pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZnby5tYXh3ZWIuY2...
Effective URL:
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&sub...
Submission: On March 28 via api (March 28th 2023, 7:37:01 pm UTC) from BE — Scanned from DE

Summary HTTP 162 Redirects Behaviour Indicators

Summary

This website contacted 59 IPs in 7 countries across 43 domains to perform 162 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com. The Cisco Umbrella rank of the primary domain is 553578.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	170.187.185.18 170.187.185.18	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	2606:4700:310... 2606:4700:3108::ac42:2b71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.51.237.18 52.51.237.18	16509 (AMAZON-02) (AMAZON-02)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
2	52.222.174.50 52.222.174.50	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2600:9000:225... 2600:9000:2250:aa00:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:d400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::14 2a02:2638::14	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	34.236.88.218 34.236.88.218	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
3	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:350... 2a02:26f0:3500:895::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	100.20.6.198 100.20.6.198	16509 (AMAZON-02) (AMAZON-02)
8	23.36.162.152 23.36.162.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	108.138.17.78 108.138.17.78	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.200.179 18.66.200.179	16509 (AMAZON-02) (AMAZON-02)
2	34.230.252.255 34.230.252.255	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b140:318:4480:a19a:ad9	14618 (AMAZON-AES) (AMAZON-AES)
1	18.207.63.238 18.207.63.238	14618 (AMAZON-AES) (AMAZON-AES)
2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1	52.89.7.180 52.89.7.180	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	52.222.149.81 52.222.149.81	16509 (AMAZON-02) (AMAZON-02)
2	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2600:9000:223... 2600:9000:223e:ce00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	143.204.222.226 143.204.222.226	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	13.32.145.125 13.32.145.125	16509 (AMAZON-02) (AMAZON-02)
9	52.222.250.38 52.222.250.38	16509 (AMAZON-02) (AMAZON-02)
1	52.16.92.191 52.16.92.191	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:223... 2600:9000:223e:1800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.213.120.66 3.213.120.66	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.83.6.65 54.83.6.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	34.111.113.62 34.111.113.62	() ()
1 2	44.237.224.31 44.237.224.31	() ()
1 3	52.213.31.46 52.213.31.46	() ()
1	52.222.149.112 52.222.149.112	() ()
162	59

1 170.187.185.18 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: vsrv379.armadaservers.com

click.mwhealthcareconsulting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b71 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.maxweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.237.18 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-237-18.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-50.cdg50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn1.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:aa00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::14 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.236.88.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-88-218.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:895::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.20.6.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-6-198.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.162.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-152.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-78.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.200.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-200-179.mxp63.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.252.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-252-255.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:318:4480:a19a:ad9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.63.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-63-238.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.7.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-7-180.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-81.cdg52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:ce00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.222.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-222-226.cdg3.r.cloudfront.net

d3pkntwtp2ukl5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.145.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-125.cdg50.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.92.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-92-191.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:223e:1800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:27a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:932 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.213.120.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-120-66.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.6.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-6-65.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.237.224.31 (None, ) 1 redirects

ASN- ()

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.31.46 (None, ) 1 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.112 (None, )

ASN- ()

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	wistia.com fast.wistia.com — Cisco Umbrella Rank: 3899 embed-ssl.wistia.com — Cisco Umbrella Rank: 7445 embed-cloudfront.wistia.com	2 MB
12	cloudfront.net d34qb8suadcc4g.cloudfront.net d3pkntwtp2ukl5.cloudfront.net d9hhrg4mnvzow.cloudfront.net	62 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	534 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	394 B
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	171 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6058	1014 B
7	google.com www.google.com — Cisco Umbrella Rank: 2	970 B
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 70	9 KB
6	clickcertain.com 2 redirects a.clickcertain.com — Cisco Umbrella Rank: 3376	5 KB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 23303	85 KB
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 104890 io.v2.customerlabs.co — Cisco Umbrella Rank: 116455	198 KB
6	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3637 gum.criteo.com — Cisco Umbrella Rank: 392 mug.criteo.com — Cisco Umbrella Rank: 2797 sslwidget.criteo.com — Cisco Umbrella Rank: 1749 widget.us.criteo.com — Cisco Umbrella Rank: 18655	30 KB
6	upwellness.com pages.upwellness.com — Cisco Umbrella Rank: 553578 live.upwellness.com — Cisco Umbrella Rank: 586969 store.upwellness.com — Cisco Umbrella Rank: 535786	53 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 912 trc.taboola.com — Cisco Umbrella Rank: 658 trc-events.taboola.com — Cisco Umbrella Rank: 1840	22 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 58759 api.useproof.com — Cisco Umbrella Rank: 55516	601 KB
3	bidr.io 1 redirects match.prod.bidr.io	434 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 331	12 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 617 script.hotjar.com — Cisco Umbrella Rank: 755 in.hotjar.com — Cisco Umbrella Rank: 1861	72 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 469	7 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2494 tr.outbrain.com — Cisco Umbrella Rank: 2407	7 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2647 rp.liadm.com — Cisco Umbrella Rank: 1507 rp4.liadm.com — Cisco Umbrella Rank: 7161 i.liadm.com Failed	15 KB
2	usbrowserspeed.com 1 redirects a.usbrowserspeed.com	391 B
2	tapad.com 2 redirects pixel.tapad.com	1 KB
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 197340	200 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1104	878 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 762	1 KB
2	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 23107	563 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 57013 business.newsbreak.com — Cisco Umbrella Rank: 16942	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6816 flask.nextdoor.com — Cisco Umbrella Rank: 6390	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 708	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com — Cisco Umbrella Rank: 570442 assets.ubembed.com — Cisco Umbrella Rank: 9954	51 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 17857	37 KB
1	trovo-tag.com tag.trovo-tag.com	761 B
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 89010	725 B
1	gstatic.com www.gstatic.com	390 KB
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 40954	578 B
1	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7646	115 KB
1	decide.dev cdn1.decide.dev — Cisco Umbrella Rank: 21048	4 KB
1	welldaily.com 1 redirects go.welldaily.com — Cisco Umbrella Rank: 613924	2 KB
1	maxweb.com 1 redirects go.maxweb.com — Cisco Umbrella Rank: 309514	415 B
1	mwhealthcareconsulting.com click.mwhealthcareconsulting.com	390 B
162	43

	Domain	Requested by
12	fast.wistia.com	pages.upwellness.com fast.wistia.com
9	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
9	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
8	www.facebook.com	pages.upwellness.com
8	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
7	embed-cloudfront.wistia.com	fast.wistia.com
7	www.google.de	pages.upwellness.com
7	www.google.com	pages.upwellness.com
6	a.clickcertain.com	2 redirects pages.upwellness.com a.remarketstats.com a.clickcertain.com tag.trovo-tag.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	googleads.g.doubleclick.net	www.googletagmanager.com
5	io.v2.customerlabs.co	pages.upwellness.com cdn.js.customerlabs.co
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
3	match.prod.bidr.io	1 redirects a.clickcertain.com tag.trovo-tag.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	a.usbrowserspeed.com	1 redirects tag.trovo-tag.com
2	pixel.tapad.com	2 redirects
2	trc-events.taboola.com	cdn.taboola.com
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	sp.analytics.yahoo.com	pages.upwellness.com
2	ct.pinterest.com	s.pinimg.com pages.upwellness.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	trc.taboola.com	cdn.taboola.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	events.ub-analytics.com	pages.upwellness.com
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	pages.upwellness.com
1	tag.trovo-tag.com	a.clickcertain.com
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	a.remarketstats.com	1 redirects
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	d3pkntwtp2ukl5.cloudfront.net	pages.upwellness.com
1	flask.nextdoor.com	pages.upwellness.com
1	script.hotjar.com	static.hotjar.com
1	mug.criteo.com	pages.upwellness.com
1	embed-ssl.wistia.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	business.newsbreak.com	static.newsbreak.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	cdn.js.customerlabs.co	click.mwhealthcareconsulting.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	fast.wistia.net	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	cdn1.decide.dev	pages.upwellness.com
1	pages.upwellness.com
1	go.welldaily.com	1 redirects
1	go.maxweb.com	1 redirects
1	click.mwhealthcareconsulting.com
0	i.liadm.com Failed	a.clickcertain.com
162	67

This site contains no links.

Subject Issuer	Validity	Valid
click.mwhealthcareconsulting.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
pages.upwellness.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cdn1.decide.dev R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
live.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
store.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-02-07` - `2023-06-02`	4 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-02-23` - `2023-05-31`	3 months	crt.sh
trovo-tag.com Amazon RSA 2048 M01	`2023-03-01` - `2023-06-06`	3 months	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Frame ID: 4E7BEF9B5DC67111F2A858A5A9530DFD
Requests: 144 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: DBE00FDA0F63D4448AC66A960EC6B1AF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 0A851A11504F3B42FED8DD57EFEFEF92
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3F8B1CDB3E0345699F3D47D023D26BBE
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&cn=DE
Frame ID: CDB08FA3D31BC725C78383F795AE4EB8
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 2DA6E699940DA35812FA43535939FE9E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMk... Page URL
https://go.maxweb.com/6755/302/2/ HTTP 302
https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230328193617618&aff_sub... HTTP 302
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=t... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

162
Requests

93 %
HTTPS

42 %
IPv6

43
Domains

67
Subdomains

59
IPs

7
Countries

4510 kB
Transfer

9156 kB
Size

52
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZnby5tYXh3ZWIuY29tJTJGNjc1NSUyRjMwMiUyRjIlMkYlM0Y= Page URL
https://go.maxweb.com/6755/302/2/ HTTP 302
https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230328193617618&aff_sub=302 HTTP 302
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://rp.liadm.com/j?dtstmp=1680032217522&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1680032217522&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&i6=MmEwMTo0YTA6NWE6Ojc%3D&n3pc=true

Request Chain 95

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=WrNoN3xKVlowTmY4dUMvL1JoYlg1VndrejRJWG9JNlRlS2RCYkpVNEE2djRSZ1o2SHJpcDlJZXZCeVYwSjIxWFEvYmZGUm9SRCt4R1ZnK1ZXYXExNkdZWkora2RvRU9YdGxsdGxNcjZmS2VqcnpiZ3I2UURNcjlUWXEwMndjT2JOeWxhQllwK05pK3VHSWNzK0xYUUFJOXFVUTV0N2RlVzBFYUk5VXB4R1NRVFZHSGpFdnZHM09uUzVMRGRWcFZlendQWDU4ZEtKblBSVCtZWUZ5MXFTV1lFNFF0M0lsNm5oYURVMHlWMGhwbHpSRkh1L0lQYVRjU05uNlM4M3NxZEJiS1E4ckgvZVBMRWhKc2RMc2dQNGN1NTVmQT09fA&cppv=2

