rank: 2	979 B
5	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 53740 api.useproof.com — Cisco Umbrella Rank: 53044	603 KB
4	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 170224	472 B
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832 in.hotjar.com — Cisco Umbrella Rank: 1585	67 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 991 trc.taboola.com — Cisco Umbrella Rank: 633 trc-events.taboola.com — Cisco Umbrella Rank: 1652	19 KB
4	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3539 rp.liadm.com — Cisco Umbrella Rank: 2544 rp4.liadm.com — Cisco Umbrella Rank: 11037 i.liadm.com — Cisco Umbrella Rank: 521	13 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 324	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	135 KB
3	hyros.com 180470.tracking.hyros.com — Cisco Umbrella Rank: 773175 180470.t.hyros.com — Cisco Umbrella Rank: 726036	23 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2032 tr.outbrain.com — Cisco Umbrella Rank: 1872	4 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 378	7 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 391	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 405	590 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 789	1 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 765	877 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 732	19 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com — Cisco Umbrella Rank: 833287 assets.ubembed.com — Cisco Umbrella Rank: 9437	51 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 16565	36 KB
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 69818	798 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2056	256 B
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 37162	685 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
1	unsplash.com views.unsplash.com — Cisco Umbrella Rank: 29995
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 114	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 23742	245 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	27 KB
1	welldaily.com 1 redirects go.welldaily.com	2 KB
1	transformationinsider.com 1 redirects links.transformationinsider.com — Cisco Umbrella Rank: 417402	729 B
171	39

	Domain	Requested by
41	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
13	fast.wistia.com	pages.upwellness.com fast.wistia.com
9	a.clickcertain.com	5 redirects pages.upwellness.com a.remarketstats.com a.clickcertain.com
7	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.facebook.com	pages.upwellness.com
6	io.v2.customerlabs.co	cdn.js.customerlabs.co pages.upwellness.com
5	embed-fastly.wistia.com	fast.wistia.com
5	www.google.de	pages.upwellness.com
5	www.google.com	pages.upwellness.com
4	live-visitor-counts.herokuapp.com	cdn.useproof.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	connect.facebook.net	pages.upwellness.com connect.facebook.net
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	api.useproof.com	cdn.useproof.com
2	secure.adnxs.com	2 redirects
2	pixel.tapad.com	2 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	180470.t.hyros.com	180470.tracking.hyros.com
2	ct.pinterest.com	s.pinimg.com pages.upwellness.com
2	sp.analytics.yahoo.com	pages.upwellness.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	pages.upwellness.com
1	pipedream.wistia.com	fast.wistia.com
1	distillery.wistia.com	fast.wistia.com
1	analytics.proofapi.com	cdn.useproof.com
1	cm.g.doubleclick.net	1 redirects
1	i.liadm.com	1 redirects
1	www.gstatic.com	cdn.useproof.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	a.remarketstats.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	views.unsplash.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	embed-ssl.wistia.com	pages.upwellness.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	www.googleadservices.com	www.googletagmanager.com
1	events.ub-analytics.com	pages.upwellness.com
1	180470.tracking.hyros.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	cdnjs.cloudflare.com	pages.upwellness.com
1	upwellness.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	pages.upwellness.com
1	go.welldaily.com	1 redirects
1	links.transformationinsider.com	1 redirects
171	62

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
www.upwellness.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-24` - `2023-03-03`	a year	crt.sh
store.upwellness.com R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
tracking.hyros.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
cdn.js.customerlabs.co Amazon	`2021-10-28` - `2022-11-25`	a year	crt.sh
embed-ssl.wistia.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
hook.customerlabs.co Amazon	`2021-12-13` - `2023-01-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-11` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
t.hyros.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
embed-fastly.wistia.com R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-28` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.herokuapp.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Frame ID: 5E9A9B64739A22A3CFDF120EA0B4182E
Requests: 158 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 0EC50A6347263125DC93539B3842A200
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: D272F868F8DA700B1ACBB0E206105FE5
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&cn=DE
Frame ID: A7C8748AD0D88D565A1113C0B21CFCA5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.transformationinsider.com/a/1165/click/12667/8788493/c786eb17cd78e28387590016debf4e75d838dc54/34ded52b... HTTP 302
https://go.welldaily.com/aff_c?offer_id=67&aff_id=56&aff_sub=goldenfs528 HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFF... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

171
Requests

96 %
HTTPS

38 %
IPv6

39
Domains

62
Subdomains

53
IPs

7
Countries

5760 kB
Transfer

9056 kB
Size

50
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.transformationinsider.com/a/1165/click/12667/8788493/c786eb17cd78e28387590016debf4e75d838dc54/34ded52bafc4ff47c94c739d078398666c8b0079 HTTP 302
https://go.welldaily.com/aff_c?offer_id=67&aff_id=56&aff_sub=goldenfs528 HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://rp.liadm.com/j?dtstmp=1654122886726&aid=a-057g&se=e30&duid=f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv&tna=v2.3.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1654122886726&aid=a-057g&se=e30&duid=f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv&tna=v2.3.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D&n3pc=true

Request Chain 135

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202 HTTP 302
https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc%2dgrplus%2dfps&partner_id=cl4975ot4arrr6b27d85e4%2d7bc0%2d426b%2db1c5%2d6aad719a5202 HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

Request Chain 151

https://a.clickcertain.com/px/ta/?ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=ec399de2-be9f-4c94-ae77-18e1106dc883

Request Chain 152

https://a.clickcertain.com/px/r/?ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d53dcbbcb%25252db9f8%25252d4e0e%25252d88ff%25252dfdc0e0ec88b8%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d53dcbbcb%252db9f8%252d4e0e%252d88ff%252dfdc0e0ec88b8%2526anx_uId%253d%2524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d53dcbbcb%2db9f8%2d4e0e%2d88ff%2dfdc0e0ec88b8%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D53dcbbcb%2Db9f8%2D4e0e%2D88ff%2Dfdc0e0ec88b8%26anx_uId%3D%24UID&google_gid=CAESEIvuggIo-js_Qr4WVp3nABk&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&anx_uId=859952109353106709

171 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-fps/
Redirect Chain

https://links.transformationinsider.com/a/1165/click/12667/8788493/c786eb17cd78e28387590016debf4e75d838dc54/34ded52bafc4ff47c94c739d078398666c8b0079
https://go.welldaily.com/aff_c?offer_id=67&aff_id=56&aff_sub=goldenfs528
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

309 KB
36 KB

264ms
52ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fccf6afe7127d654c4214d2028434cb1d748aa2e6cdc59281771a5029fdfe999

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-location: https://pages.upwellness.com/uc-grplus-fps/
content-type: text/html; charset=UTF-8
date: Wed, 01 Jun 2022 22:34:45 GMT
etag: "an:56122c80a9b9284e3361a3a29717374b"
last-modified: Tue, 17 May 2022 15:31:38 GMT
link: <https://pages.upwellness.com/uc-grplus-fps/>; rel="canonical"
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: 6d2c7105-ebae-455a-91f2-47af4209ed5f
x-unbounce-variant: an
x-unbounce-visitorid: 9e6809f8-6b54-4f3f-8e4e-25081e8cd3ff

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 01 Jun 2022 22:34:45 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 1026b50a98f73b86c26777936026a3
X-Request-Id: bbf781b7db8e67094624e23e815f8d48
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 139ms
39ms Stylesheet
text/css 108.157.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 01:08:10 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:12 GMT
server: AmazonS3
age: 509197
etag: "8a6914b8829d3f926055f689771fe755"
x-cache: Hit from cloudfront
x-amz-version-id: KMvcis7.L0zEYzi_9UIlTjJ2K9lUXHro
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: xck381Xzcr3hpmyTebLvn3m_W_w6-gO0wB-TP2XhFRwaqMAnJr44sA==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 126ms
37ms Script
application/javascript 2600:9000:2057:1a00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 2584569
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control: max-age=31536000
date: Tue, 03 May 2022 00:38:38 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1856
x-amz-cf-id: 9_SJtP8ub48sbpbW6qBXAuPxyt4oEEeLR3gAk96Yezeo3hSlZ1DLDA==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 267ms
156ms Script
application/json 151.101.1.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa7af3924cbe69d87bcd64794ee9db9712d0758df854f6e3426ea6b25058a60e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: none
x-amz-apigw-id: TEFtCFuQjoEFqQA=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 183ms
97ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a03fbadd85c5f82aaf50cd93da59c7da6ee77af9cfadf4b6942bf632e939d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43166
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 260ms
46ms Script
application/javascript 2600:9000:224a:ee00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:ee00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9347d3aaadb43b6005f5f6a7a5eddc2d020276790782456d7bc5a62f8a233068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 04:07:08 GMT
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
age: 66458
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: Ggv1u4SPjukZc2DlEL2WaJD3cRkqHDSpPI-PRVI9WG-BV4rXtot90A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 203ms
117ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af2f2db42aea8bd5b967be53d6193efffe266754fb2b6fe8d63986ae98ef450e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43228
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
43 KB 134ms
48ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e224271c6362dce72fe162fc9d7cc9bb09e3f276d8e9e8f9f92018f006af94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43198
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 e8xcaqkjm4.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 224ms
132ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5418c544d3132cc415e4caf9080d058c3089da7a98fa15ca47d443f23f7d6444

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 24637
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1827
x-request-id: d45b88e19633a91418b5540aed2c7fef
x-served-by: cache-iad-kiad7000038-IAD, cache-fra19137-FRA
x-runtime: 0.054948
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1654122886.315353,VS0,VE93
etag: W/"5418c544d3132cc415e4caf9080d058c"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 102
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 596 KB
110 KB 131ms
39ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

efa218a68e4ac4f0b0bf198a710c83e051aaa5b7d2f9fbe6f2dece15456ae6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 1483
x-cache: HIT, HIT
content-length: 112679
x-served-by: cache-iad-kcgs7200132-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122886.315500,VS0,VE0
etag: "6297a192-1b827"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 57

GET
H2 200 swatch
fast.wistia.com/embed/medias/e8xcaqkjm4/ 5 KB
5 KB 147ms
128ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
access-control-request-method: *
age: 24637
x-cache: HIT, MISS
content-disposition: inline
content-length: 4891
x-served-by: cache-iad-kjyo7100125-IAD, cache-fra19137-FRA
access-control-allow-origin: *, *
x-browser-version: 102
last-modified: Tue, 05 Oct 2021 16:24:56 UTC
x-timer: S1654122886.315377,VS0,VE89
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31535991
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H/1.1 200
OK jquery.min.js Show response
upwellness.com/services/scripts/jquery/ 87 KB
31 KB 673ms
277ms Script
application/javascript 208.83.60.221
AXXA-RACKCO

General

Check archive.org

Show headers Download Go to

Full URL: https://upwellness.com/services/scripts/jquery/jquery.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 208.83.60.221 , United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: public
Date: Wed, 01 Jun 2022 22:34:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2020 19:48:41 GMT
Server: nginx
ETag: W/"5fbd6399-15d84"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Wed, 08 Jun 2022 22:34:46 GMT

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
809 B 779ms
137ms Script
text/javascript 54.157.50.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.50.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-50-116.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 650ms
138ms Script
text/javascript 54.157.50.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.50.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-50-116.compute-1.amazonaws.com