Request Chain 122

https://sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.mwhealthcareconsulting.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=fFsG519tRFZBOW0xbzBuUUdHTHZzaWF5YWt6QzV3SG44MVFBN0x5dFd2bkVKWXhDbHRsZiUyRmVYelJUJTJCWVpRdzVueXZUNlQ4ZjNKbXdWeXdQcDJFT2FNaDUlMkJmZCUyQmQxaHI1MDVxRmd0TmdXMXFyOGtYQWJxc3BOcU51ZERpTWMxTlpmOFdsTEpEaXFudEI3NDJqbjUxdEk4YnQ0dyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10249dfcf70d1ac8b93fecc612d1ae%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Fclick.mwhealthcareconsulting.com%252F&dtycbr=35689 HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.mwhealthcareconsulting.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=fFsG519tRFZBOW0xbzBuUUdHTHZzaWF5YWt6QzV3SG44MVFBN0x5dFd2bkVKWXhDbHRsZiUyRmVYelJUJTJCWVpRdzVueXZUNlQ4ZjNKbXdWeXdQcDJFT2FNaDUlMkJmZCUyQmQxaHI1MDVxRmd0TmdXMXFyOGtYQWJxc3BOcU51ZERpTWMxTlpmOFdsTEpEaXFudEI3NDJqbjUxdEk4YnQ0dyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10249dfcf70d1ac8b93fecc612d1ae%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Fclick.mwhealthcareconsulting.com%252F&dtycbr=35689

Request Chain 134

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b&c=24a3d6f0fe7dd9c HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

Request Chain 154

https://a.clickcertain.com/px/ta/?ccid=d1d423d5-6e96-40df-8819-9fdc99158454 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d1d423d5-6e96-40df-8819-9fdc99158454&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=d1d423d5-6e96-40df-8819-9fdc99158454&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=29c0a0e6-1ce5-492d-8d68-88c9c972786e

Request Chain 155

https://a.usbrowserspeed.com/cs?puid=8e8dc988-cf49-58ef-b063-80b112ab08e9&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=91967763-5f05-435c-8019-c3f2e4d64ce9&hem=

Request Chain 156

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 157

https://a.clickcertain.com/px/r/?ccid=d1d423d5-6e96-40df-8819-9fdc99158454 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d1d423d5-6e96-40df-8819-9fdc99158454&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd1d423d5%25252d6e96%25252d40df%25252d8819%25252d9fdc99158454%252526anx_uId%25253d%252524UID

Request Chain 159

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e8799d10-cd9f-11ed-a02c-7730f31d3f96 HTTP 302
https://a.clickcertain.com/px/smart/a/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e8799d10-cd9f-11ed-a02c-7730f31d3f96

162 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
click.mwhealthcareconsulting.com/ 82 B
390 B 109ms
77ms Document
text/html 170.187.185.18
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZnby5tYXh3ZWIuY29tJTJGNjc1NSUyRjMwMiUyRjIlMkYlM0Y=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.187.185.18 Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

vsrv379.armadaservers.com

Software

nginx /

Resource Hash

2ea15d13fdab482b2e1a65e1472ae8ff13cfa87e885485c943d85aabb8de8a93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 28 Mar 2023 19:36:55 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-vsl01-aff-2/
Redirect Chain

https://go.maxweb.com/6755/302/2/?
https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230328193617618&aff_sub=302
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

99 KB
19 KB

1101ms
16ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 301f8d94defec9737842bc50bdfc63df97a37e29a1397c6acf87b500e8045590

Request headers

Referer: https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZnby5tYXh3ZWIuY29tJTJGNjc1NSUyRjMwMiUyRjIlMkYlM0Y=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 18108
content-location: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 19:36:57 GMT
etag: "ak:6dd0fa2593cf41b6b26502b48d559a6e"
link: <https://pages.upwellness.com/uc-grplus-vsl01-aff-2/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: fbe91892-5070-465e-914a-d53bab95f199
x-unbounce-variant: ak
x-unbounce-visitorid: 6dd0fa25-93cf-41b6-b265-02b48d559a6e

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 28 Mar 2023 19:36:55 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 10249dfcf70d1ac8b93fecc612d1ae
X-Request-Id: 9451a241040f4a44ec5ebc504fcf7a80
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 82ms
20ms Stylesheet
text/css 52.222.174.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-50.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 05:36:03 GMT
content-encoding: gzip
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 9640855
etag: "3d27e56a34e34b278ab5e182cbc3b587"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: FAGkAYEk-WU1-z8GTqgDgAiBVnZiWXvhfmDkKhpXlmZvdBeQ3Pugzw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 53ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f4e06f2809f3adcd87e8a9682893c131d1cb55922a2701427c6386af7cc199f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68964
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 rainmakeradventures_lander.js Show response
cdn1.decide.dev/tracking/ 8 KB
4 KB 74ms
18ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.decide.dev/tracking/rainmakeradventures_lander.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 5fcf16da104a4c57a805b0b7d4f4b86972e5ef555ce33d5c6961f27e3806c491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:48:56 GMT
etag: "851d4fc77aafaf706108376b638e6a36"
x-hw: 1680032217.cds249.fr8.hn,1680032217.cds052.fr8.c
content-type: application/javascript
cache-control: max-age=3137
accept-ranges: bytes
timing-allow-origin: https://decide.dev
content-length: 3393

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 46ms
10ms Script
application/javascript 2600:9000:2250:aa00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:aa00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:41:41 GMT
content-encoding: gzip
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 6040517
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: 0n9yFGFx7YRXulsaEpGvPx5jTHlzMZAmCwIuBl7EYtCdd1z_C3cnGQ==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 54ms
9ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 87433f3ccbe4b9b04c2f1c71a78981be8cf7f4ad080bca74fd2f5032cf2751ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 1920
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: CgYN7GIsjoEFZDw=

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 60ms
10ms Script
application/javascript 2600:9000:223c:d400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 02:14:20 GMT
content-encoding: gzip
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 62557
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: EZtzh-6Lg1nyIcQfD1b3noCpC2kV6xWjEJPMuF8iLuKcZSJx_NKXkg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 38ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a119b787844e66e12853a9bd720e4ca511619e2f33f5aedf1a4cf565c4f047f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51590
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 26ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07bfeb247350657d6ae6efecb634288d14aedff52413edc11a9bb24878422484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51595
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
75 KB 39ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31aefe7b5bdb81ed5f516708ce92360e8d4653e9ff540b041b164eca4d6cd3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76623
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 203ms
102ms Script
application/javascript 2a02:2638::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

def564fc498bc5147cf79aa16e5a6f93789115cc0f4740b0b089df37fa6ba132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 aeu9oe7qwy.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 55ms
24ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e72ac596eba62521f2d7e2e9182f96ba7409a304a6e3d1f3755613b18aea45b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 13851
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1830
x-request-id: 5df694d0f1181a878e4988d97bccfc53
x-served-by: cache-iad-kiad7000112-IAD, cache-hhn-etou8220028-HHN
x-runtime: 0.059068
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032217.214964,VS0,VE1
etag: W/"e72ac596eba62521f2d7e2e9182f96ba"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 75, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 632 KB
115 KB 40ms
10ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

194b61ea7c150cd887afff564f576ac2fd1d96e8d210feb18f43d2d5bdc90f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3043
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117209
x-served-by: cache-iad-kcgs7200050-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032217.214953,VS0,VE0
etag: "cec2176cb63a6ce990ceb31dacdd0252"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 382

GET
H2 200 swatch
fast.wistia.com/embed/medias/aeu9oe7qwy/ 4 KB
4 KB 55ms
24ms Image
image/jpeg 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
access-control-request-method: *
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 273057
edge-cache-tag: 70fbf40348dd63aaaf45d99e420da13d
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 137
content-disposition: inline
content-length: 4021
x-served-by: cache-iad-kiad7000125-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Wed, 23 Mar 2022 20:25:50 UTC
x-timer: S1680032217.214992,VS0,VE2
etag: lrM1Y6_QEry13u2N8o5VL3hEPrc=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache, max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RqWRSrFZowkUxO8IzNWHERUTXSiB4o_X32PfvZrrEMSLz9PUP8Hzwg==
x-cache-hits: 282, 1

GET
H2 200 tmmqdtznyg.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 16ms
11ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/tmmqdtznyg.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9abfe2e64f8fe1d51ec458aa9c38886240600d589d8013a1d2e5ff033b45391d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 13851
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1817
x-request-id: d32f4cdf12623664a888adb5f2bc2938
x-served-by: cache-iad-kcgs7200078-IAD, cache-hhn-etou8220028-HHN
x-runtime: 0.049551
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032217.229824,VS0,VE1
etag: W/"9abfe2e64f8fe1d51ec458aa9c388862"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78, 1

GET
H2 200 swatch
fast.wistia.com/embed/medias/tmmqdtznyg/ 4 KB
5 KB 17ms
12ms Image
image/jpeg 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/tmmqdtznyg/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
access-control-request-method: *
via: 1.1 5840e9664aef77d9be1f708259e60d56.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 273057
edge-cache-tag: 3d63ce184da0f56b6950516693e7887c
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 114
content-disposition: inline
content-length: 4324
x-served-by: cache-iad-kcgs7200153-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 13 Apr 2021 18:37:38 UTC
x-timer: S1680032217.229919,VS0,VE2
etag: bEpX6TOqD88vZ49D9em1U_6D-sE=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache, max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nRwWZQ3jgZ5Ezuzah1VIPkcgQFyFS53vA3QKy1Jhu-doWoFv-NEnIg==
x-cache-hits: 291, 1

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 395ms
187ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
809 B 739ms
216ms Script
text/javascript 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-88-218.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 690ms
215ms Script
text/javascript 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-88-218.compute-1.amazonaws.com

Software

Apache /

Resource Hash

fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 744

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 632 KB
115 KB 56ms
17ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

194b61ea7c150cd887afff564f576ac2fd1d96e8d210feb18f43d2d5bdc90f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3043
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117209
x-served-by: cache-iad-kcgs7200042-IAD, cache-fra-eddf8230040-FRA
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032217.270319,VS0,VE0
etag: "cec2176cb63a6ce990ceb31dacdd0252"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22, 80