Software

Apache /

Resource Hash

fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 744

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 124ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3415075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27198
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtyxemOegKNCUBxE9%2FIAMIJpKIPmGogonqsNGpnss%2BbzHMdgWU%2FYdVzkTnfQcIvzR7iTLJbg9l6tVIvcaEvwrhHBJnhMZXIhY5PN%2FQdKLkjVVQTBOLQXHLaW3XlyyUNdH5uzOWRQGpIIymmTpbT%2FK%2BX4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 714b6b275b6c68f5-FRA
expires: Mon, 22 May 2023 22:34:46 GMT

GET
H2 200 main.bundle-7a80b17.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 50ms
49ms Script
application/javascript 108.157.4.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 15:50:20 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 15:25:07 GMT
server: AmazonS3
age: 1838667
etag: "115451db447a15fd94ca1eec82178c7c"
x-cache: Hit from cloudfront
x-amz-version-id: hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 33491
x-amz-cf-id: tZlw-1qrjng4zS6qo45NyAaFnJfYElR-WqrotPq0JKhm0KgVjyqt8Q==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 147ms
56ms Script
application/javascript 2606:4700:3033::6815:40e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11028602
cf-ray: 714b6b2899aa9bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: C2bKzPLzr8tFy6H1mpZJ6cCqpFvxMv3ACSwY+pxPdyilSTpxYnhBFhOsQoQ+yVNFXtmnxTw3q/w=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1SwpDo378tn1KGSgnqhzXJf%2BppwzDkHqQItSJH3oLVsmIebs2IZ9aFMbv8hYwamDR9doRRVNyhKKGlGmnxNobAs4lmD7psDRA5acEcxAkH20neXEFJtFwi0bzpTK0jzeRTiQIMJGh%2BCove5kRl5"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: SK3QE54M310A8NZ7
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 288ms
50ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 130ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: V0R3Q7CBN0V4TKC8
x-amz-id-2: fe1RjyXcpQbTM5N7sfwOCyETqr4dl/U5dIzuUDLfXuD/Cy9gD94jlZ60y5vSEH7T3uw4UupV5lU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 55 KB
17 KB 123ms
38ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743ab7f32bf8962f8809d0a13f12daa86c5559b97e9b0e3d5ee1207ef3637d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: Gruji.z1dlf43oQ_R0VHA_Iv6gJfZVv.
content-encoding: gzip
etag: "0909feb11282eb3f04ef947a1542138f"
age: 154
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17392
x-amz-id-2: N4hYzKNjZKVTcdIai+Wbk/hxWJ3PPKv9SfcGRhvmg74fsaT02YCTIXe97DS1NLi/AOaCIqzDhmU=
x-served-by: cache-hhn4027-HHN
last-modified: Sun, 29 May 2022 11:16:06 GMT
server: AmazonS3
x-timer: S1654122887.531623,VS0,VE1
date: Wed, 01 Jun 2022 22:34:46 GMT
vary: Accept-Encoding
x-amz-request-id: QAG8PPA77X0MKG8Q
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 58
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 159ms
53ms Script
application/x-javascript 2.20.157.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.165 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-165.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:34:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Wed, 01 Jun 2022 22:54:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
54 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9057bbd37e00fe47f019490f051ad20d06883dd6d160b656b7c96a293003eac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54909
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 universal-script Show response
180470.tracking.hyros.com/v1/lst/ 22 KB
23 KB 562ms
269ms Script
text/plain 23.23.180.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://180470.tracking.hyros.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.180.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-180-42.compute-1.amazonaws.com
Software: /
Resource Hash: 525e23ae0c019205f499f968d18a2ddc4d3c96aec594cf3c670a8272d65d4133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
access-control-allow-credentials: true
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 43ms
43ms Script
application/javascript 2600:9000:2057:1a00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 17:27:36 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 7621631
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: uNqfvDzrqlwtjZuplm74dvPUufM9UlJkJTUPbdAOF9EVr37FhxSnmg==

GET
H2 200 e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 42 KB
42 KB 145ms
48ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:30:49 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:44 GMT
server: AmazonS3
age: 4773838
etag: "e3753887ecf5fb15513cde566e26a803"
x-cache: Hit from cloudfront
x-amz-version-id: Z5ZbDte3duHgAQ9DwnR30H3qurpKnGHG
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 43016
x-amz-cf-id: 0bu6cARNrcAYMIDy3Xosyx1uwSP8ChyxY_QJsa-3CEqBXD5aUxxnKw==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_11zg0lr1hc0lr091000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 127 KB
127 KB 47ms
47ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11zg0lr1hc0lr091000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ba3146086ee3271b26b28f6e3577cc88fadfc95e76451965130684cbaa2605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 06:09:29 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:44 GMT
server: AmazonS3
age: 4465518
etag: "3836011531a3f61745e1b13f8c533f1d"
x-cache: Hit from cloudfront
x-amz-version-id: zDyn0nKx3Rz_g4hkhvWdr1jCbQ6udZsO
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 129990
x-amz-cf-id: 6GMAlIDwajLFGLs9rEFsytzICFhlh8q-UUQBeyLtaQ_mQVakgefCyA==

GET
H2 200 cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 34 KB
35 KB 79ms
79ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 06:09:30 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:44 GMT
server: AmazonS3
age: 4465517
etag: "57ad6757695bd394d132dffc6cf3d1fd"
x-cache: Hit from cloudfront
x-amz-version-id: 8x6oyAKzgl0m_YFd9lh7p9AgbCYDYEIu
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 35034
x-amz-cf-id: yr58henkCI5lA3ObppGBIbfAtMGKwi4SanJ2EIGAAyQa5IrI-EmkiQ==

GET
H2 200 a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 185 KB
186 KB 518ms
517ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "ce5156cacf580d0e35ff189b67aacfbc"
x-cache: Miss from cloudfront
x-amz-version-id: SfXTItKQ7zhnR46UN_x49LSvZKiDCHdV
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 189879
x-amz-cf-id: 1vaar4MW-3Y7o0YT8-vOIF6DjpHwxOauuOSSrFe8q4cTkNmIeTL4Ow==

GET
H2 200 aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 167 KB
167 KB 166ms
165ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:12 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467675
etag: "981ccd318264bd584234aaec828d43ce"
x-cache: Hit from cloudfront
x-amz-version-id: UN4WShTT_373IUZ8_sKae45LBXvjEidz
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 170550
x-amz-cf-id: NimwZygh_WcjxNFHl-LC1mN_UFr5cOyr5SIj-GuV3_IVhKryzuKWng==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 91 KB
92 KB 128ms
127ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 06:29:36 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 749111
etag: "fc4db20401afee8c48e1ca79db0f0ec7"
x-cache: Hit from cloudfront
x-amz-version-id: 8WwjRRTPJ34e7C2ZeWUR1d3P29oKv0z7
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 93607
x-amz-cf-id: QnYRaXIR2VC5fl4huIUZQxuqliqBFp3tKW6hLyqIV3XvkOp4-ZyCAA==

GET
H2 200 f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 393 KB
394 KB 113ms
113ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 19 May 2022 03:34:06 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 1191641
etag: "056ca93a156b7b1ffad3e735ce3b7550"
x-cache: Hit from cloudfront
x-amz-version-id: pNV9z.MiaHCI4ZkCfopcZMzMaRRF4H4l
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 402177
x-amz-cf-id: iEMw6eaxsOAbz-iVMwvbws31-mhN1aPUNFRDm_NWtNefRBh2rjBGNA==

GET
H2 200 5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 117 KB
117 KB 109ms
108ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 08:14:41 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 310806
etag: "3e061c61f1b29bc2e19ae6c9a78f8819"
x-cache: Hit from cloudfront
x-amz-version-id: MsD5WpO_q80.o81aaU8l6VDGALAqEsZJ
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 119389
x-amz-cf-id: n8t_jacc9taZc01_hXQuhoDFT0G1RiQ1yOp5ljYoo1T0cYyQA6NbSg==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 407ms
130ms Image
image/gif 52.204.197.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1654122886310&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=4da355ca-6bf7-4504-90e5-63c54d4d9201&dtm=1654122886309&vp=1600x1200&ds=1600x17191&vid=1&sid=16fefb32-18af-4ffe-9ed9-a5b73612c551&duid=b5c627da-bd5d-47b9-8423-e50f27aea6df&uid=9e6809f8-6b54-4f3f-8e4e-25081e8cd3ff&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNmQyYzcxMDUtZWJhZS00NTVhLTkxZjItNDdhZjQyMDllZDVmIiwidmFyaWFudElkIjoiYW4iLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.197.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-197-236.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Jun 2022 22:34:46 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7519982f0e0ee6f0991c5e91078c5c38f8ceba49b7fdd1028bdbaab6ff96ba1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43169
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4609f86ac27ed0b4ed9b4f27965479055f736b947d99724943eb54ecfc7cc4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43369
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 128 KB
32 KB 40ms
40ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70dfb68acf5394a32f905a827bb12850157288d32da5ea6aef3e62ca011cab06

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 1482
x-cache: HIT, HIT
content-length: 32611
x-served-by: cache-iad-kjyo7100083-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122887.522198,VS0,VE0
etag: "6297a192-7f63"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 25

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 154ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

951a3f149026bb8e5b224330b22e0be9771302d9f2c7461ca3b7d83900bff22f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14799
x-xss-protection: 0
server: cafe
etag: 13663081621700740891
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 69 KB
19 KB 40ms
40ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

719b94ca3000c7a37264171a9ba14d20f08cda018d538e8739ca601a965ffc28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 1482
x-cache: HIT, HIT
content-length: 19672
x-served-by: cache-iad-kjyo7100143-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122887.559906,VS0,VE1
etag: "6297a192-4cd8"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 151ms
47ms Script
application/javascript 108.157.4.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-69.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 676153
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: iSBgxBcoo9m95lQ2gMWeoB59hhpgFbBQ5klhnYU9w5t2GEWGtx5yWg==

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 83 KB
26 KB 41ms
40ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1a0e973ba77e8e3be4265d7aa18709edc83c4d5ec34d9a102e6299a57cb2550

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 1478
x-cache: HIT, HIT
content-length: 26590
x-served-by: cache-iad-kiad7000161-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122887.580599,VS0,VE1
etag: "6297a192-67de"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3600
date: Wed, 01 Jun 2022 21:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 01 Jun 2022 23:34:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3f17a543eb305b7c308dc5f78a35bf4b43f11fff5920d6850c2ed16924cada0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43226
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:58:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 149 KB
150 KB 154ms
44ms Script
binary/octet-stream 65.9.58.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-146.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 087e0660a490a774f3237db06880cc45d5d57b5ff1ec781558318ced2f70f58f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:29 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
age: 18
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 152551
last-modified: Wed, 01 Jun 2022 14:48:46 GMT
server: AmazonS3
etag: "ff2c8c51575f45f91ec05d2d9292214b"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: e5tWjQ7hPae90U25PVovKe3MzsosgtmV
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: AIztqjuEK_EKjPBHY1E0ZM3FYhfr_tCeKrqFOyWEvwJRhe342tg_gw==

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 2 KB
1 KB 61ms
53ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1654122886575&data=%7B%22id%22%3A575%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1654122886571%2C%22cv%22%3A%2220220526-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1654122886574%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A6%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c1bb8c751a457c0eaabf84b52c377aa0d30ee25bd0018b890daf79ec1a071c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
server: nginx
x-timer: S1654122887.675703,VS0,VE16
x-served-by: cache-hhn4027-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
684 B 114ms
40ms XHR
application/octet-stream 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:30:19 GMT
x-content-type-options: nosniff
age: 43468
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 2K61XQ8VBBSXW17Z
x-amz-id-2: G+c2D8FtSdHrA6EIpxo2jcnvfh1MaE19QkX9HTjsYR1GV9HKDRK7/oB0vLP+aaXFS7oN5lI2Di0=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 23 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 18 Aug 2021 21:49:32 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: 5lqV4GvMTyzNl0lqaN8QODBV_nzn4eKl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
376 B 115ms
40ms XHR
application/octet-stream 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:32:14 GMT
x-content-type-options: nosniff
age: 153
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 7SM65JK4QVBR66BG
x-amz-id-2: vcuygBlq6nKHAhy2y0LS3wPLvJ+ZTv2G3IhhE/eRyEEPYxgkNCNEbDl6m2NdFUeEXYLJ8nwMWgY=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 19 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 14 Jan 2022 20:54:46 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: fa2aBktS.tlgTipU0DLTD9VeWF6_YTMO
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 529ms
123ms Script
application/javascript 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:34:47 GMT
content-encoding: gzip
X-TraceId: 51209d557b28372cc49951e72bda0b13
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 499ms
122ms Image
image/gif 70.42.32.255
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00e83052a71a1dff3bc62d5d40765808fc&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&optOut=false&bust=02157599891327937
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:34:47 GMT
Cache-Control: no-cache
X-TraceId: 8c39b4a24f5fe4e10e2db7405f0c2d50
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 0b76a8eda7c331eb805ad8af326f611e.png
embed-ssl.wistia.com/deliveries/ 96 KB
96 KB 132ms
38ms Image
image/png 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/0b76a8eda7c331eb805ad8af326f611e.png?image_crop_resized=1920x1078
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b90e38dd2aa08c8139aeee43da365d7102cf53ab93c7cbea00adeabd345470ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 3080964
edge-cache-tag: 0b76a8eda7c331eb805ad8af326f611e
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 97977
x-served-by: cache-iad-kcgs7200045-IAD, cache-hhn4053-HHN
last-modified: Thu, 23 Sep 2021 14:58:31 UTC
x-timer: S1654122887.814386,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1654122886726&aid=a-057g&se=e30&duid=f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv&tna=v2.3.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessio...
https://rp4.liadm.com/j?dtstmp=1654122886726&aid=a-057g&se=e30&duid=f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv&tna=v2.3.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessi...

13 B
552 B

470ms
126ms

XHR
application/json

34.202.82.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1654122886726&aid=a-057g&se=e30&duid=f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv&tna=v2.3.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D&n3pc=true

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Server

34.202.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-82-185.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
x-pixel-event-id: e197fdde-8859-4fd0-905e-e945561f34c9
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 929db521ecaf91ef
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Wed, 01 Jun 2022 22:34:47 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1654122886726&aid=a-057g&se=e30&duid=f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv&tna=v2.3.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://pages.upwellness.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: b95ab2b4aa317099
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 407 KB
96 KB 40ms
40ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ec2cff551c6e6e7c6db7fd10e25e076affb8273fb65ebaaeef036bc84ac12a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: br
vary: Accept-Encoding
age: 1482
x-cache: HIT, HIT
content-length: 97572
x-served-by: cache-iad-kjyo7100037-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122887.749918,VS0,VE0
etag: "6297a192-17d24"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 14

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 196ms
59ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2001%20Jun%202022%2022%3A34%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:46 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 195ms
59ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:46 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 01 Jun 2022 22:34:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 2 KB
1 KB 134ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1654122886769&cv=9&fst=1654122886769&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828010181365cab7e56baf6a4b01dc2af51b11a92fadb3f5f19c559a3ec41762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 2 KB
1 KB 133ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1654122886773&cv=9&fst=1654122886773&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9edb3d4d37b5d6ac28f482db2189c064139d40cd810292140e739a2767b821a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 2 KB
2 KB 73ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1654122886774&cv=9&fst=1654122886774&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e223e4423f992400881665a705169bf5288b41405ca1dc302e4bdd8e80eafd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 2 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1654122886775&cv=9&fst=1654122886775&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad42f8ead2ab14f2ee2646505819ed6dbf44ccb002860749d70065b66dbc8d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 49ms
49ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 144ms
47ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28307243-3&cid=1282813134.1654122887&jid=505488055&gjid=1782994354&_gid=1620269703.1654122887&_u=YGBAiEABBAAAAE~&z=1560651858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Jun 2022 22:34:46 GMT
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 114ms
37ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=758886147&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=505488055&gjid=1782994354&cid=1282813134.1654122887&tid=UA-28307243-3&_gid=1620269703.1654122887&gtm=2wg5p1M3S986P&z=600305944

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 14:21:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29588
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 1 KB
2 KB 212ms
129ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

060e0a7782c4fc23e8fabb646adf4a06ce2617396b73fd0b9ef1aaeafed44fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1110
x-request-id: 21f01e9707093cbce53c6f4e9950f377
x-served-by: cache-iad-kiad7000029-IAD, cache-hhn4034-HHN
x-runtime: 0.033118
referrer-policy: strict-origin-when-cross-origin
x-timer: S1654122887.955585,VS0,VE88
etag: W/"060e0a7782c4fc23e8fabb646adf4a06"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 102
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 124ms
41ms Image
image/gif 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:46 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 5083
x-cache: HIT, HIT
x-cache-hits: 1, 235
content-length: 1214
x-served-by: cache-iad-kcgs7200083-IAD, cache-hhn4034-HHN
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 21:01:36 GMT
x-timer: S1654122887.955568,VS0,VE0
etag: "6297d3b0-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK firstVisit
io.v2.customerlabs.co/cl/ 0
331 B 576ms
175ms Ping
text/plain 54.158.193.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.193.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-193-187.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 01 Jun 2022 22:34:47 GMT
Server: nginx/1.12.1
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
331 B 594ms
137ms Ping
text/plain 54.158.193.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.193.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-193-187.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 01 Jun 2022 22:34:47 GMT
Server: nginx/1.12.1
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 122ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: qyMJZeBLOM3sB8i0STDmVGxExlIpycaKq6MjgbucVAE7mmGC8gcr/XTbej8J3yAyzy7QUorlQbqwfwyxDR6LYw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 01 Jun 2022 22:34:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 482 B
834 B 219ms
78ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1654122886883

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.966656b8.1654122887.ae158e52
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1148912643971764
pin-unauth: dWlkPU16Vm1Oak15WWpJdE0yVmhZaTAwTm1ZMUxXRmlPR010T0dJNFltSmlZVGxsWVRSag
access-control-allow-origin: https://pages.upwellness.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 199ms
79ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654122886889

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.966656b8.1654122887.ae158e65
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1722784994835023
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
548 B 131ms
48ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1654122886774&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=3231060934&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
548 B 140ms
48ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1654122886774&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=3231060934&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 106ms
49ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1654122886769&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=3611266384&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 95ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1654122886769&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=3611266384&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
108 B 51ms
50ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1654122886773&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=2611101250&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
108 B 54ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1654122886773&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=2611101250&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 49ms
49ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1654122886775&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=1790574841&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 49ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1654122886775&cv=9&fst=1654120800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&async=1&fmt=3&is_vtc=1&random=1790574841&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28307243-3&cid=1282813134.1654122887&jid=505488055&_u=YGBAiEABBAAAAE~&z=965681693

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
48ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-28307243-3&cid=1282813134.1654122887&jid=505488055&_u=YGBAiEABBAAAAE~&z=965681693

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 22:34:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 214 B
883 B 170ms
169ms Script
text/javascript 54.157.50.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-fps/%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.50.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-50-116.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c85e945fe620ada959dd13e3bb212f7402b44508b6540205f21e1d1e4fa56fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 144

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 81ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.61

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: 222cWawIGqxiuYbc4KCD6GqDL++ngmAg/kTmgU+51Zjkij9kaN85HU8hXDZUi6QSi6ubmUmDTSTx+mkwrbQq9A==
x-frame-options: DENY
date: Wed, 01 Jun 2022 22:34:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 302615157369859 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 133ms
91ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39364720de3b58603d538cc4826f9a710bb834b1c7ca4ba4f04b9606e397159b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 7Yk8Zy58k212W2t+gqxuMOGRhnuFDdAyzgZiX5IdNiSOxRt7Ix0+3nftxd6jQEEI1xTIofLGpV7VyAsdcJYYeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Jun 2022 22:34:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654122887144
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gusid Show response
180470.t.hyros.com/v1/lst/ 32 B
282 B 374ms
126ms XHR
text/plain 34.226.127.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://180470.t.hyros.com/v1/lst/gusid?
Requested by: Host: 180470.tracking.hyros.com
URL: https://180470.tracking.hyros.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.127.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-127-56.compute-1.amazonaws.com
Software: /
Resource Hash: 85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
Product-ID: 180470

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 32

OPTIONS
H2 200 gusid
180470.t.hyros.com/v1/lst/ Frame 0
0 389ms
125ms Preflight
application/vnd.sun.wadl+xml 34.226.127.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://180470.t.hyros.com/v1/lst/gusid?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.127.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-127-56.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: HEAD,GET,OPTIONS
content-length: 1432
content-type: application/vnd.sun.wadl+xml;charset=utf-8
date: Wed, 01 Jun 2022 22:34:47 GMT
last-modified: Wed, 01 Jun 2022 22:34:47 UTC

GET
H2 200 v2 Show response
embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 14 KB
1 KB 146ms
43ms XHR
application/vnd.apple.mpegurl 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8d1681e3c3ca6886aba34a58fdaada7e0ca7de75f600d036e3821d23e8abcceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
content-encoding: gzip
age: 1248337
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e purge-experiment-8e
access-control-request-method: *
x-cache: HIT, HIT
content-length: 624
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kiad7000154-IAD, cache-hhn4050-HHN
expires: Thu, 18 May 2023 11:49:10 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1654122887.197558,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 5 KB
3 KB 190ms
80ms Script
application/javascript 108.157.4.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-113.dus51.r.cloudfront.net

Software

Resource Hash

820f597e9a54db706b20700f4a654d076e211c595dd47e2bada1006811c58940

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 31
etag: W/99bd674174a55c557e2973571817ef35
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 66kHUJnar7izDgX_4JSGYPHOrd2vvC0xd1AKmI8UboxPivLnahNI0Q==
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 276ms
166ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F6ED13AB43CA4C4E8E997918B8522C5F Ref B: FRA31EDGE0607 Ref C: 2022-06-01T22:34:47Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 01 Jun 2022 22:34:46 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 v
views.unsplash.com/ 0
0 143ms
33ms Image
application/json 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.unsplash.com/v?app_id=27955&photo_id=0tgmnmiyq9y,0tgmnmiyq9y,0tgmnmiyq9y
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
BLOB 200
OK 0cd7b790-c892-49c5-9840-cf0a1bd731c0
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/0cd7b790-c892-49c5-9840-cf0a1bd731c0
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f84a771bbadae289610c591ce480f839803ea194f0fa99460e488c8710812292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 22:34:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 22:34:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 22:34:47 GMT