GET
H2 200 main.bundle-e1f0b93.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
34 KB 26ms
22ms Script
application/javascript 52.222.174.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-50.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 23:57:42 GMT
content-encoding: gzip
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
x-amz-version-id: 17zN0KsTjJudzmBpRx16GR4geRdzQrok
last-modified: Thu, 09 Feb 2023 23:08:27 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 4045156
etag: "66a5c759b0a898469971e281c08667e4"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33858
x-amz-cf-id: BAHcl-wwAODPPomVdWcvRv3i_w01FbNpjJU6TejPaRM4YuhfXgI3DA==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 63ms
27ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H6WQCW6APBRBRCJ9
age: 4803662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: vM+BMECrCORW9FJ+rHMQf57UtypTW4x/blOCBNGkW80f7RL4qXXnsbQ/1PrS2xXuBPa/piNmWbg=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfZvfXnBxVgxdmMdegIGT014BGvFixaiTx5%2F8yLht5c0eAsfqVr7lufOGyl5EFRvxWRK6Zy3O6oSm09cNCFMMg5mNmYxfXI3kpTCMRBY7h4DqwynApykpBbh3DJAvQ2YnbiG33ERpaHl4mWOFknI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7af2532de9fe35fd-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 36ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 19:36:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: UKiSdg5Z1+VQHjD8RlYj1ekljJPT0bX7P1IZRXUL8qjg34l3ATKrnqbkkRGeJkPIct1b5uBaoE3Ng82Pa5iXgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 20 KB
7 KB 68ms
11ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:36:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Mar 2023 14:14:18 GMT
Server: AkamaiNetStorage
ETag: "f5b26a8a79c33830b47954a53cc355f9:1679753797.689802"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6385
Expires: Tue, 28 Mar 2023 19:56:57 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
750 B 201ms
13ms Script
application/javascript 2a02:26f0:3500:895::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:895::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9ff8380e1cd4e31ccf877aff589c0f0ac4dc16f0d3d4476d9001f69f0c42c98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "e524dc72fce18b784da6f9faf16ef525"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 484

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 288ms
247ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:39 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: G11E13TBFEKS12GC
age: 20
x-amz-server-side-encryption: AES256
x-amz-id-2: 8HTZFf+7v76BXem20T133sHPJ9oZXnlByC+9fyNTRiUoRMKboYRjZSjxttuHrlB+pJhAL/e7TAs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 153ms
116ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dd7d12d4cc195e05cd72a9623588ecabf14c71d7037558b22cee18309ee35b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: lbGvRh7bbdHCjxZmiWng2jlHfLOJD8Ds
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Mar 2023 19:36:57 GMT
x-amz-request-id: JGX4YBDN87E8JGW2
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18202
x-amz-id-2: nr5tsIU+Yjx+6BiB20WnW1QSZAoMOOwL80VUaFAeiHh1DSfmI/8hDpo0mYfL2Tn00hCc5LxMuV4=
x-served-by: cache-hhn-etou8220039-HHN
last-modified: Sun, 26 Mar 2023 11:19:51 GMT
server: AmazonS3
x-timer: S1680032217.296507,VS0,VE104
etag: "90223f6bb30466ad3ded8b0890170164"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 773ms
181ms Script
application/javascript 100.20.6.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.20.6.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-100-20-6-198.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Sat, 25 Mar 2023 00:58:31 GMT
server: istio-envoy
etag: W/"641e4737-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 170ms
110ms Script
application/javascript 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2816917edd50b188aeb74fcf10ba69ffd6fdc1cb98f786fd205991d03f887b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 3f68fa57.1fc01b75
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 94,23.36.160.152
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=3
content-length: 1364
pragma: no-cache
server: nginx
x-tt-logid: 20230328193657A0F89413BF9CBCB215D7
x-cache-remote: TCP_MISS from a23-220-104-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.20
x-tt-trace-host: 015247297f0183ee6930ffc82cdcd783537a074b690e5a7fb3565b6b0633c7a6fb8fd0bca09aed4bdbe88e9dc925e86cf0d128af763e009db39b73a1013a849dceadd4291bdd248795a36d76dfc3dd8dc44141d12bc3552901c95288aa0bdeccb0e5bf3bdeb0a20bedf3a81ca5405cd3c3
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 68ms
12ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1680048000000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
date: Tue, 28 Mar 2023 13:53:04 GMT
x-amz-cf-pop: FRA60-P3
age: 20634
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: T_Uga837_9KfIviLMo9enW3lDU9Hnwwo4CbR-UhCOCvN-kNH6rMn2Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
64 KB 39ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68c88c7142356fa135fd98aa31306497b045145a164baffee2dc76575110381f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65441
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 123ms
123ms Script
application/javascript 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: be4a01c68a03621a0e9d917d11a0807b12640080ab86f5d766040ca9dc2e45cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 2ab724ca.1fc01bac
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 92,23.36.160.152
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=9, inner; dur=3
content-length: 1367
pragma: no-cache
server: nginx
x-tt-logid: 20230328193657088501DCFCC0C8BA8744
x-cache-remote: TCP_MISS from a23-39-229-85.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.39.229.85
x-tt-trace-host: 015247297f0183ee6930ffc82cdcd783537a074b690e5a7fb3565b6b0633c7a6fb589b0e15dcb17c1090c7818712d479ed1dc2c7d034b990e398f15579e56afb2b1aaf92ecfc8725b217af69d51b21d7837ae20e26d3a8724f2aa74fc9215e89614812d6a4bd7554270411368fbc2ec1f3
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
2 KB 87ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1680032217227&cv=11&fst=1680032217227&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&hn=www.googleadservices.com&frm=0&auid=511402156.1680032217&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

673b470642c66a8ef082e17cceffb9f2e22788c55070626100a4ae88045e3243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d24266de1015429582c762096bb6378f2c73d2885ca8daabc88fb22887f52446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51609
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfa4cef9560957ad3f7a2725b4658ca4891abc3cc38febd674a073f53c398f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51625
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
75 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da8c4e992b498fd0be4289d50ea0bd78b6e2369312298fce60144b48134c88d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76603
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1680032217245&cv=11&fst=1680032217245&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&hn=www.googleadservices.com&frm=0&auid=511402156.1680032217&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

265bd2efe70f56cf52f1be3ec3bd09ffaf7adf2a5386021e68c2d6c71ce3ed84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 12ms
12ms Script
application/javascript 2600:9000:2250:aa00:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:aa00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
content-encoding: gzip
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
date: Sun, 05 Mar 2023 17:27:36 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 5500618
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: kailiY3e82bxWJc1RR6GKUfdV_i2tUf6z-wVgTno2pm84NV-2tLN-A==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 46ms
12ms Script
application/javascript 108.138.17.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:56 GMT
content-encoding: gzip
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1215362
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: aiDcE23GxPRU9VpDmECwJgoaEk1UllNwcf2egG6MeQiLKuagxrJKrQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
1 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1680032217291&cv=11&fst=1680032217291&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&hn=www.googleadservices.com&frm=0&auid=511402156.1680032217&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6e24dcc66155374719121ae3ad31a21a0864ab4fe6b63fdf63f6c5b8ccff5cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
13ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 18:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5506
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 20:05:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

936ab2395676ca99f02a86db9c88b8eadac19e465f37481b03ce89d2800c2feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51590
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:36:57 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 196 KB
197 KB 275ms
110ms Script
binary/octet-stream 18.66.200.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: click.mwhealthcareconsulting.com
URL: https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZnby5tYXh3ZWIuY29tJTJGNjc1NSUyRjMwMiUyRjIlMkYlM0Y=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.200.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-200-179.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: q7mG7hlker5FRiUNkg8qVdDD2fjHsOUI
date: Tue, 28 Mar 2023 19:36:57 GMT
via: 1.1 0775da0a2f9756772faa2f4ff573da68.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 201018
last-modified: Mon, 20 Feb 2023 17:59:47 GMT
server: AmazonS3
etag: "cef37c380b37f6c7fbe85e3594e7f2d8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: GkZ5llIc_MX6_XfQFwk8i3mYLVcPcq3NCoeposuEcpmJ94aFQ3XSWQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
2 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1680032217311&cv=11&fst=1680032217311&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&hn=www.googleadservices.com&frm=0&auid=511402156.1680032217&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

977bc968ece763aae13a3b6de45dc1f909c7b407ab260f4dcb7ecaa070bf756a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
2 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1680032217338&cv=11&fst=1680032217338&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&hn=www.googleadservices.com&frm=0&auid=511402156.1680032217&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad4fefd52afc4c5dd800e371464d2a7efcff0465811d648313bfe153f6d7e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 436ms
224ms Image
image/gif 34.230.252.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1680032217513&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&refr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=3722cf46-889f-4d41-846a-c7f473b32d22&dtm=1680032217512&vp=1600x1200&ds=1600x1251&vid=1&sid=c5738ca7-4b06-4c7e-ac20-99473f3cf3d4&duid=092e38ee-bee8-475a-843f-341637006cfd&uid=6dd0fa25-93cf-41b6-b265-02b48d559a6e&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJzaW5nbGUifX1dfQ
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.252.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-252-255.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 177ms
176ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfe8af3b10655f0863d2428e52f52699ac3f3b7d0fdfd3887cb35efc8242e10c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 19:36:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6ZA1DOjocFEo425PZm3HuQmYBPisXnZazdSK+GztTdoaLSn99gf03HXaUdqji+vJUH1g7b2KIPZc19wd7ELLaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1680032217522&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%2...
https://rp4.liadm.com/j?dtstmp=1680032217522&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%...