GET
H2 200 2181c4f3-upwellness-logo_104201o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 4 KB
4 KB 42ms
41ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2181c4f3-upwellness-logo_104201o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "7b6c725ae1e3af92af160df87ba31720"
x-cache: Hit from cloudfront
x-amz-version-id: _4udNO05AHVb3q8PJNeE_Yw1LrAU4hpW
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 3678
x-amz-cf-id: ygwUCLBnTlGYbfguQAhOS6KkxrRyU4VxyLN2KaC_SZukZTJCoDAPvQ==

GET
H2 200 32f07f71-whitecheck_100p00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 542 B
932 B 41ms
40ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100p00w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 07:31:01 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 313427
etag: "4825b4ea0d4c880b6307c2e7132ee9a6"
x-cache: Hit from cloudfront
x-amz-version-id: 7qJ3LPPiped.sJWsSKD4inryFIvlT8xy
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 542
x-amz-cf-id: Hh7gjeC4033Mcpv7hPaBaAap4t-BgVQvxJx62pclojxs6MBzXfPHsg==

GET
H2 200 95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 55ms
52ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 06:20:07 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:43 GMT
server: AmazonS3
age: 4464881
etag: "65bf040063564f89972c66052d155a51"
x-cache: Hit from cloudfront
x-amz-version-id: Ha7mjsQX6dZD_Rz9WbnqyLKJAVZL9cQg
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 16499
x-amz-cf-id: PU8fn4Wai5QWf4boECJsMW7WgQ7Jwn1nMhB6TPH9kNVDgcMlpCszCw==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 3 KB
3 KB 46ms
40ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "88263fec2db483b6e115f831a65022a9"
x-cache: Hit from cloudfront
x-amz-version-id: .wKGY4fhBkKDteoUY36BJ0bGUVtn_XvD
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 2981
x-amz-cf-id: 0woPR5wXe45I398fUFunDeAhBpPk7a8nfnHwz_bLmne9wxYXZZ3pcg==

GET
H2 200 ac1a08cd-inflammation-1_108t09u08b09p009005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 44 KB
44 KB 44ms
38ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ac1a08cd-inflammation-1_108t09u08b09p009005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "359ed3bb81729f290b18d9b109cf06a1"
x-cache: Hit from cloudfront
x-amz-version-id: AdRLcmYgDxhqYnbmS.JhK7EvyghsceeT
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 44857
x-amz-cf-id: GiTyrsOLYce2qCsJdm5aU-smQlfXfTeHHxHvOedgBMJjxEtJPvw95Q==

GET
H2 200 4cac7528-white-215136347-1_10dm0c7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 46ms
40ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/4cac7528-white-215136347-1_10dm0c7000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "816661072aa7266a68ff0387b3c14c4e"
x-cache: Hit from cloudfront
x-amz-version-id: YZCv4.s7sbBkBVnOGTjaRMJ.1aQ2_06g
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 27101
x-amz-cf-id: ETIob5sCQZDx3dReKdvjvLMXM7IV0aoxTR1ENIrXXp1z7rRNK7apBA==

GET
H2 200 100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 23 KB
23 KB 51ms
45ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 14:46:20 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:43 GMT
server: AmazonS3
age: 4693708
etag: "9e943cd62e2bfe0bc4e138564aa93a3e"
x-cache: Hit from cloudfront
x-amz-version-id: WdwX9cklbpYQWouO5B4bLTfWmBGpRKVr
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 23241
x-amz-cf-id: zM0b2tzo0RbFT8ZYtq_CaWU53bo2Yz_7DQZzbp-XfHBwAcLGl-y3RA==

GET
H2 200 55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 92 KB
93 KB 49ms
43ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "49e2d3fbfeb102084be57d44c2246bb6"
x-cache: Hit from cloudfront
x-amz-version-id: Df8tbWVkWhSvcwDYzwCLqzd78iw0rD2H
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 94271
x-amz-cf-id: heP4DDZ9r_gjeei98Hq_EpBBoQdqo0VImPwmAMjcUfvVLFOQa4ZM5A==

GET
H2 200 d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 22 KB
22 KB 49ms
44ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "4b457e95483072fff9080800977a4a8c"
x-cache: Hit from cloudfront
x-amz-version-id: 38U3lEM0B8srocaqMSN6sLZip7GZ3pkC
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 22266
x-amz-cf-id: R72gXBbhK6JpU-turRvQ_GnoTghLqtEPt-vn4yKBKO5NvE2e0blwRA==

GET
H2 200 bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 73 KB
73 KB 47ms
41ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 07 May 2022 10:34:45 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 21:29:28 GMT
server: AmazonS3
age: 2203203
etag: "866a3982d7193270694f5153cacfd6f1"
x-cache: Hit from cloudfront
x-amz-version-id: ..CDHfMp36NwXtNvzvB_tXHclPICH41Y
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 74374
x-amz-cf-id: dSu8ZZxdgt-wejC5eAhrnzsyOk7ls_qyaRhUYRte3Va2NMl0b5aDXw==

GET
H2 200 d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 17 KB
18 KB 102ms
96ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 19 May 2022 03:34:07 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 1191640
etag: "1ec345ee01c3de0754cc0a131de2cc90"
x-cache: Hit from cloudfront
x-amz-version-id: XjPmyTgUooN9BK3gTcUoWvtYjrbIcDAo
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 17818
x-amz-cf-id: 4JgEhnehF3-fVd9gHNwsVYUMkXtYOAuZh9xvyDTchxpWkneyIi6ogA==

GET
H2 200 a72f1bbb-lr-283136986-1_109o0en000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 51 KB
51 KB 93ms
88ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a72f1bbb-lr-283136986-1_109o0en000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "6de55b9cb1893772e0b63bbbfd24d503"
x-cache: Hit from cloudfront
x-amz-version-id: C.IAXR_JjUZl40YZ52LWSx90d4jP2Zi5
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 52060
x-amz-cf-id: rXo3KhKLY22y0sGVmY8j5Gpf8VMZmTot4zBi8WQ8GTxMVuJ73wuwiw==

GET
H2 200 708eb395-reflection-goldenreviveplus-back-updated-1_109w0o0000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 70 KB
71 KB 83ms
77ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/708eb395-reflection-goldenreviveplus-back-updated-1_109w0o0000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc7b52ad43fb41a4f89ffa8f75e9318f9e55c26e27023b4ecc632e926601c5d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 14:10:18 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:43 GMT
server: AmazonS3
age: 4350270
etag: "462af74d133e9cbdbc2ff22ffc905589"
x-cache: Hit from cloudfront
x-amz-version-id: 3oboweCu8R0AOmH2eTZG120yBitDISEx
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 71966
x-amz-cf-id: EnUdE26gNwQu27UtEQ1eBwZTvJw_DQGynXAr3QKhqMYmEZnj5HpR6w==

GET
H2 200 da77ff7b-298502280-updated-mobile-1_10e50a60dc09t00f002028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 62 KB
62 KB 81ms
75ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da77ff7b-298502280-updated-mobile-1_10e50a60dc09t00f002028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24be766d94b127f53c8c5a6a143a6e4fb61c6e9940d98dd3e5b4488bfb4dba1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:05:45 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 829743
etag: "d607db6984cfc24fba9c3c68151761e7"
x-cache: Hit from cloudfront
x-amz-version-id: P5rleD3g1Ph.hR0s3LEIl.CExQicEC6E
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 63070
x-amz-cf-id: vtSYdPRSd8sN6U9AsZyyC8qc72uYNFCc0Fv2OaoXlsqe6wC_gfZwJw==

GET
H2 200 d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 95ms
89ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "e0f67241c0cda7c8283f88e34e2a62b1"
x-cache: Hit from cloudfront
x-amz-version-id: V6Rj6eT1I2dGag_TiFiCgxo_b43C1HHE
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 26863
x-amz-cf-id: PQ5RYldpViD56i0rcTQvo4as1LXYVR7nl1TpYYHC0-EYlg2vVeHi6A==

GET
H2 200 da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 45 KB
45 KB 83ms
78ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 19 May 2022 03:34:08 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 1191640
etag: "95c55c95d92c456dd43b16b64f4b3ff5"
x-cache: Hit from cloudfront
x-amz-version-id: 0yq1be8Rh9qvNeTViYABLLrP8lnVXPAu
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 45619
x-amz-cf-id: qVliLHnw5yaIf-IECabcqaz1STsMCaWPzKc78CKPjRl6xiQ_F_u0Qw==

GET
H2 200 5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 92ms
87ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "6f566bf0ca15c5ac601a04d4b7fb5559"
x-cache: Hit from cloudfront
x-amz-version-id: _Yv2seK3Ddhng3Jb5ZU5npF68llhXJoV
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1092
x-amz-cf-id: R6h5BFrtuESP-LGqtLt7XfsylDXZhk52iKi65Xb16kZJZ4wKfYPomA==

GET
H2 200 50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 926 B
1 KB 87ms
82ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:16:29 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 21:29:27 GMT
server: AmazonS3
age: 1459099
etag: "c4dea36dfe1ed65d42e45c3b855c61e3"
x-cache: Hit from cloudfront
x-amz-version-id: UI.zv5Hz2HMBeju34Gc1QZBgSNrvTGM2
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 926
x-amz-cf-id: Yc0GOg2FCL34QGRHiI7Dm-kXgHqrw5lwbDYFm3jfJPpK6hz9A9c4jQ==

GET
H2 200 56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
16 KB 86ms
81ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "8ca90ce9d5610ced95d378903074b5dd"
x-cache: Hit from cloudfront
x-amz-version-id: Zo.W695K5PibxdYokTVlErCZQ5eAZuTB
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 16228
x-amz-cf-id: A5cJpNOl34GNh7XFhxE-ugjPevMRk3SxcQ0IONvNYhWmIhedc6KGlQ==

GET
H2 200 83bf67e0-newsideshadow-goldenreviveplus-front_10je0gs000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 53 KB
53 KB 98ms
93ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/83bf67e0-newsideshadow-goldenreviveplus-front_10je0gs000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bed441a2befb9eb7396db2cf9e2cf4d5947356a6d574683941c59e88f7915e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "4fc537bd6153faa22355b6f0d33da10c"
x-cache: Hit from cloudfront
x-amz-version-id: I9rwW5gRQVcQZEc8lOsaCxQSr71M9UVX
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 54122
x-amz-cf-id: j1j4rfdWndHCy49dfsnK9NDgxzGsSfAZDoaBbg5MsLfUeQO-xcgueg==

GET
H2 200 0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 67 KB
67 KB 87ms
83ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 09:30:57 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 1256631
etag: "8a35e1ec124590183b3b65717bbdf858"
x-cache: Hit from cloudfront
x-amz-version-id: w_ilv_nYoKh_ojcycrmfG9bUH5LJZmTy
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 68470
x-amz-cf-id: 2mljIBYTGNR9pfZpeuYoF_V3jRQ8DjdNNH6TH9jl5SIwpuPMqR09lw==

GET
H2 200 52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 308 B
699 B 94ms
90ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:05:45 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 829743
etag: "664e0b74b02a5184054577ac4e266e5d"
x-cache: Hit from cloudfront
x-amz-version-id: BN63Xv_w._dk6HGoxG8FZVs0eS2hKD_m
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 308
x-amz-cf-id: feEeynV9SR-OUObkPiJz94n7h_6RQQhXHGJGH7-7b3_Q_agE0TcfHg==