13 B
553 B

321ms
92ms

XHR
application/json

18.207.63.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1680032217522&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&i6=MmEwMTo0YTA6NWE6Ojc%3D&n3pc=true

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Server

18.207.63.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-63-238.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
x-pixel-event-id: f8f21cc0-4353-426e-8cd0-2e49b939d837
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: b391f142b2789135
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 28 Mar 2023 19:36:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1680032217522&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&i6=MmEwMTo0YTA6NWE6Ojc%3D&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: 4a40838f20d7f402
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 125 KB
31 KB 11ms
10ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c36c35defd7d43c06001ead5fdacefba8baa03194a67da2de6463352715000d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3043
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 31342
x-served-by: cache-iad-kcgs7200084-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032218.561966,VS0,VE0
etag: "016203285cbc7b972a7d08a7da0fa549"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 39

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 404ms
91ms Script
application/javascript 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:36:57 GMT
X-TraceId: 55a8de92c2ed577c54333d023c3fbf17
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 492ms
87ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0586804075871957&referrer=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&marketerId=00ecfc580bbba23ea48e25b4bb418ef655%2C00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:36:58 GMT
Cache-Control: no-cache
X-TraceId: 95fff3661fb4747fecae72adcb205d1e
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 84 KB
26 KB 24ms
23ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9b0d91e8e65b08938cb76ceefafb488c027824895e531f72260b1c2c89992a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3042
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 26746
x-served-by: cache-iad-kcgs7200042-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032218.611852,VS0,VE3
etag: "ed1b57de50f73a772d40dc97b4ddabdc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 1

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 71 KB
20 KB 22ms
22ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ed9e0d5afcaed5fe18ebb7d938824c4712703e31d79a3e53c26ea9bae9db9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3043
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19997
x-served-by: cache-iad-kjyo7100110-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032218.612012,VS0,VE0
etag: "69b0cb3b82b79199bbc48f067146ef5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11, 17

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 655ms
176ms Ping
application/json 52.89.7.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1585718645907906561&uid=1-pw7lzxxd-lfsnszkc&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&ts=1680032217180&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20111&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1680048000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.7.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-7-180.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 main.7ba116b9.js Show response
s.pinimg.com/ct/lib/ 56 KB
17 KB 12ms
11ms Script
application/javascript 2a02:26f0:3500:895::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.7ba116b9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:895::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bea1fcc84e0690ef12eebaa114be35c46f92e19022767f32b962788a60b3e1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "9c6e2e41656c92a4def190e70014e481"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17420

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 49ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1680032217623&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680032217617%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22e%22%3A%22https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680032217622%2C%22ref%22%3A%22https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c13927223f0133ee9ecde0f8f65cf415c0f2ae898044a038a002aa05d266edc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms: 27
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220039-HHN
server: nginx
x-timer: S1680032218.638309,VS0,VE27
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
455 B 77ms
45ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1680032217227&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2830414519&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
455 B 87ms
24ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1680032217227&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2830414519&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1680032217245&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2739939758&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 56ms
25ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1680032217245&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2739939758&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTU1Nzk2ZDUwMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
66 KB 37ms
36ms Script
application/javascript 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cb922ba96736c011c5c8e3bad8312a52b45f3afd24ed8791d050c52ea2b2f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 1fc0204a
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023032815065688201B9C2020D178D1E9
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0152f881e201a838d5f9ff8c8f08f0820592377c0047e54ad00f172cd4609ef9e2cb7d94e29dc7df1200623a05b44d1a4524ce262225a90ba43833b0b81414622e58a02cccf124b0c9d7af4cb63593a91edeeaff62417493bf1e69fdca18ffde0e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 66517

GET
H2 200 main.MTU1Nzk2ZDUwMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 259 KB
69 KB 25ms
23ms Script
application/javascript 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 457a6bbd32523a72293e8041d1ba07046b5f2c936c20b63b3e6786545ecfcb7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 1fc0204b
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230328150644AE14E36329DBD37D94C6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0170ad8133e283d8dad124e2c8553f17be8488596310a57169757c6e17ae91a7f69dc32e2fda22d940dfa57cc1495b13cf3faa4a47807b7f2427892bb715a9d89eef22b47224a670f8328734d56cc344365f3475f292485bdd73cbc671d7d55eb4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=15
content-length: 69536

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DBE0 15 KB
6 KB 303ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 19:36:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 638399
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 62ms
62ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1680032217291&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2247629277&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 45ms
44ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1680032217291&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2247629277&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 377ms
327ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28307243-3&cid=1478157510.1680032218&jid=520745507&gjid=2121239021&_gid=382188714.1680032218&_u=YGBAiEABBAAAAEAAI~&z=1057778108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 19:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
189 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=376529073&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&dr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=520745507&gjid=2121239021&cid=1478157510.1680032218&tid=UA-28307243-3&_gid=382188714.1680032218&gtm=45He33r0n81M3S986P&z=1854138544

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5506
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1680032217656&cv=11&fst=1680032217656&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&hn=www.googleadservices.com&frm=0&auid=511402156.1680032217&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea034ffd62f0a545a3542a92bf21505cc33bd8cffcc233132069983eea7512d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
679 B 43ms
15ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:45:46 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: T3Y1VKF21JVZPFEW
age: 31873
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: qj4zCobCRPTjmO/Fa2f6FYEAVjtdxmkHPXsQ7JnYduv5RUecIztBFyHZuhYSDT6AvqNqiY2oat4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
374 B 44ms
16ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:31:04 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DQM2R9JAP8BT3R79
age: 7554
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: GuZrJcBzkFNMePj7iCgz/4gtsk8kZbkUYmFl7ayH+ALD0WqC0oaSb7FdmhQqBGwG0v+tx8U0+0Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
108 B 26ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1680032217311&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4243695089&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
108 B 24ms
24ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1680032217311&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4243695089&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 9 KB
4 KB 118ms
58ms Script
application/javascript 52.222.149.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.149.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-149-81.cdg52.r.cloudfront.net

Software

Resource Hash

0d587f248ea1c0d1c3b3a3fc4d5d5c9b6a46ec99da9389b7bb5c846b5cee0938

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 19:36:57 GMT
via: 1.1 efde5be81ce9c9a89c77d96186504846.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
etag: W/07b01d059696e3e73ca027a41af7f115
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: JJKMVvfOcvf61Mw_9dd1BQpXdo3fDPvXLSqyyeF8SHCy1pIwOq1fbA==

GET
H3 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1680032217338&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726078475&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 24ms
24ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1680032217338&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2726078475&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
857 B 121ms
71ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1680032217802&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7ba116b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.dcd5ce17.1680032217.561fb283
x-envoy-upstream-service-time: 6
content-length: 372
x-pinterest-rid: 1327240156196294
pin-unauth: dWlkPVlXUmtZV1prTlRFdE5XTmxOQzAwTWpOaExUbG1PV1F0TVdVMlpHSmpOVGM1T1RGaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 2 KB
1 KB 29ms
29ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1680032217955&data=%7B%22id%22%3A626%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680032217617%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22e%22%3A%22https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680032217626%2C%22ref%22%3A%22https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f28db54bb578866db6b14678931d7b91ebbf26cb798f3913c7298266281d806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220039-HHN
server: nginx
x-timer: S1680032218.957156,VS0,VE21
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 identify_08840.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 13ms
12ms Script
application/javascript 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_08840.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 1fc02683
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230328150646AD32CDD16E75D3A0E4EE
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0170ad8133e283d8dad124e2c8553f17be8488596310a57169757c6e17ae91a7f6fa922c7121319f005e2010d4c0f534f08021a88d1ecd9651c87d71bd004671b4fe562046d81bd0e29b49f4ed629fec5fc3d4f0d85ff84678a5e26cab85993219
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=7
content-length: 30666

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
553 B 135ms
134ms Ping
text/plain 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
x-akamai-request-id: 1fc02749
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202303281936580243F19A0AC010B5E550
x-cache: TCP_MISS from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 116,23.36.160.152
x-tt-trace-host: 015247297f0183ee6930ffc82cdcd7835309473ae5bb7fd87051ac1f6738e90bc92b51b9a1998ea8a558186909c5a72ea6db6cc4fbe725256e68ea638d7cc4954bf917a86c31e2a8505fc46121c58319700e9e48000e15c1c4f77bf8718eace7aa
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=7, origin; dur=116
content-length: 0
expires: Tue, 28 Mar 2023 19:36:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 130ms
129ms Ping
text/plain 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 96aaef36.1fc0274a
date: Tue, 28 Mar 2023 19:36:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 112,23.36.160.152
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=25, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230328193658E6A64095AE65FE22AAA6
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.220.104.19
x-tt-trace-host: 015247297f0183ee6930ffc82cdcd783537a074b690e5a7fb3565b6b0633c7a6fbe3e580f5a1efe02945eb14e27b5ce4a72456dcbe641da243b62a8d4e14f2d79138b49f45ea0db8eb922da060d2e480b1d65e43192cfd98ce9be1c7f9d358bd5e1be29caa3710cb8a73ad3a301047faa8
expires: Tue, 28 Mar 2023 19:36:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 130ms
130ms Ping
text/plain 23.36.162.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3f690899.1fc0274b
date: Tue, 28 Mar 2023 19:36:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-152.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 112,23.36.160.152
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=26, inner; dur=23
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303281936581D0FCA00F04883B3B140
x-cache-remote: TCP_MISS from a23-220-104-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.220.104.20
x-tt-trace-host: 015247297f0183ee6930ffc82cdcd783537a074b690e5a7fb3565b6b0633c7a6fb8fd0bca09aed4bdbe88e9dc925e86cf0b37408e4b0541e29bb4fc53ce3c1ffe94d86499e808e47a8b3d80b400f37c519335be72ad10358085369716d1ff2c08137647782435fd314cd177c1667b5ae87
expires: Tue, 28 Mar 2023 19:36:58 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 122ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2028%20Mar%202023%2019%3A36%3A58%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&e=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Mar 2023 19:36:58 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 121ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&e=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Mar 2023 19:36:58 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
332 B 42ms
42ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22ref%22%3A%22https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%227ba116b9%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1680032218006

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.dcd5ce17.1680032218.561fb4e5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1112825167122199
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d0a1fb999ec98584973653dd06314b37.png
embed-ssl.wistia.com/deliveries/ 74 KB
75 KB 88ms
9ms Image
image/png 2600:9000:223e:ce00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1920x1080
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ce00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 34578cbb643e46bf7c804a6f3d09d73b2cb6b5943a19d89a31d5bcf722f66aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:29:13 GMT
access-control-request-method: *
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 532512
edge-cache-tag: d0a1fb999ec98584973653dd06314b37
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 269
content-disposition: inline
surrogate-key: d0a1fb999ec98584973653dd06314b37 thumbnail-delivery
last-modified: Wed, 23 Mar 2022 20:25:49 UTC
server: envoy
etag: tJ3EleqAZ47Lgdp3kPTx6wApZy0=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: Ezf2lCSG9icE5jHP_tcTITPTp8vs_EpBS0MrX9zYuB2LjbPrJFcCXQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 36ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032218066&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032218067&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032218067&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032218068&sw=1600&sh=1200&v=2.9.100&r=stable&ec=3&o=30&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
10ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032218068&cd[content_name]=replay%2C%20rt&sw=1600&sh=1200&v=2.9.100&r=stable&ec=4&o=30&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1478157510.1680032218&jid=520745507&_u=YGBAiEABBAAAAEAAI~&z=985492471

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1478157510.1680032218&jid=520745507&_u=YGBAiEABBAAAAEAAI~&z=985492471

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 485 KB
112 KB 8ms
8ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe50ae8e0cade09e78b21fd77b1985ea3a282d373c2e61041dd2c612718f9770

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3044
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 114500
x-served-by: cache-iad-kiad7000075-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032218.074428,VS0,VE0
etag: "f88c296f9a532f5148353f2f53fc4e7d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 118

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 208 B
1 KB 138ms
138ms Script
text/javascript 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=https%3A//click.mwhealthcareconsulting.com/&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff-2/%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-88-218.compute-1.amazonaws.com

Software

Apache /

Resource Hash

92757c48c846b8f8c1954ccb09a3a4b7e086ca408e4e346cf09c8085dc6ea2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 137

GET
H2

200

sid Show response
mug.criteo.com/ Frame DBE0
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=WrNoN3xKVlowTmY4dUMvL1JoYlg1VndrejRJWG9JNlRlS2RCYkpVNEE2djRSZ1o2SHJpcDlJZXZCeVYwSjIxWFEvYmZGUm9SRCt4R1ZnK1ZXYXExNkdZWkora2RvRU9YdGxsdGxNcjZmS2VqcnpiZ3I2UURNcjlUWXEwMn...

431 B
655 B

284ms
24ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WrNoN3xKVlowTmY4dUMvL1JoYlg1VndrejRJWG9JNlRlS2RCYkpVNEE2djRSZ1o2SHJpcDlJZXZCeVYwSjIxWFEvYmZGUm9SRCt4R1ZnK1ZXYXExNkdZWkora2RvRU9YdGxsdGxNcjZmS2VqcnpiZ3I2UURNcjlUWXEwMndjT2JOeWxhQllwK05pK3VHSWNzK0xYUUFJOXFVUTV0N2RlVzBFYUk5VXB4R1NRVFZHSGpFdnZHM09uUzVMRGRWcFZlendQWDU4ZEtKblBSVCtZWUZ5MXFTV1lFNFF0M0lsNm5oYURVMHlWMGhwbHpSRkh1L0lQYVRjU05uNlM4M3NxZEJiS1E4ckgvZVBMRWhKc2RMc2dQNGN1NTVmQT09fA&cppv=2

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3da2f7959056fe0bc653de93a8992204e8778b56ca5b1d44de5728863a5551a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2649003
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=WrNoN3xKVlowTmY4dUMvL1JoYlg1VndrejRJWG9JNlRlS2RCYkpVNEE2djRSZ1o2SHJpcDlJZXZCeVYwSjIxWFEvYmZGUm9SRCt4R1ZnK1ZXYXExNkdZWkora2RvRU9YdGxsdGxNcjZmS2VqcnpiZ3I2UURNcjlUWXEwMndjT2JOeWxhQllwK05pK3VHSWNzK0xYUUFJOXFVUTV0N2RlVzBFYUk5VXB4R1NRVFZHSGpFdnZHM09uUzVMRGRWcFZlendQWDU4ZEtKblBSVCtZWUZ5MXFTV1lFNFF0M0lsNm5oYURVMHlWMGhwbHpSRkh1L0lQYVRjU05uNlM4M3NxZEJiS1E4ckgvZVBMRWhKc2RMc2dQNGN1NTVmQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 309181
content-length: 0
expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1680032217656&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3648896811&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
64 B 25ms
22ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1680032217656&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3648896811&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3f303823017921c313c7.js Show response
script.hotjar.com/ 264 KB
68 KB 48ms
10ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3f303823017921c313c7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

86986d6474300ea909176542575649e86e28b033e68b9af6177deef7bb8b91ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 38751
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69090
last-modified: Tue, 28 Mar 2023 08:50:20 GMT
etag: "b1bcc4fd7382665a4f4986bf6ddf6294"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LwUMBny1EailA0uw2umgC3a_I--cDnO7MR7BBvEtdqr_KcIRpqGupw==

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 255ms
220ms Image
text/plain 100.20.6.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ndclid=&rf=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&sem=&tm=0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.6.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-6-198.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
x-envoy-upstream-service-time: 22
server: istio-envoy
context-id: 1eab30ae-7dda-4127-a365-72a17d60bfec

GET
H2 200 aeu9oe7qwy.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 115ms
99ms XHR
application/x-mpegurl 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5fdb0e547028256fdb5662c9e84afcf84927ea56148435c521ba356e7b6f0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 935
x-request-id: c58f7dc7c1223ec74a2585a10813a383
x-served-by: cache-iad-kjyo7100174-IAD, cache-hhn-etou8220048-HHN
x-runtime: 0.029943
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032218.201312,VS0,VE91
etag: W/"f5fdb0e547028256fdb5662c9e84afcf"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 134, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 22ms
7ms Image
image/gif 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits: 20, 137
date: Tue, 28 Mar 2023 19:36:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3044
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn-etou8220048-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 18:44:01 GMT
x-timer: S1680032218.201299,VS0,VE0
etag: "64233571-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK uba.js Show response
d3pkntwtp2ukl5.cloudfront.net/ 4 KB
2 KB 77ms
18ms Script
application/javascript 143.204.222.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3pkntwtp2ukl5.cloudfront.net/uba.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.222.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-222-226.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f18a5d228906cf78085b322bc7a3cb24fd01ec1aedd3fc865c6fdd43dfb0cef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 22:27:55 GMT
Content-Encoding: gzip
Via: 1.1 9f8ec9bb50c39de1cdbf541a9313a472.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Jan 2023 00:17:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: CDG3-C1
Age: 76144
x-amz-server-side-encryption: AES256
ETag: "9bc7a2a273a418c874990b6b630cfd2e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1425
X-Amz-Cf-Id: Fp5x6KNwkWo3I0_OltQdzatzYdp8VMe1qYdY0Q2C1XIIrqcLF0DpAw==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 69ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 28 Mar 2023 19:36:57 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89E17929C49244D1A8CFCCAAD9137633 Ref B: FRA31EDGE0111 Ref C: 2023-03-28T19:36:58Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
BLOB 200
OK d4d7bd34-3c14-4425-bbe7-d27dcc2fa63b
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/d4d7bd34-3c14-4425-bbe7-d27dcc2fa63b
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 5579
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 8 KB
1 KB 203ms
134ms Stylesheet
text/css 13.32.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-125.cdg50.r.cloudfront.net

Software

Resource Hash

0cbbcfca95bcebbe80abb951e011dd0cefe9db438f44013c85ab3b3dfba0069b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
x-amzn-requestid: e2801a24-985f-4f40-8254-c72f963c2221
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Cgc6LHwGoAMFgcQ=
content-length: 787
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-642341da-39ac04a660e2885f39df1fd5
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: EF_yisONw9uU3s7mXhLi8JkRK13tlRfexqA1_RS6QKhs7J1SpuyYiA==

GET
H2 200 ab7be666-white-speakericons-02_100x00o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 393 B
777 B 47ms
8ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ab7be666-white-speakericons-02_100x00o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: fB7hh2GXY4xH776rhFjDB.huUnYxlijz
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "3ff814e5236412c48f322c8898ef45bc"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 393
x-amz-cf-id: VJGyoPku1rJF1mP9sc5qKRVpSAkoJa3e4IqnssSTOGLH56x9i8dMZA==

GET
H2 200 aa65686b-white-speakericons-01_100x00o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 404 B
786 B 48ms
9ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/aa65686b-white-speakericons-01_100x00o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: SdpeYUy0MO5YORzMSVuy8_Viz6BsrTAT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "6d0abbec035ce0c4075e7e7b8ee68550"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 404
x-amz-cf-id: KDir51tq_SP5dn9CtWbghOFJ_pQwoTbDBbFOkFBpDivjCSk8ygACcQ==

GET
H2 200 d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 9 KB
10 KB 48ms
10ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: .Gmi3My6fK6MRfntnmzV58_muKV8_4QH
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "6ca7442dfba9d9e783f10f04dfcaa249"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 9585
x-amz-cf-id: WZQNNDTYpNTxT0up9U-g_VXUVes8Ka73QItY3BCoLQx873Uq17oGbQ==

GET
H2 200 c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 3 KB
4 KB 48ms
9ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: oeBknaNPvoQLDq5Vjl9iPaLAFTFHWQjA
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "b5c5f324193b5e16bbbeba489c9bf2f9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3345
x-amz-cf-id: tEGDHYghggtL3EP7hpDsnqL5Zx3PBCvFf0eoqFjaOIaQdlpezyP2Tw==

GET
H2 200 8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 742 B
1 KB 48ms
10ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: fJ1BeroDHIx_Jv06TKxztRzLjZ4lL_OX
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "b02c898ea0b0b138b4c46168d31ebc9b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 742
x-amz-cf-id: _DkCXHtNHZgUIGFzNlDbq1eD_eMGp8VbDaSMx1x68lUVHdla26cnAA==

GET
H2 200 a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 1 KB
1 KB 48ms
11ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: yum4p_rhAkm1nTYFAGE2wq7M_hUm20HT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "9ac72e37f90441dec8054ca9fad4f958"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1035
x-amz-cf-id: Thzz1UgjfTWqNjANGIm5-irTrHXk-m45iw_oYf1PbnfLqnxNykaEUg==

GET
H2 200 6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 3 KB
3 KB 10ms
10ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: aDyvpqKXp41xw8HEvbuyhdy1xg3ZIqih
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626128
etag: "3e5b99433b8b72478180f7e404014a0b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2978
x-amz-cf-id: HLxqVDYZZwntV5bE6PmSMihLxrYP2Awa9o7mKgcmepGPSR_9LOFY7w==

GET
H2 200 b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 1 KB
2 KB 9ms
9ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:42:27 GMT
x-amz-version-id: LRC9xH_tyLGqDeQoL2zKv3xFiu5U7Sws
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4643672
etag: "c3187d70acad4469f04dd3d18fa9e6c3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1275
x-amz-cf-id: mYwpTlFE7FkisNVTi2GrV8oab6mZLWJfqu0trF-zUiKyK9-yix8nhg==

GET
H2 200 d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 5 KB
5 KB 10ms
9ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:17:38 GMT
x-amz-version-id: jAiQ1UJX3wNdQ.JEFJt3JzS5Nlzcc4b1
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4612761
etag: "86140e94391c453d7e943ecd2c76a385"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4874
x-amz-cf-id: VUWstL_2GDKRLprw7vGPfFKIgffXp474pVKqAIIxx1kXGN_07KHPxw==