GET
H2 200 7f01bac7-five-stars-original_103m012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 778 B
1 KB 95ms
91ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/7f01bac7-five-stars-original_103m012000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "918ec8903473fef53c9ba0b9cf21cd8b"
x-cache: Hit from cloudfront
x-amz-version-id: I2ioOww4wrInjV2n08eJJXJOKwzhOwWG
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 778
x-amz-cf-id: AyuFTusBPAZiyY89bRBY2iyFnCMQ7iLfowZS0NVnO33HMPo2H5hFGQ==

GET
H2 200 5a79c55e-newshadow-goldenreviveplus-front_103p070000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 12 KB
13 KB 92ms
89ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5a79c55e-newshadow-goldenreviveplus-front_103p070000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adfbe2884a1e70d8dedec8fe8efb7bb37fe26186bf68de5e7bf9c5e77ce9a93d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "09341e435807aaea773e9529e1bd91b9"
x-cache: Hit from cloudfront
x-amz-version-id: aCcJeeynwXuf3QU1i3pd15Uy3jlAfXY2
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 12481
x-amz-cf-id: -uLw8MxDVBUdTPIgK0uuaB4oyn8uB1ulPxspoT5ZpWk4HFhpOsf8pA==

GET
H2 200 8c77d1de-rightarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1009 B
1 KB 94ms
91ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8c77d1de-rightarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "6eeccde26d2dc7f37f4370ec5f7bdef3"
x-cache: Hit from cloudfront
x-amz-version-id: 1XMg7p8JqGNxEiwPxtCjlBQ4fnTv0PKH
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1009
x-amz-cf-id: csuwbx4m8_frnCIYLnn_08Q_tsjsitPHDlJegMXn5eyS2-Si8vF8Ow==

GET
H2 200 382a6532-leftarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 94ms
90ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "38636c9904e9e46c854a0c55d99255c9"
x-cache: Hit from cloudfront
x-amz-version-id: EkZoC96nbCOQaWKoSR.sSKT12DFeZdrX
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1060
x-amz-cf-id: -Y_Lj3LOBrkhJR6IMg0Wl_0F34EvWnCQl-9MZWFR2paW3qIzyZlv8Q==

GET
H2 200 382a6532-leftarrow-angle_1046045000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 2 KB
2 KB 94ms
90ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_1046045000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 06:09:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 15:37:43 GMT
server: AmazonS3
age: 4465493
etag: "c1a8b03787621838c3a03591dad5f219"
x-cache: Hit from cloudfront
x-amz-version-id: i3dqI42OCpldDiejE530.4EwJ1T8b2n2
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1875
x-amz-cf-id: uTh50_zgOuFznSiVzdw-LqdzNBuYvVYySngbgc10m4xvmuu-MYB5pQ==

GET
H2 200 0a4cf109-rightarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1020 B
1 KB 101ms
98ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0a4cf109-rightarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "efe6e12ca3ee76495ec9ae8ee9198ca5"
x-cache: Hit from cloudfront
x-amz-version-id: swNZLvvUKQiMYmQfjnTP4OqNsWoAngmz
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1020
x-amz-cf-id: _TFpUV2EB652f8ERiADxA1JLeH3yDhtF79pIC4M6-A7ks_T_6QTsCw==

GET
H2 200 29f0369a-lefftarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
2 KB 94ms
91ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/29f0369a-lefftarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 467674
etag: "032c54654550e68afaa8897a89466d3b"
x-cache: Hit from cloudfront
x-amz-version-id: Lx2FrH_6mw99xyWbzE6pTGmIjLydIQGd
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 1155
x-amz-cf-id: gmCI1BsjDtdNAbXmQxWhnmP2Ddh81K-o33GPS9sLe89TALpufHUWag==

GET
H2 200 32f07f71-whitecheck_100m00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 464 B
855 B 94ms
92ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100m00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 08:09:54 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:37 GMT
server: AmazonS3
age: 397494
etag: "a04ce831c57d2ab68e6238b18207182b"
x-cache: Hit from cloudfront
x-amz-version-id: DOA3Ofr8nFpKR2_G3D9baJJ83QnQVP.4
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 464
x-amz-cf-id: daMyp66-ghlgiGWC3CEIN2PXbwNecyFpsmRCS74zYIpaDYfg_v0IjQ==

GET
H2 200 83bf67e0-newsideshadow-goldenreviveplus-front_10i50fp000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 48 KB
49 KB 94ms
92ms Image
image/png 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/83bf67e0-newsideshadow-goldenreviveplus-front_10i50fp000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff143c291c62df2ad1db365e1d64b4f10fee4a37cf37447ca095d0e660c400bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 12:40:14 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 467674
etag: "cfe7528ffceb839b4c13d4cfaedcbb98"
x-cache: Hit from cloudfront
x-amz-version-id: 0cG8gzG78M4CPYD3Za.xwL3pjRA65gwO
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
content-length: 49413
x-amz-cf-id: E98qTroLbHAJlVLAnMpunHNgBoep24kkS-FtaEiA45IJq1y3Cl0FjQ==

GET
H2 200 70db8b32-gr-charleyhull-color-square1643654151841-1646087587850.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 382 KB
383 KB 96ms
94ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/70db8b32-gr-charleyhull-color-square1643654151841-1646087587850.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 042095a945a89bdee47dce9e27f452ee539aaa495f247e0967ae28ef37ac8d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 06 May 2022 17:35:02 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 17:32:43 GMT
server: AmazonS3
age: 2264386
etag: "eebff3d5cbe85e83397993d25c26a739"
x-cache: Hit from cloudfront
x-amz-version-id: 05rtAH2_7ssy.3vCoexZa3Av65utyTh4
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 391562
x-amz-cf-id: B8NApCMfRaVBkver-z3MHvYJeQiZgiZqLImUcGd_K_ghJyGE7wcaBQ==

GET
H2 200 9e30cf5c-upwellness-marketing-chrissy-oneill-co-south-florida-wedding-photographer60-1-1646922951104_10b10b100000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 96ms
94ms Image
image/jpeg 143.204.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/9e30cf5c-upwellness-marketing-chrissy-oneill-co-south-florida-wedding-photographer60-1-1646922951104_10b10b100000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-118.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 780dd06801c452a3e54f4c9571c34c58c8de41420e1c94098e122b9b5bf7ebb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 23:29:10 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 15:31:38 GMT
server: AmazonS3
age: 1292738
etag: "e740fdf442268622328ba5ff3657a223"
x-cache: Hit from cloudfront
x-amz-version-id: K2QFGopTVVZ1ge.HGg034W27L.xlEkdr
cache-control: max-age=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 16570
x-amz-cf-id: 329gZDzlSuXmeXUYQ49k6Nw2UX_OJ5gbBCPcH_TZHBMnKcQ2OnDfmA==

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 0EC5 325 B
817 B 928ms
885ms Document
text/html 2606:4700:3033::6815:40e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 714b6b2d89aa9bc5-FRA
content-length: 325
content-type: text/html
date: Wed, 01 Jun 2022 22:34:48 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXt8DVTOXc%2Baug%2FKBx7qDH3WMny8ZTZN2MosObyDsjuUTES4DeKdvnt8zKGzDY7d6wauarzYiF65siGZ9TZmJvwIaosi9CGIeK9bFarN2wRBEKXf%2FkncQNQkD%2B9c5xINGXokYTZOz9Eq1kSiXvgl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: 8svvTGsn5ILwHPmCd3qPwCyZ9er5dNWPXEkhF6XYD6YIvwqXu5RuVNbE1UJJPKc0ky3RgrGip6c=
x-amz-request-id: C9V21QH10N74WEBF
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 seg-1-v1-a1.ts Show response
embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/ 282 KB
283 KB 44ms
41ms XHR
video/mp2t 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 485f687ae27c3019133f01f973611e67985d148f86b106104e87fa04ad0dcde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 2529548
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e purge-experiment-8e
access-control-request-method: *
x-cache: HIT, HIT
content-length: 289144
x-served-by: cache-iad-kjyo7100141-IAD, cache-hhn4050-HHN
expires: Wed, 03 May 2023 15:55:39 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1654122887.283479,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 127ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&rl=&if=false&ts=1654122887280&sw=1600&sh=1200&ud[external_id]=284f6d618e5fa179ad4518caf941579afdce4c96e8a884536f9675f3f14793cb&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654122887274.333460881&it=1654122887030&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 01 Jun 2022 22:34:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 127ms
38ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&rl=&if=false&ts=1654122887283&sw=1600&sh=1200&ud[external_id]=284f6d618e5fa179ad4518caf941579afdce4c96e8a884536f9675f3f14793cb&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654122887274.333460881&it=1654122887030&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 01 Jun 2022 22:34:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 127ms
38ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1654122887287&sw=1600&sh=1200&ud[external_id]=284f6d618e5fa179ad4518caf941579afdce4c96e8a884536f9675f3f14793cb&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1654122887274.333460881&it=1654122887030&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 01 Jun 2022 22:34:47 GMT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
538 B 145ms
145ms Stylesheet
text/plain 54.157.50.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.3249937895462469&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.50.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-50-116.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
23 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 105748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:12:19 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 178ms
93ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 105998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 208ms
123ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 105998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 160ms
75ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 105748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:12:19 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 217ms
133ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 105748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:12:19 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v48/ 25 KB
25 KB 195ms
112ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:07:23 GMT
x-content-type-options: nosniff
age: 203244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:34:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 14:07:23 GMT

GET
H2 200 modules.d0961e771164cd91e405.js Show response
script.hotjar.com/ 243 KB
63 KB 149ms
43ms Script
application/javascript 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0961e771164cd91e405.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-6.fra6.r.cloudfront.net

Software

Resource Hash

dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140441
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64057
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 07:33:23 GMT
etag: "1ed5739adb19197da798013ab080794d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3mmBIsxmKqKKrDqwuXiqPD9gc649ZGJEm0BscNV1wnu63FzHfSE-Uw==

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202
https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc%2dgrplus%2dfps&partner_id=cl4975ot4arrr6b27d85e4%2d7bc0%2d426b%2db1c5%2d6aad719a5202
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

3 KB
2 KB

164ms
164ms

Script
text/javascript

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e0d4b0295c951781cd6a0631fa9363ca90743826915062792bd53741045341b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:48 GMT
content-encoding: br
x-frontend: cc-nginx-55b57bbd68-4q8xx:cc-nginx-55b57bbd68-4q8xx
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 2a1cfb04-df97-95a3-8d24-7aba71ad1b3b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FWR%2FDgvQ%2FlcCtPLWYxFEJj8cnJqdSVqk1aNXsI8qcBi203mFsNIzMJXxbcjuVxPQxOB6vKOqBI0b5VkaRET8ZtHQ1myMEOZ1GnOdneTqOoDyKQnu%2BLcT0WID09d3os9gOdLdNOCuhAHrcf%2F6raZMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-envoy-upstream-service-time: 15
cf-ray: 714b6b319f63694c-FRA