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 0A85 325 B
821 B 417ms
416ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7af25334adb935fd-FRA
content-length: 325
content-type: text/html
date: Tue, 28 Mar 2023 19:36:58 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnHxy2g%2FYiuSJiulcWKlRh%2BP0fIBQUgbQtVUgnUPtVBiOvkNnt2m%2BCEjq1yrk80tnuts%2BjLMNg925H708VLupKpY2dcD18tMkrcQhGngZsX8d2gzOC6nu4Ledj0zfow1YGC1MdS4bheJ8LHzXhR4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: nUNCsnQzBEhfLrRUKnI7QYrwqKwPbAAM2Jqo+KQmldvQqxha6eComLUh5pNkPmxAlZY1al0KszRDq9heTXc8Ug==
x-amz-request-id: 2V43P2V7T3ESNW4M
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/795540/ 148 B
323 B 121ms
43ms XHR
application/json 52.16.92.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3f303823017921c313c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.16.92.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-92-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0810d0e635f12e1297c2f6f3bd6be187d2a7ad8f79e17f5dd16aea281d529709

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 9f0335df980cfbc99b1506756335ffffa06da899.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 105 KB
105 KB 59ms
15ms XHR
application/vnd.apple.mpegurl 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 876de18e83e13739b393e42acd0287e6ec5fcc9d7f589a253026a2f9adb2595a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 11:42:31 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 460589
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
x-cache: Hit from cloudfront
content-length: 107228
surrogate-key: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZGq3hTG7sDap_2yyG3775t2rqHU-UzrRmjb6WMd6O8u1qv4EHpVwDw==
expires: Fri, 22 Mar 2024 11:40:29 GMT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
538 B 125ms
124ms Stylesheet
text/plain 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.7502835729660193&r=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-88-218.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 i
events.ub-analytics.com/ 43 B
281 B 93ms
93ms Image
image/gif 34.230.252.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1680032218397&e=se&se_ca=external-conversion&se_ac=conversion&tv=js-2.14.0&tna=sp-ub-ext&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=25dc7477-cc5d-442d-ad62-35e8f848ec7f&dtm=1680032218397&vp=1600x1200&ds=1600x1251&vid=1&sid=c5738ca7-4b06-4c7e-ac20-99473f3cf3d4&duid=092e38ee-bee8-475a-843f-341637006cfd&uid=6dd0fa25-93cf-41b6-b265-02b48d559a6e&refr=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJleHRlcm5hbF9jb252ZXJzaW9uIiwiZXZlbnRNZXRhZGF0YSI6WyJjb252ZXJzaW9uIl0sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.252.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-252-255.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
136 B 122ms
121ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 28 Mar 2023 19:36:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 601B41A1A7004D69BA504C2532F98FD2 Ref B: FRA31EDGE0111 Ref C: 2023-03-28T19:36:58Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=4c9a0c41-7a92-46db-94b2-32dbc0a73654&sid=e7654ae0cd9f11ed868bbdae65cd7510&vid=e7657900cd9f11edaaef71cc2fa9bdbb&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&r=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&lt=3000&evt=pageLoad&sv=1&rn=981522

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 19:36:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 645B1E8B7BA6427A87D6604046FD5C19 Ref B: FRA31EDGE0111 Ref C: 2023-03-28T19:36:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.mwhealthcareconsulting.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1...
https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.mwhealthcareconsulting.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1...

15 KB
7 KB

328ms
121ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.mwhealthcareconsulting.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=fFsG519tRFZBOW0xbzBuUUdHTHZzaWF5YWt6QzV3SG44MVFBN0x5dFd2bkVKWXhDbHRsZiUyRmVYelJUJTJCWVpRdzVueXZUNlQ4ZjNKbXdWeXdQcDJFT2FNaDUlMkJmZCUyQmQxaHI1MDVxRmd0TmdXMXFyOGtYQWJxc3BOcU51ZERpTWMxTlpmOFdsTEpEaXFudEI3NDJqbjUxdEk4YnQ0dyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10249dfcf70d1ac8b93fecc612d1ae%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Fclick.mwhealthcareconsulting.com%252F&dtycbr=35689

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

70d69ca3d7e5ef763e7a12722001e9efcc8db6203cfa1288d1a7f3e990678928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15739641
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:36:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.mwhealthcareconsulting.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=fFsG519tRFZBOW0xbzBuUUdHTHZzaWF5YWt6QzV3SG44MVFBN0x5dFd2bkVKWXhDbHRsZiUyRmVYelJUJTJCWVpRdzVueXZUNlQ4ZjNKbXdWeXdQcDJFT2FNaDUlMkJmZCUyQmQxaHI1MDVxRmd0TmdXMXFyOGtYQWJxc3BOcU51ZERpTWMxTlpmOFdsTEpEaXFudEI3NDJqbjUxdEk4YnQ0dyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10249dfcf70d1ac8b93fecc612d1ae%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Fclick.mwhealthcareconsulting.com%252F&dtycbr=35689
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6285110
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/ 473 KB
474 KB 15ms
14ms XHR
video/mp2t 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 07:29:07 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 216471
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 158
content-length: 484664
surrogate-key: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iVt6ob8lFctpuhyTGsxeWG9NzzeeSKnnDbI16xRL_TwVMrow4eyk7g==
expires: Mon, 25 Mar 2024 07:29:07 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 10 KB
11 KB 76ms
37ms Font
font/woff2 13.32.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-125.cdg50.r.cloudfront.net

Software

Resource Hash

d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 07:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 10104
via: 1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 6611190
x-amzn-requestid: 8082c1cf-15c0-44a4-9bb1-1f5d8d6c6a9a
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ekQTzHA_oAMFVXQ=
content-length: 10127
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63be60e4-0f2e7c1c4090a6e565ef776a
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jc-3SGg3A3EfUG3VaALsJW0NJUJB1U_TUE-B1WMnoaV_tPpHYrQkLw==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 23 KB
24 KB 79ms
41ms Font
font/woff2 13.32.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-125.cdg50.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 05:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 2123452
x-amzn-requestid: 6598a217-c894-40bf-b1ea-6d56f3c3f20f
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: BPcswH0DoAMFV5g=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6402db1e-22b0b57e0f907b304e8b2995
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tPO3nNz3AwogKEUGCHZFZ1qJnlPvyNekeHX2YLTEG6N71g1gZKjZdQ==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 60ms
23ms Font
font/woff2 13.32.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-125.cdg50.r.cloudfront.net

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 05:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15744
via: 1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 6702647
x-amzn-requestid: 5315bb0d-68bc-48d0-a1f3-b67204b168ed
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: egxBgEbDIAMFwew=
content-length: 15767
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63bcfba3-110b87d30fd8541e744a9bce
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: iNl3_tLTxtNnnKcmxja80QAjJxqQrPyD16U-Fwa586Telz5_4HiZIw==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 60ms
26ms Font
font/woff2 13.32.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-125.cdg50.r.cloudfront.net

Software

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 05:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15860
via: 1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 3681288
x-amzn-requestid: dcd4df24-07ae-43d0-aece-fd9cd9b9d9d3
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: AUBY8FX9oAMF3jw=
content-length: 15883
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63eb15d2-0f8709960c499a1a0fabaece
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: C1_-3tHFqlDArpBGxcxl6aMcaaPOlqp-cpBl7QLtC0txsLASCKsmoA==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 75ms
45ms Font
font/woff2 13.32.145.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-125.cdg50.r.cloudfront.net

Software

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 04:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15740
via: 1.1 6fec3be7392a89a67d860f663eba31b2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 4978453
x-amzn-requestid: 598398eb-b9a7-4e8a-ac99-8bcf202abe26
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: fiie0G25oAMFsjQ=
content-length: 15763
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63d74ac5-404905c82ed7a44247cf3425
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HgsAxA2IdOJjojlV8F6HLi60ISQ0FoX7OCZwct0w4y4i2lcedga7Lg==

GET
BLOB 200
OK ad83ae44-8cfb-40ca-abba-ac28d8c58015
https://pages.upwellness.com/ 89 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/ad83ae44-8cfb-40ca-abba-ac28d8c58015
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 91220
Content-Type: text/javascript

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 3F8B 0
52 B 11ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://pages.upwellness.com
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://pages.upwellness.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 19:36:58 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 105 KB
105 KB 12ms
11ms XHR
application/vnd.apple.mpegurl 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: a25d2674b1e57094f1abce6ba27f63e639fbbf339bb164ed30d107d9d92f71bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:41:01 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 208557
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 93
content-length: 107228
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rLjs2toGzBNdXVUH5OhiRNzW0F8Xan4PjVFPYQog1AuODIK12qjIYA==
expires: Mon, 25 Mar 2024 09:41:01 GMT

GET
H2 200 seg-2-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 315 KB
0 16ms
15ms XHR
video/mp2t 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 07:26:02 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 475856
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 112
content-length: 364344
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: x6vLkaQC8IafCNov_4yUNTd64h4FeD0_oI-PUSBGi8wkk53I6HmvYA==
expires: Fri, 22 Mar 2024 07:26:02 GMT

GET
H2 200 seg-19-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 268 KB
269 KB 10ms
9ms XHR
video/mp2t 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-19-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8e8bcffc1a544adc3948e0dbf31ca6be52ff083f5f68f952b96612922f399a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 14:19:46 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 278232
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
content-length: 274104
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qtaWxcOJ0G5hzwEzQylEJB-g_JBHXpExwxBusEaAI6JLLIwd9dfbSg==
expires: Sun, 24 Mar 2024 14:19:46 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b
https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b&c=24a3d6f0fe7dd9c
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

3 KB
2 KB

184ms
184ms

Script
text/javascript

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2e42d1925f2666332734df23a98758a267a9db2abc600a90a68e4a12baff74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:59 GMT
content-encoding: br
x-frontend: cc-nginx-7dc7d4cd6f-tg98w:cc-nginx-7dc7d4cd6f-tg98w
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: bf72269b-fb89-4a3f-851c-169142efd542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WbmPLG6L25lXn2jPO9pXhggVtGpTOnssaT%2FW%2BZMr7XgdUEKt5Ip7o32y%2BKyTPgc0NkGaB8X9wq839k8HW3NXkI8fxFcmDD8iTbsh%2BheI8O1GKlsjVbYfPp1NIz9tczvUFARVKSKudPPGsqC3AlS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7af2533ad9b8367b-FRA

Redirect headers

date: Tue, 28 Mar 2023 19:36:59 GMT
x-frontend: cc-nginx-7dc7d4cd6f-tg98w:cc-nginx-7dc7d4cd6f-tg98w
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 0210b12e-a5bf-4198-a16e-bcfd3b3133dd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtV6BIsbjPAHwT%2BXJBS0%2B4WKOgqw6qrRqSFW4heYxYcrM21tCd5b5pO9efpojsNTHupUslMHb8QmaaBP9xS2XPwGjIzPdqf6nrMZDqyPiQ%2BdkHd2TwpYaqBN%2BvF9j2gVKZT39UyKZf5if6%2BH0ifEOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
cf-ray: 7af253384d73367b-FRA