Redirect headers

date: Wed, 01 Jun 2022 22:34:47 GMT
x-frontend: cc-nginx-55b57bbd68-z8jbc:cc-nginx-55b57bbd68-z8jbc
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 24ccd15e-f4b6-9276-a9b4-7bc4fa0356a0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q6OzVNBoGk16yF1l2NJ7bfAlAkhsoBJdynVSS5svWohEqOi1ysZjOaOXdbuv%2FGoxBOZ%2FhM9vsbVuQSGEofawA%2Flpuw8QKKjWCZ2qTDmlIJGxLYmD%2FtLkjAWHVTGqgzRFyfw8RrIiFL3KwOpNAuXSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
x-envoy-upstream-service-time: 67
cf-ray: 714b6b304ddf694c-FRA

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 253ms
229ms Image
application/json 54.158.193.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202&id=cl4975ot4arrr6&uid=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.193.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-193-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame D272 2 KB
1 KB 135ms
37ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 140441
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-id: dUwKEeBR-QBMG3m91l2-YPBQXWCkV3wCKGRGl0WS-HI5tx_VTR-eKA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
BLOB 200
OK 735cf027-b630-401c-a684-b798c7eee868
https://pages.upwellness.com/ 86 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/735cf027-b630-401c-a684-b798c7eee868
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4132e61e292872d1b5acd54871b0a2eaec59f76df5939137424d8a2942734e77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length: 88294
Content-Type: text/javascript

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
119 B 265ms
264ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7A987C255164989A9BA6A9F6417D8FF Ref B: FRA31EDGE0607 Ref C: 2022-06-01T22:34:47Z
date: Wed, 01 Jun 2022 22:34:46 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 64ms
64ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=cf26bb8a-4042-452b-b9c4-f9dad4a7a779&sid=0ab7de90e1fb11ec9fbc898919421a77&vid=0ab80790e1fb11ecaec2db616dbdee51&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&r=&lt=2522&evt=pageLoad&msclkid=N&sv=1&rn=166977

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3901F82B2D26431EB2A654DD617C59A4 Ref B: FRA31EDGE0607 Ref C: 2022-06-01T22:34:47Z
date: Wed, 01 Jun 2022 22:34:46 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/ 268 KB
268 KB 130ms
130ms XHR
video/mp2t 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1248335
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e purge-experiment-8e
access-control-request-method: *
x-cache: HIT, MISS
content-length: 274104
x-served-by: cache-iad-kcgs7200058-IAD, cache-hhn4050-HHN
expires: Thu, 18 May 2023 11:49:12 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1654122887.484976,VS0,VE89
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 0

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 39 KB
16 KB 40ms
40ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

780cbfb3b7c4ce8e8a4b456166d0d713c73007acee33acd0cc8e6481110c229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 1483
x-cache: HIT, HIT
content-length: 16491
x-served-by: cache-iad-kcgs7200074-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122888.536318,VS0,VE0
etag: "6297a192-406b"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/795540/ 147 B
322 B 177ms
59ms XHR
application/json 54.74.116.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0961e771164cd91e405.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.116.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-116-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 795540 Show response
vc.hotjar.io/sessions/ 0
256 B 187ms
66ms XHR
text/plain 108.157.4.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/795540?s=0.25&r=0.14618932441742416
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d0961e771164cd91e405.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-117.dus51.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: e51yGuCU5LZqBss8y-n1b4t0fGsfykbVJZCPQkn159Sk1sChfTN-5w==

GET
H2 200 seg-3-v1-a1.ts Show response
embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/ 265 KB
265 KB 157ms
157ms XHR
video/mp2t 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1869366
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e purge-experiment-8e
access-control-request-method: *
x-cache: HIT, HIT
content-length: 271096
x-served-by: cache-iad-kiad7000106-IAD, cache-hhn4050-HHN
expires: Thu, 11 May 2023 07:18:41 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1654122888.728392,VS0,VE118
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 78ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&rl=&if=false&ts=1654122887783&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40id%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fe8xcaqkjm4%22%2C%22%40type%22%3A%22VideoObject%22%2C%22duration%22%3A%22PT7M34S%22%2C%22name%22%3A%22GRP_FPS_MINIVSL1%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2F9c999aa0107b556d5cd5f59d9dd7e014.jpg%3Fimage_crop_resized%3D640x360%22%2C%22contentUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2Fa18adcb3fe4d694342677106235399fede11a10f.m3u8%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fe8xcaqkjm4%3Fwseektoaction%3Dtrue%22%2C%22uploadDate%22%3A%222021-09-22%22%2C%22description%22%3A%22an%20UpWellness%20video%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SeekToAction%22%2C%22target%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528%3Fwtime%3D%7Bseek_to_second_number%7D%22%2C%22startOffset-input%22%3A%22required%20name%3Dseek_to_second_number%22%7D%7D%5D&sw=1600&sh=1200&ud[external_id]=284f6d618e5fa179ad4518caf941579afdce4c96e8a884536f9675f3f14793cb&v=2.9.61&r=stable&ec=3&o=30&fbp=fb.1.1654122887274.333460881&it=1654122887030&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 01 Jun 2022 22:34:47 GMT

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame A7C8 942 B
737 B 165ms
165ms Document
text/html 2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325f57a6c05507b8b2c19b7a76c2b8a703abdc4963b920a3549279cf362ef187

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 714b6b3298c9694c-FRA
content-encoding: br
content-type: text/html
date: Wed, 01 Jun 2022 22:34:48 GMT
etag: W/"NTNkY2JiY2JnYjlmOGc0ZTBlZzg4ZmZnZmRjMGUwZWM4OGI4LXow"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDNJmURpSWnhGWV5gvyeNPhWyKUTEaSYn%2F4mmqyAXp3eTDOBHoamTKDj7EeZ%2FV53yZd58L%2B9N5FoxiVnD2I0SOnBx4sLG4SbykaxPHdOIdj5DyRJChu5zCCXjiwQo1Pq2jjrzg3IKLC3XknnrIroqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-envoy-upstream-service-time: 20
x-frontend: cc-nginx-55b57bbd68-hpq48:cc-nginx-55b57bbd68-hpq48
x-requestid: 87349b3c-8f8a-946d-84ed-720c772621ec

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 0EC5 389 KB
114 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 13:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 May 2023 13:05:00 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 0EC5 112 KB
112 KB 46ms
46ms Script
application/javascript 2606:4700:3033::6815:40e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11028602
cf-ray: 714b6b3319c09bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: pD4NXpk0D+zOM+YuBIJHWBLgRtX1eSnhKxOwN32jSaj87HN2K3EsS4CxPqo7TzC7Szt+9azZba0=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ygstq8u9qcNi%2BYa%2FWxgt95IsLEWSsDrQApNZMsiFLKAWMGrtuf9%2FCbLTPGhXB9Foh9BVqkOkRCwdNXVMOsnLDoozYEOZkwc31gl3Qrfrzk2uTKNQ8y4SEBUIGJ7IGEhVPaT3sakf3RooU90%2BH3k"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 2ZZC1822N3CZSHNC
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges: bytes
content-type: application/javascript

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 317ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1600&scd=6&ssd=1&est=1654122886573&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1654122888173&vi=1654122886571&ri=e5436c2462e32c65ff66181a061708f8&ref=null&cv=20220526-7-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Wed, 01 Jun 2022 22:34:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame A7C8
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=ec399de2-be9f-4c94-ae77-18e1106dc883

0
418 B

246ms
246ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=ec399de2-be9f-4c94-ae77-18e1106dc883
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:48 GMT
x-frontend: cc-nginx-55b57bbd68-hpq48:cc-nginx-55b57bbd68-hpq48
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 513e722a-d176-9606-83c6-b7181648b40f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIqerXanXk7cxivUqmihTokdfdGMs5aCnWr6o4IzNGKYnqY%2FQbLD3TUCT1qZdxzryqqo4VK1I8CZFCwDTh3svMZsnkBM3zoqyikkGwI62mXEgOyWRfm6FC9bbCztuEdUWrWcPP2j4ZBf0b0wzmbboA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 89
cf-ray: 714b6b360d5b694c-FRA

Redirect headers

location: https://a.clickcertain.com/px/ta/?done=true&ta_id=ec399de2-be9f-4c94-ae77-18e1106dc883
date: Wed, 01 Jun 2022 22:34:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

/
a.clickcertain.com/px/img/bidswitch/ Frame A7C8
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redi...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D53dcbbcb%2Db9f8%2D4e0...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&anx_uId=$UID
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8%26anx_uId%3D%24UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&anx_uId=859952109353106709

83 B
83 B

153ms
152ms

Image
application/json

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&anx_uId=859952109353106709
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
content-encoding: br
x-frontend: cc-nginx-55b57bbd68-hpq48:cc-nginx-55b57bbd68-hpq48
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 66a411ba-bfbd-928c-9817-a5c154e83052
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbyU42GP4DhILT2AajgLNknI6%2F484GkzQsdizN%2BHE0IZOXqwNnmBrwU85YEz%2FCk3g9aInExoLKnY98CLjuPykO6CGk6fA12D7AeCqHoliATirtNg0qqOuWTNtPdmo5Y1G7sbw3cPOxr%2BCVNsfTrEew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-envoy-upstream-service-time: 8
cf-ray: 714b6b3c7dd2694c-FRA

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 22:34:49 GMT
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 47f0af43-260d-4312-a8ad-254610f4d676
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=53dcbbcb-b9f8-4e0e-88ff-fdc0e0ec88b8&anx_uId=859952109353106709
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 221ms
221ms Image
application/json 54.158.193.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1654122887274.333460881&id=cl4975ot4arrr6&uid=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202&t=0&sc=1600%20x%201200
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026b50a98f73b86c26777936026a3&n=tune&AFFID=477232&subid=56_goldenfs528
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.193.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-193-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 0EC5 787 B
1 KB 592ms
505ms XHR
application/json 2606:4700:3033::6815:40e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:48 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 787
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date: Wed, 01 Jun 2022 22:34:48 GMT
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 864731f7-71d1-46af-827f-c5d5435b7b42
surrogate-control: no-store
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: TEFtZGPDIAMFSCA=
pragma: no-cache
server: cloudflare
etag: W/"313-+rkeP2UpHjKs6MCqLnNipDqgc1I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyeykBCnRbtGmO19MsIRA9Hk%2FTiPjMr6xHmiAVdzzfRc1ZQQWMOfuLm44m317PbGHSP63EMvC84i%2FUoi50vvnSEU7EaHTzDlmu5Ca%2B5WLE1UEkGT7DIT07%2FRnHeBZKyT2JU7hYeJrVkaRriDysFi"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 714b6b3539999004-FRA
x-amz-cf-id: 9qCjnY-Acs4GbVOZ95qj3QfvktHaqSRcfbpUZ12SCvuCkcotHnm-uA==
x-amzn-remapped-connection: keep-alive
expires: 0