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 460ms
156ms Image
application/json 3.213.120.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.120.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-120-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 0A85 389 KB
390 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:13 GMT
x-content-type-options: nosniff
age: 523905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398319
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 18:05:13 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 0A85 112 KB
112 KB 19ms
18ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9T1GPQ8731X9XJ7W
age: 4803653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: UMcBHYEJvINI21ohCP2jyc0uUkKU/2hobWpf01BfKLNRrAwx1JJhkkVDW0i7hosjZSJVkn4Zgis=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHGytg%2BrpTr6QavA0DWLDhSpRI1N8KW%2B8EmrKejUmVrB3ZEJtxl5MAfCLuLsC3bkXBr1qoDR9ukKdEQHG5LKySc92eelrmUSdZoTVsZcgejk0QdLu8N3DO6zbw4CoQxFmd0FAllj2OEMNaLtxQEs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7af253374ae035fd-FRA

GET
H2 200 seg-20-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 259 KB
260 KB 13ms
13ms XHR
video/mp2t 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-20-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 2e89f0751d19ba20497a73a38871501d927e8f9e3e54afca934e80d899da85f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 12:32:31 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 284964
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 168
content-length: 265080
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BPUfV2_0_R4pQ09e1zP3VPqvvQigaeQJDf5WtjBt311kWzoWf9BPOA==
expires: Sun, 24 Mar 2024 12:27:34 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 44 KB
18 KB 13ms
13ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a8fb6fd9cc5b9c9629d9877e2934bcf8ebb01d7a546e3882dc26d0b9d603f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:58 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3045
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18156
x-served-by: cache-iad-kcgs7200020-IAD, cache-hhn-etou8220028-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032219.783153,VS0,VE0
etag: "d2edcc75b2e78ecab471dbf94e1b7bdf"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 80

GET
H2 200 seg-21-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 218 KB
219 KB 11ms
11ms XHR
video/mp2t 2600:9000:223e:1800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-21-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 04db19863572b86fa46d45e097464ae6eddeec55d267227266fa332897326b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:35:25 GMT
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-P4
age: 377242
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 148
content-length: 222968
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2EC30cgkFsMUzkCKUWzU5A5NYTvCqOM58tftLnuGoXBgDTGRCTIMhw==
expires: Sat, 23 Mar 2024 10:49:36 GMT

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 0A85 178 B
1 KB 334ms
299ms XHR
application/json 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:59 GMT
via: 1.1 4a03c73f3dcfcfd37ea6a992da6dce06.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 178
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P4
x-amzn-requestid: 5c8572fa-d1f7-4cf7-9d74-9f3cfa20ab51
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: Cgc6SHNxIAMFphQ=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3WtjwYKnMaPN%2BPlpy15400zLLQo2Zjax4YP7d45KXz5JGMUrAhn5c76%2F7UP0xHXqk4GTVHNlqwMtdrQNNsTvkld6lFckkxTv%2Bzf%2B7%2F38BmvDbj9MtT5pspWznevFnv%2B6DuL0KQxdNS4ldPQlENP"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7af253384e073737-FRA
x-amzn-remapped-date: Tue, 28 Mar 2023 19:36:59 GMT
x-amz-cf-id: U8d3fFAPT4OYDTuJgseRLEnCTcgsyAOoUI8DI2ntDVS31ktzGD304A==
expires: 0

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
324 B 286ms
104ms Ping
text/plain 3.213.120.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.120.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-120-66.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 28 Mar 2023 19:36:59 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK firstVisit
io.v2.customerlabs.co/cl/ 0
324 B 321ms
141ms Ping
text/plain 3.213.120.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.120.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-120-66.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 28 Mar 2023 19:36:59 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
324 B 284ms
102ms Ping
text/plain 3.213.120.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.120.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-120-66.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 28 Mar 2023 19:36:59 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032219227&sw=1600&sh=1200&v=2.9.100&r=stable&ec=6&o=30&cs_est=true&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&eid=cl4975ot4arrr6708d8045-9f0a-4260-a9dd-8886e8626fef&tm=1&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&if=false&ts=1680032219230&cd[start_time]=2023-03-28T19%3A36%3A59.227Z&cd[customerlabs_user_id]=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b&sw=1600&sh=1200&v=2.9.100&r=stable&ec=7&o=30&fbp=fb.1.1680032218065.335499038&it=1680032217518&coo=false&eid=cl4975ot4arrr67363eff5-096d-4b6f-bf71-c0ebe4c016f5&tm=2&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:36:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 379ms
93ms Preflight 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Tue, 28 Mar 2023 19:36:59 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 0A85 0
200 B 94ms
93ms XHR
text/plain 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Tue, 28 Mar 2023 19:36:59 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 0A85 65 B
725 B 166ms
132ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522a07d4ad9-0f8f-4dd7-b42f-cc01bf8db8cd%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fclick.mwhealthcareconsulting.com%252F%2522%252C%2522referrerDomain%2522%253A%2522click.mwhealthcareconsulting.com%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10249dfcf70d1ac8b93fecc612d1ae%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff-2%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10249dfcf70d1ac8b93fecc612d1ae%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 18c2e19ad9b4baa8acf1eeb1e885559d412c83807da379caf854b0720b3fcf49

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:59 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-Eis6MBAinqz+TABmTyZd59P2Vo8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyaH4H3MszFEAiBWZ11Q6Rg5XgKQktWRiOQQGujyI7GFX%2Bn%2FlxFxdXzVKZBpqc0mzaAJeDLCVsoqKYUBq%2FN4OPRwPfLYm%2Bojr3Cd27aX4HVOk4WD%2F8KJBtdS%2B3G9tnCjeap4jlPQG0h%2FwcTEmOvfzEp7Shvp"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7af2533a7aee2d04-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 440ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1624&scd=0&ssd=1&est=1680032217620&ver=36&isls=true&src=i&invt=1500&msa=51&rv=1&tim=1680032219244&vi=1680032217617&ri=eea64fbb57c35f772152fc4df113eeb4&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 28 Mar 2023 19:36:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 440ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1625&scd=0&ssd=1&est=1680032217620&ver=36&isls=true&src=i&invt=1500&msa=51&rv=1&tim=1680032219245&vi=1680032217617&ri=ce3557ee4839bcfc420b2ce30d129490&ref=https%3A%2F%2Fclick.mwhealthcareconsulting.com%2F&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10249dfcf70d1ac8b93fecc612d1ae%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 28 Mar 2023 19:36:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame CDB0 1 KB
1 KB 582ms
582ms Document
text/html 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d09ce32fe10e3e70916270eb59af62924e24ec1d590b090f88322d392748ade

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7af2533c0c16367b-FRA
content-encoding: br
content-type: text/html
date: Tue, 28 Mar 2023 19:37:00 GMT
etag: W/"ZDFkNDIzZDVnNmU5Nmc0MGRmZzg4MTlnOWZkYzk5MTU4NDU0LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMot3GE4akCirI4fa2BnBzTN1Nnn9nkSjurZQUwVbBMx6J7PJWMqVYV4hI%2BP6KYyK1m%2BjZBVd5VrKgvG2h%2FGUpCQ5SGBg3ZF9mftkUVevVVdXCGakeMtNtuUu8twpMK17AscxcIEscUKIUdp9pb9kA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-7dc7d4cd6f-tt2nk:cc-nginx-7dc7d4cd6f-tt2nk
x-requestid: daa4bc00-d73a-4bba-9b56-d60b91d24bb8

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 174ms
174ms Image
application/json 3.213.120.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1680032218065.335499038&customerlabs_user_id=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b&t=0&sc=1600%20x%201200
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10249dfcf70d1ac8b93fecc612d1ae&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.120.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-120-66.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame CDB0
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=d1d423d5-6e96-40df-8819-9fdc99158454
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=d1d423d5-6e96-40df-8819-9fdc99158454&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=d1d423d5-6e96-40df-8819-9fdc99158454&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=29c0a0e6-1ce5-492d-8d68-88c9c972786e

0
333 B

465ms
465ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=29c0a0e6-1ce5-492d-8d68-88c9c972786e
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
x-frontend: cc-nginx-7dc7d4cd6f-zn95g:cc-nginx-7dc7d4cd6f-zn95g
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 4c22974e-c7fb-45c1-a9c8-15a60fe36d0d
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZtDZjKNQpxepJMcKhSRYWrkxUHCYUabW8sCN0YSbEYsxhLbSBXhBrdp8GfcM5eg6x4xPJ6e3cyDE5nEgCjRbWOvU39ULNWxtLNpc2Ro%2FyZYLy9l2oN6lkoscW5L%2FhdimXs98Y%2B0Ov6ZlLT52VZbWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7af25341de73367b-FRA

Redirect headers

date: Tue, 28 Mar 2023 19:37:00 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=29c0a0e6-1ce5-492d-8d68-88c9c972786e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame CDB0
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=8e8dc988-cf49-58ef-b063-80b112ab08e9&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=91967763-5f05-435c-8019-c3f2e4d64ce9&hem=

0
416 B

179ms
179ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=91967763-5f05-435c-8019-c3f2e4d64ce9&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
x-frontend: cc-nginx-7dc7d4cd6f-ghhhr:cc-nginx-7dc7d4cd6f-ghhhr
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: d5bdc4fe-b216-4f4e-8320-7145de9864a6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xn0HS9%2Fy8a9DExaRrqIbU0LWcrGuz%2F51eA93s%2FlI3lFghHY53rXC0hD%2FEeQwhopFphh6Xpiua1KgEfKRN1zB5h253AhwT15JLOTQHA7iUJmREKbmLLy%2B2mn15lDV0ktS7Vw%2Bex8HkLI%2FrC3btdbYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7af25343494a367b-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=91967763-5f05-435c-8019-c3f2e4d64ce9&hem=
date: Tue, 28 Mar 2023 19:37:00 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame CDB0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

33ms
33ms

Image
text/plain

52.213.31.46

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&cn=DE

Protocol

HTTP/1.1

Server

52.213.31.46 -, , ASN (),

Reverse DNS

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Tue, 28 Mar 2023 19:37:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET

56408
i.liadm.com/s/ Frame CDB0
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=d1d423d5-6e96-40df-8819-9fdc99158454
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d1d423d5-6e96-40df-8819-9fdc99158454&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...