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 533ms
130ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Wed, 01 Jun 2022 22:34:49 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 0EC5 0
200 B 194ms
133ms XHR
text/plain 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Wed, 01 Jun 2022 22:34:49 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 0EC5 71 B
798 B 319ms
230ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522cf30ddf6-4eaf-4cb6-8772-1f6b68112eac%2522%252C%2522captureIds%2522%253A%255B%2522-LOTAsTUT3N4RJrbQ3gp%2522%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522notificationId%2522%253A%2522-LOTAsTUT3N4RJrbQ3gp%2522%252C%2522campaignVariant%2522%253A%2522-MnloSbpswbbq1Mjqbrx%2522%252C%2522campaignVersion%2522%253A18%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026b50a98f73b86c26777936026a3%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D56_goldenfs528%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-fps%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522activityNotifications%2522%253Atrue%252C%2522liveVisitorCount%2522%253Atrue%252C%2522hotStreaks%2522%253Atrue%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026b50a98f73b86c26777936026a3%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D56_goldenfs528%2522%252C%2522actionBlurb%2522%253A%2522Purchased%2520Golden%2520Revive%2520%252B%2522%252C%2522activityLimit%2522%253A10%252C%2522restartActivityList%2522%253Atrue%252C%2522visitorThreshold%2522%253A2%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3d4125de4c96b212faab20b69218d0cb10e25f3b3e102d3debae99df2d2581fb

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"47-NJMsG3K3fLrG/GKNbM7T1lO0QAM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsCcRUesM1DlIV%2FVSLW2spdMjUsLUZ2kgGLVvUBrY8fm6bJ5fNDumVMMKZhCrGNbKlRCI9vWGeUrS7Ks5IZAf%2F8%2BCD6j9HMTDyVJn5A1OUQmIn6sSPflBG7Js2AXBrwPyyVVY4GsfcimcV1O%2BNkCQXZTXmAH"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-credentials: true
cf-ray: 714b6b38fac092a1-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/reporting/captures/ Frame 0EC5 3 KB
1 KB 366ms
326ms XHR
application/json 2606:4700:3033::6815:40e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/reporting/captures/trtc0limNRYJwhvfi9uRqUFQo0w1?pixelId=trtc0limNRYJwhvfi9uRqUFQo0w1&integrationId=-LOTAsTUT3N4RJrbQ3gp&limit=10
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73aaee1bf7053a1c9cb4986c115977850e90f321ebc4e88e8d9c0166ce26cb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2756
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date: Wed, 01 Jun 2022 22:34:49 GMT
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: ec774d18-73c0-47b8-b5ec-5e923eb0fca9
surrogate-control: no-store
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: TEFtiHznIAMFjfg=
pragma: no-cache
server: cloudflare
etag: W/"ac4-ZCyKrk0XqyW66jprMY+gtThLmKo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysEhKn8ZS11W7IYkSxuTHHPjAL0URJppBTYCU3vOc8WAi%2FbaD6j%2FdpozN06wy%2FwGQMj8fX0b%2BW9AxxgVrCUrTEhYzpS5ZvkeNt3CaOry%2BPWAjxms4KF2sIBX9rTPk8nnGGD129968QBVOdKTEkwp"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 714b6b3acfb59004-FRA
x-amz-cf-id: UlEez5oeq8I9OqTJmupnJGh98A4YQFdlzT_m37E8mbL6UVfCRjUmzA==
x-amzn-remapped-connection: keep-alive
expires: 0

POST
H/1.1 200
OK domain Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 0EC5 24 B
272 B 133ms
133ms XHR
application/json 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/domain
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 7e75bd5832d9b3c24d4518dd94dd961e92ffc474bdbf1666a307a39bb8ee968f

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Wed, 01 Jun 2022 22:34:49 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cdn.useproof.com
Connection: keep-alive
Content-Length: 24

OPTIONS
H/1.1 204
No Content domain
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 329ms
130ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/domain
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Wed, 01 Jun 2022 22:34:49 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

GET
H2 200 seg-4-v1-a1.ts Show response
embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/ 276 KB
277 KB 37ms
37ms XHR
video/mp2t 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-fastly.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/v2/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 2564430
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e purge-experiment-8e
access-control-request-method: *
x-cache: HIT, HIT
content-length: 283128
x-served-by: cache-iad-kjyo7100102-IAD, cache-hhn4050-HHN
expires: Wed, 03 May 2023 06:14:20 GMT
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
x-timer: S1654122890.587218,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1, 1

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 58 KB
16 KB 43ms
43ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1fa0aa30134c1dc42352778ae49d97a9779eda5382a84d16e987afbd79bba85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 1485
x-cache: HIT, HIT
content-length: 15816
x-served-by: cache-iad-kjyo7100168-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122890.836368,VS0,VE0
etag: "6297a192-3dc8"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 20

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 1 KB
1 KB 41ms
40ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

060e0a7782c4fc23e8fabb646adf4a06ce2617396b73fd0b9ef1aaeafed44fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 3
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1110
x-request-id: 21f01e9707093cbce53c6f4e9950f377
x-served-by: cache-iad-kiad7000029-IAD, cache-hhn4034-HHN
x-runtime: 0.033118
referrer-policy: strict-origin-when-cross-origin
x-timer: S1654122890.841380,VS0,VE0
etag: W/"060e0a7782c4fc23e8fabb646adf4a06"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 102
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
331 B 136ms
136ms Ping
text/plain 54.158.193.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.193.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-193-187.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 01 Jun 2022 22:34:49 GMT
Server: nginx/1.12.1
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 37ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&rl=&if=false&ts=1654122889830&sw=1600&sh=1200&ud[external_id]=284f6d618e5fa179ad4518caf941579afdce4c96e8a884536f9675f3f14793cb&v=2.9.61&r=stable&ec=4&o=30&fbp=fb.1.1654122887274.333460881&it=1654122887030&coo=false&eid=cl4975ot4arrr6a5946cba-8761-42af-9c72-3e52abb3797d&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 01 Jun 2022 22:34:49 GMT

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 415ms
130ms XHR
text/plain 54.174.20.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.20.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-20-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 01 Jun 2022 22:34:50 GMT
cache-control: max-age=0, private, must-revalidate

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
331 B 264ms
135ms Ping
text/plain 54.158.193.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.193.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-193-187.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 01 Jun 2022 22:34:50 GMT
Server: nginx/1.12.1
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 37ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=iii_enrich&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528&rl=&if=false&ts=1654122889838&cd[customerlabs_user_id]=cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202&sw=1600&sh=1200&ud[external_id]=284f6d618e5fa179ad4518caf941579afdce4c96e8a884536f9675f3f14793cb&v=2.9.61&r=stable&ec=5&o=30&fbp=fb.1.1654122887274.333460881&it=1654122887030&coo=false&eid=cl4975ot4arrr64a082bc0-0fd2-4f62-8beb-cb08e6499c5d&tm=2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 01 Jun 2022 22:34:49 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 443ms
127ms XHR
text/plain 52.54.116.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.116.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-116-217.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 01 Jun 2022 22:34:50 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 25 KB
7 KB 40ms
40ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f416fd626cf5301b1771557224d2a1f71037505e3f8008ccef1e08520d8ac115

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:34:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 1487
x-cache: HIT, HIT
content-length: 7144
x-served-by: cache-iad-kjyo7100051-IAD, cache-fra19137-FRA
access-control-allow-origin: *
x-browser-version: 102
last-modified: Wed, 01 Jun 2022 17:27:46 GMT
x-timer: S1654122891.834687,VS0,VE0
etag: "6297a192-1be8"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 9

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 42ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4601&scd=6&ssd=1&est=1654122886573&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1654122891175&vi=1654122886571&ri=e5436c2462e32c65ff66181a061708f8&ref=null&cv=20220526-7-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026b50a98f73b86c26777936026a3%26n%3Dtune%26AFFID%3D477232%26subid%3D56_goldenfs528
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Wed, 01 Jun 2022 22:34:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-fps/	1970-01-20 07:53:40	Name: ubpv Value: an%2C6d2c7105-ebae-455a-91f2-47af4209ed5f
i.liadm.com/s	1970-01-20 04:11:54	Name: _li_ss Value: MgYIkgEQpxI
links.transformationinsider.com/	1970-01-20 03:29:26	Name: _session_id Value: a63c90913ba01a1ab513b746562cf881
go.welldaily.com/	1970-01-20 03:38:47	Name: enc_aff_session_67 Value: ENC03ca0e40cb4cee6e382ba3d5d392732fd42be970e7e778c6c79a839843f5408e7029759daf191a65c63fb8f52f0a8eda59e3638809940ff9989cdb34ea04cda756ae234991e68335cc8a0c2e45549a6acccc904428879f03e472662f0df3cd8f33a7f10b62ff739909d3fbfe773ee6a2fbc6b65dca7d8a938282625c3734d7040917091c1e
go.welldaily.com/	1970-01-21 04:54:18	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDIiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMi4wLjUwMDUuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
pages.upwellness.com/	1970-01-20 07:47:54	Name: ubvs Value: 9e6809f8-6b54-4f3f-8e4e-25081e8cd3ff
.upwellness.com/	1970-01-20 03:33:02	Name: ubvt Value: 9e6809f8-6b54-4f3f-8e4e-25081e8cd3ff
.upwellness.com/	1970-01-20 05:38:18	Name: _gcl_au Value: 1.1.920072093.1654122887
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 20:59:54	Name: _lc2_fpi Value: f0f26c15fa8f--01g4gpgdcmbf8f8zcbzvd0jdbv
.upwellness.com/	1970-01-20 20:59:54	Name: _ga Value: GA1.2.1282813134.1654122887
.upwellness.com/	1970-01-20 03:30:09	Name: _gid Value: GA1.2.1620269703.1654122887
.upwellness.com/	1970-01-20 03:28:42	Name: _dc_gtm_UA-28307243-3 Value: 1
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: Direct
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1654122886865
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.upwellness.com/	1970-01-20 12:14:18	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr6b27d85e4-7bc0-426b-b1c5-6aad719a5202
.upwellness.com/	1970-01-20 12:14:18	Name: cl4975ot4arrr6_sid Value: CL-9505c87f-5dfa-460f-8a6d
.upwellness.com/	1970-01-20 12:14:18	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr6e37cdcd4-479d-4325-a376-0b41dcd5f378
.yahoo.com/	1970-01-20 12:14:40	Name: A3 Value: d=AQABBIbpl2ICEHnsj8qJc_E_d8WybyNok_gFEgEBAQE7mWKhYgAAAAAA_eMAAA&S=AQAAAsgZnO55CB-i5bkmDsImvYI
.pages.upwellness.com/	1970-01-20 12:14:18	Name: _pin_unauth Value: dWlkPU16Vm1Oak15WWpJdE0yVmhZaTAwTm1ZMUxXRmlPR010T0dJNFltSmlZVGxsWVRSag
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: 9465703B391ACA0181216837932DD900
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcqnPs2e8oiG0U-YsNKk
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcqnPs2e8oiG0U-YsNKk.n165
.upwellness.com/	1970-01-20 05:38:18	Name: _fbp Value: fb.1.1654122887274.333460881
pages.upwellness.com/	1970-01-20 03:28:43	Name: outbrain_cid_fetch Value: true
.unsplash.com/	1970-01-20 12:14:18	Name: ugid Value: f4d260a6ea3ec76d2dd9140af5413a495513742
.liadm.com/	1970-01-20 20:59:54	Name: lidid Value: e1f86676-e3d5-4210-8f75-6b841b389aa2
.bing.com/	1970-01-20 12:50:18	Name: MUID Value: 1BF1265D43B4676413A437EB423F6666
store.upwellness.com/	1970-01-20 03:38:47	Name: AWSALB Value: W/0liFp9ihD9pGnQdFDfDK/rJr3zhpO5vCKr2E/I2l9/K3N5EHora5RwArnqVAJChTwgn2F6G/Cbcuua6QWnp4KYVtCfCXw5oRtXAvOe6Al+7IYpJNcLpMOr+Ql+
store.upwellness.com/	1970-01-20 03:38:47	Name: AWSALBCORS Value: W/0liFp9ihD9pGnQdFDfDK/rJr3zhpO5vCKr2E/I2l9/K3N5EHora5RwArnqVAJChTwgn2F6G/Cbcuua6QWnp4KYVtCfCXw5oRtXAvOe6Al+7IYpJNcLpMOr+Ql+
.store.upwellness.com/	1970-01-20 12:14:18	Name: UPWEL-ANP Value: 6141
.upwellness.com/	1970-01-20 03:30:09	Name: _uetsid Value: 0ab7de90e1fb11ec9fbc898919421a77
.upwellness.com/	1970-01-20 12:50:18	Name: _uetvid Value: 0ab80790e1fb11ecaec2db616dbdee51
.upwellness.com/	1970-01-20 12:14:18	Name: _hjSessionUser_795540 Value: eyJpZCI6IjY4NTg1Y2E2LWJiMmUtNTM0ZS1iNjc0LWMyNDU0NDZkMjUwMCIsImNyZWF0ZWQiOjE2NTQxMjI4ODc2MDcsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 03:28:44	Name: _hjFirstSeen Value: 1
pages.upwellness.com/	1970-01-20 03:28:43	Name: _hjIncludedInSessionSample Value: 1
.upwellness.com/	1970-01-20 03:28:44	Name: _hjSession_795540 Value: eyJpZCI6IjJlNTVkNGEyLWVmZWItNGEzYS05MDJiLTczMDgxMzQ5Mjk4MCIsImNyZWF0ZWQiOjE2NTQxMjI4ODc2MzIsImluU2FtcGxlIjp0cnVlfQ==
pages.upwellness.com/	1970-01-20 03:28:43	Name: _hjIncludedInPageviewSample Value: 1
.upwellness.com/	1970-01-20 03:28:44	Name: _hjAbsoluteSessionInProgress Value: 1
a.clickcertain.com/	1970-01-20 12:14:18	Name: _ccpx_u Value: 53dcbbcb%2db9f8%2d4e0e%2d88ff%2dfdc0e0ec88b8
a.clickcertain.com/	1970-01-20 12:14:18	Name: _ccpx_24a3d6f0fe7dd9c Value: 1
a.clickcertain.com/	1970-01-20 12:14:18	Name: _ccpx Value: 24a3d6f0fe7dd9c
.upwellness.com/	1970-01-20 12:14:18	Name: cl4975ot4arrr6_eidsTracked Value: true
.tapad.com/	1970-01-20 04:55:06	Name: TapAd_TS Value: 1654122888518
.tapad.com/	1970-01-20 04:55:06	Name: TapAd_DID Value: ec399de2-be9f-4c94-ae77-18e1106dc883
.tapad.com/	1970-01-20 04:55:06	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-20 12:50:18	Name: IDE Value: AHWqTUlvZIKS-gPzqbP4_ZfuLfL5-EufASjXTLwlO2mzCj12lwpLKY7RspSUT1QI24Y
.adnxs.com/	1970-01-20 05:38:18	Name: uuid2 Value: 859952109353106709
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1654124689836

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: blob:https://pages.upwellness.com/735cf027-b630-401c-a684-b798c7eee868 Message: [log] >

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
180470.t.hyros.com
180470.tracking.hyros.com
a.clickcertain.com
a.remarketstats.com
amplify.outbrain.com
analytics.proofapi.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
distillery.wistia.com
embed-fastly.wistia.com
embed-ssl.wistia.com
events.ub-analytics.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
go.welldaily.com
googleads.g.doubleclick.net
i.liadm.com
in.hotjar.com
io.v2.customerlabs.co
links.transformationinsider.com
live-visitor-counts.herokuapp.com
pages.upwellness.com
pipedream.wistia.com
pixel.tapad.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
store.upwellness.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
upwellness.com
vars.hotjar.com
vc.hotjar.io
views.unsplash.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.75.88.209
108.157.4.113
108.157.4.117
108.157.4.22
108.157.4.69
141.226.228.48
142.250.186.162
142.250.186.66
143.204.214.118
143.204.215.26
151.101.1.131
151.101.130.133
151.101.2.133
151.101.65.181
151.101.65.44
2.20.157.165
208.83.60.221
212.82.100.181
23.23.180.42
2600:1f18:730:b110:6bc4:b288:af66:f0fb
2600:9000:2057:1a00:1d:11cf:5800:93a1
2600:9000:224a:ee00:8:8845:1500:93a1
2606:4700:20::681a:37a
2606:4700:20::ac43:4acf
2606:4700:3033::6815:40e
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::622
2a04:4e42:4b::84
2a06:98c1:3121::3
3.210.192.5
3.69.136.55
34.202.82.185
34.226.127.56
35.227.248.159
35.238.129.105
37.252.172.45
44.198.82.75
52.204.197.236
52.31.40.31
52.54.116.217
54.157.50.116
54.158.193.187
54.174.20.52
54.74.116.255
65.9.58.146
70.42.32.255
99.86.4.6
016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29
042095a945a89bdee47dce9e27f452ee539aaa495f247e0967ae28ef37ac8d42
060e0a7782c4fc23e8fabb646adf4a06ce2617396b73fd0b9ef1aaeafed44fca
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
087e0660a490a774f3237db06880cc45d5d57b5ff1ec781558318ced2f70f58f
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7
0e223e4423f992400881665a705169bf5288b41405ca1dc302e4bdd8e80eafd9
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
23ba3146086ee3271b26b28f6e3577cc88fadfc95e76451965130684cbaa2605
24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a
24be766d94b127f53c8c5a6a143a6e4fb61c6e9940d98dd3e5b4488bfb4dba1b
26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2ec2cff551c6e6e7c6db7fd10e25e076affb8273fb65ebaaeef036bc84ac12a4
2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4
30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7
325f57a6c05507b8b2c19b7a76c2b8a703abdc4963b920a3549279cf362ef187
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39364720de3b58603d538cc4826f9a710bb834b1c7ca4ba4f04b9606e397159b
3a03fbadd85c5f82aaf50cd93da59c7da6ee77af9cfadf4b6942bf632e939d00
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b
3d4125de4c96b212faab20b69218d0cb10e25f3b3e102d3debae99df2d2581fb
3e0d4b0295c951781cd6a0631fa9363ca90743826915062792bd53741045341b
3e224271c6362dce72fe162fc9d7cc9bb09e3f276d8e9e8f9f92018f006af94a
4132e61e292872d1b5acd54871b0a2eaec59f76df5939137424d8a2942734e77
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265
4609f86ac27ed0b4ed9b4f27965479055f736b947d99724943eb54ecfc7cc4da
480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c
485f687ae27c3019133f01f973611e67985d148f86b106104e87fa04ad0dcde7
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9
4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc
525e23ae0c019205f499f968d18a2ddc4d3c96aec594cf3c670a8272d65d4133
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
5418c544d3132cc415e4caf9080d058c3089da7a98fa15ca47d443f23f7d6444
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6c1bb8c751a457c0eaabf84b52c377aa0d30ee25bd0018b890daf79ec1a071c3
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
70dfb68acf5394a32f905a827bb12850157288d32da5ea6aef3e62ca011cab06
719b94ca3000c7a37264171a9ba14d20f08cda018d538e8739ca601a965ffc28
743ab7f32bf8962f8809d0a13f12daa86c5559b97e9b0e3d5ee1207ef3637d0e
7519982f0e0ee6f0991c5e91078c5c38f8ceba49b7fdd1028bdbaab6ff96ba1f
77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d
780cbfb3b7c4ce8e8a4b456166d0d713c73007acee33acd0cc8e6481110c229f
780dd06801c452a3e54f4c9571c34c58c8de41420e1c94098e122b9b5bf7ebb9
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
7e75bd5832d9b3c24d4518dd94dd961e92ffc474bdbf1666a307a39bb8ee968f
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
820f597e9a54db706b20700f4a654d076e211c595dd47e2bada1006811c58940
828010181365cab7e56baf6a4b01dc2af51b11a92fadb3f5f19c559a3ec41762
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8
89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1
8d1681e3c3ca6886aba34a58fdaada7e0ca7de75f600d036e3821d23e8abcceb
9057bbd37e00fe47f019490f051ad20d06883dd6d160b656b7c96a293003eac4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd
9347d3aaadb43b6005f5f6a7a5eddc2d020276790782456d7bc5a62f8a233068
951a3f149026bb8e5b224330b22e0be9771302d9f2c7461ca3b7d83900bff22f
99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe
9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aa7af3924cbe69d87bcd64794ee9db9712d0758df854f6e3426ea6b25058a60e
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
ad42f8ead2ab14f2ee2646505819ed6dbf44ccb002860749d70065b66dbc8d8c
adfbe2884a1e70d8dedec8fe8efb7bb37fe26186bf68de5e7bf9c5e77ce9a93d
af2f2db42aea8bd5b967be53d6193efffe266754fb2b6fe8d63986ae98ef450e
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638
b90e38dd2aa08c8139aeee43da365d7102cf53ab93c7cbea00adeabd345470ba
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8
bed441a2befb9eb7396db2cf9e2cf4d5947356a6d574683941c59e88f7915e5d
bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
c73aaee1bf7053a1c9cb4986c115977850e90f321ebc4e88e8d9c0166ce26cb3
c85e945fe620ada959dd13e3bb212f7402b44508b6540205f21e1d1e4fa56fcc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc7b52ad43fb41a4f89ffa8f75e9318f9e55c26e27023b4ecc632e926601c5d8
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019
ced49017b1747b55cec9c576da1dc15fa47ce9cd77ec6e0cf27033892e826864
d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650
d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e
e1a0e973ba77e8e3be4265d7aa18709edc83c4d5ec34d9a102e6299a57cb2550
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e9edb3d4d37b5d6ac28f482db2189c064139d40cd810292140e739a2767b821a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa218a68e4ac4f0b0bf198a710c83e051aaa5b7d2f9fbe6f2dece15456ae6cb
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f1fa0aa30134c1dc42352778ae49d97a9779eda5382a84d16e987afbd79bba85
f3f17a543eb305b7c308dc5f78a35bf4b43f11fff5920d6850c2ed16924cada0
f416fd626cf5301b1771557224d2a1f71037505e3f8008ccef1e08520d8ac115
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f84a771bbadae289610c591ce480f839803ea194f0fa99460e488c8710812292
fccf6afe7127d654c4214d2028434cb1d748aa2e6cdc59281771a5029fdfe999
fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
ff143c291c62df2ad1db365e1d64b4f10fee4a37cf37447ca095d0e660c400bd

pages.upwellness.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

96 %HTTPS

38 %IPv6

39 Domains

62 Subdomains

53 IPs

7 Countries

5760 kBTransfer

9056 kBSize

50 Cookies

0 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

96 %
HTTPS

38 %
IPv6

39
Domains

62
Subdomains

53
IPs

7
Countries

5760 kB
Transfer

9056 kB
Size

50
Cookies

171 HTTP transactions
2 data transactions