0
0

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 2DA6 490 B
761 B 112ms
47ms Document
text/html 52.222.149.112

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.112 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: f1ebc79881dee1021c638c925b9f92b3b68d2e60f5f55380ff16e4c6fbcac984

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Tue, 28 Mar 2023 19:37:00 GMT
server: CloudFront
via: 1.1 bd03106f662746adc3512ff682754ad0.cloudfront.net (CloudFront)
x-amz-cf-id: CmJ9v8fqoXqVqzNu7SqccBZUmnoIz-YeKYCwSnHpvipmIsU7tAE3Xw==
x-amz-cf-pop: CDG52-P1
x-cache: LambdaGeneratedResponse from cloudfront

GET

/
a.clickcertain.com/px/smart/a/ Frame 2DA6
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e8799d10-cd9f-11ed-a02c-7730f31d3f96
https://a.clickcertain.com/px/smart/a/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e8799d10-cd9f-11ed-a02c-7730f31d3f96

0
0

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 2DA6 0
148 B 262ms
196ms Image
text/plain 44.237.224.31

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.224.31 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
server: awselb/2.0

GET
H/1.1 400
Bad Request fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 2DA6 27 B
27 B 34ms
34ms Image
text/plain 52.213.31.46

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.31.46 -, , ASN (),

Reverse DNS

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.liadm.com
URL: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=d1d423d5-6e96-40df-8819-9fdc99158454&ccid=d1d423d5-6e96-40df-8819-9fdc99158454&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dd1d423d5%25252d6e96%25252d40df%25252d8819%25252d9fdc99158454%252526anx_uId%25253d%252524UID

Domain: a.clickcertain.com
URL: https://a.clickcertain.com/px/smart/a/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e8799d10-cd9f-11ed-a02c-7730f31d3f96

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-vsl01-aff-2/	1970-01-20 15:05:29	Name: ubpv Value: ak%2Cfbe91892-5070-465e-914a-d53bab95f199
go.welldaily.com/	1970-01-20 10:50:37	Name: enc_aff_session_2 Value: ENC032d0f3bb84acc71d388151c226072a1f1b39a01df630fb85b9f191e2dd76c6aa93ca54e7a1442518cd825e60768e97b8c861777798921bc0bc941ab992929618ad9cb1118f4922ae8c06def18a06230b245de6bb6f549456dab4abf5fdcfeb9bb0226056fc0eb5776581832739b5bfb49fdf549a8efe5ab8dbdcdc6a05c7de5694c9cfc7ca8dc0bef19d9dda64bca49597998eba0bdee71c041f0ae30d31fbdeb4b937190893bd3f5cd2b641766c740ce49af43913662a80fc71b5fdf444ca8700c4a443f
go.welldaily.com/	1970-01-20 20:16:32	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTEwIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-20 14:59:44	Name: ubvs Value: 6dd0fa25-93cf-41b6-b265-02b48d559a6e
.upwellness.com/	1970-01-20 10:44:51	Name: ubvt Value: v2%7C6dd0fa25-93cf-41b6-b265-02b48d559a6e%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle
.upwellness.com/	1970-01-20 12:50:08	Name: _gcl_au Value: 1.1.511402156.1680032217
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 20:16:32	Name: _lc2_fpi Value: f0f26c15fa8f--01gwmvje5parc4s5rn0rwwb2b8
.tiktok.com/	1970-01-20 20:02:08	Name: _ttp Value: 2Nel20FUxMYRc8VBDCSDPwxilje
.doubleclick.net/	1970-01-20 20:02:08	Name: IDE Value: AHWqTUkpiC4HFYNQKftYEeMfxcytRJohzIfP_is2WIp2gxFsS3d17qsOs70hR0kG
.upwellness.com/	1970-01-20 20:16:32	Name: __nbpix_uid Value: 1-pw7lzxxd-lfsnszkc
.upwellness.com/	1970-01-20 20:16:32	Name: _ga Value: GA1.2.1478157510.1680032218
.upwellness.com/	1970-01-20 10:41:58	Name: _gid Value: GA1.2.382188714.1680032218
.upwellness.com/	1970-01-20 10:40:32	Name: _dc_gtm_UA-28307243-3 Value: 1
.liadm.com/	1970-01-20 20:16:32	Name: lidid Value: e865d7fc-5844-4dab-a5fc-6fd914c23689
.criteo.com/	1970-01-20 20:02:08	Name: uid Value: 52875d7f-b6d6-4807-bb15-c24bd4f8d34a
.upwellness.com/	1970-01-20 20:02:08	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-20 20:02:08	Name: _ttp Value: OdlpPaUTKSNKdC6xROl3IJXutf6
.upwellness.com/	1970-01-20 12:50:08	Name: _fbp Value: fb.1.1680032218065.335499038
.pages.upwellness.com/	1970-01-20 19:26:08	Name: _pin_unauth Value: dWlkPVlXUmtZV1prTlRFdE5XTmxOQzAwTWpOaExUbG1PV1F0TVdVMlpHSmpOVGM1T1RGaQ
pages.upwellness.com/	1970-01-20 10:40:32	Name: outbrain_cid_fetch Value: true
.yahoo.com/	1970-01-20 19:26:29	Name: A3 Value: d=AQABBNpBI2QCENTq5gGYMOw7Wvti6YkEow4FEgEBAQGTJGQtZAAAAAAA_eMAAA&S=AQAAAp3aFrimKHufakqzwgoZe8g
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: A529D84DE14886018729B93C111F8B00
.upwellness.com/	1970-01-20 20:16:32	Name: ucacid Value: 413855487.807284
.store.upwellness.com/	1970-01-20 20:16:32	Name: ucacid Value: 413855487.807284
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcHBftN8--QmTIWmAuST
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcHBftN8--QmTIWmAuST.n246
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: click.mwhealthcareconsulting.com
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1680032218213
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22click.mwhealthcareconsulting.com%22%2C%22utm_medium%22%3A%22Referrer%22%2C%22utm_cl_referrer_path%22%3A%22click.mwhealthcareconsulting.com%2F%22%2C%22utm_cl_sub_domain%22%3A%22click.mwhealthcareconsulting.com%22%7D
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr6d172c910-9de7-4e22-84a8-f7cebf6bd82b
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_sid Value: CL-d45b47b7-59b4-4c3a-a3c0
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr6b8e08148-dd38-46cb-a56e-2bdd45a45025
pages.upwellness.com/	1970-01-20 11:23:44	Name: nxtBtn Value: videoBtn
.upwellness.com/	1970-01-20 19:26:08	Name: _hjSessionUser_795540 Value: eyJpZCI6ImM1NzUwMmEyLWQzZmUtNTdlMC1iMDJhLWJiMmVlNmZiNDM3ZCIsImNyZWF0ZWQiOjE2ODAwMzIyMTgyNTUsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 10:40:34	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 10:40:32	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 10:40:34	Name: _hjSession_795540 Value: eyJpZCI6ImYxZTljMDYyLTQ5YzMtNDhiYS1iYzBkLWJhYTVmMzc1MjQyZSIsImNyZWF0ZWQiOjE2ODAwMzIyMTgzNzAsImluU2FtcGxlIjp0cnVlfQ==
pages.upwellness.com/	1970-01-20 10:40:32	Name: _hjIncludedInPageviewSample Value: 1
.upwellness.com/	1970-01-20 10:40:34	Name: _hjAbsoluteSessionInProgress Value: 0
.upwellness.com/	1970-01-20 10:41:58	Name: _uetsid Value: e7654ae0cd9f11ed868bbdae65cd7510
.upwellness.com/	1970-01-20 20:02:08	Name: _uetvid Value: e7657900cd9f11edaaef71cc2fa9bdbb
.upwellness.com/	1970-01-20 20:09:56	Name: cto_bundle Value: fFsG519tRFZBOW0xbzBuUUdHTHZzaWF5YWt6QzV3SG44MVFBN0x5dFd2bkVKWXhDbHRsZiUyRmVYelJUJTJCWVpRdzVueXZUNlQ4ZjNKbXdWeXdQcDJFT2FNaDUlMkJmZCUyQmQxaHI1MDVxRmd0TmdXMXFyOGtYQWJxc3BOcU51ZERpTWMxTlpmOFdsTEpEaXFudEI3NDJqbjUxdEk4YnQ0dyUzRCUzRA
.bing.com/	1970-01-20 20:02:08	Name: MUID Value: 2B64BEC9E8596C6A2BAFAC2BE9F56DF0
store.upwellness.com/	1970-01-20 10:50:37	Name: AWSALB Value: H80sgWPlzW4a0TRmc2yvwcjFTwYxUTfAq+p6jV/lkC/ixHKKLVHnTemohN67odtI6yj/4DQ3VF3t1FHFViTKzxnuuxTN9YmYJSYQQx1WqQG4wu4d3/Ji0U67xZ8C
store.upwellness.com/	1970-01-20 10:50:37	Name: AWSALBCORS Value: H80sgWPlzW4a0TRmc2yvwcjFTwYxUTfAq+p6jV/lkC/ixHKKLVHnTemohN67odtI6yj/4DQ3VF3t1FHFViTKzxnuuxTN9YmYJSYQQx1WqQG4wu4d3/Ji0U67xZ8C
.store.upwellness.com/	1970-01-20 19:26:08	Name: UPWEL-ANP Value: 6141
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1680034019229
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx_u Value: d1d423d5%2d6e96%2d40df%2d8819%2d9fdc99158454
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx Value: 24a3d6f0fe7dd9c
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx_24a3d6f0fe7dd9c Value: 1
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_eidsTracked Value: true

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: blob:https://pages.upwellness.com/ad83ae44-8cfb-40ca-abba-ac28d8c58015 Message: [log] > Debug logs enabled for "main"
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
ads.nextdoor.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
business.newsbreak.com
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cdn1.decide.dev
click.mwhealthcareconsulting.com
connect.facebook.net
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d3pkntwtp2ukl5.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dynamic.criteo.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events.ub-analytics.com
fast.wistia.com
fast.wistia.net
flask.nextdoor.com
fonts.ub-assets.com
go.maxweb.com
go.welldaily.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
in.hotjar.com
io.v2.customerlabs.co
live-visitor-counts.herokuapp.com
live.upwellness.com
match.prod.bidr.io
mug.criteo.com
pages.upwellness.com
pixel.tapad.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
tag.trovo-tag.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
a.clickcertain.com
i.liadm.com
100.20.6.198
108.138.17.78
13.32.145.125
13.32.99.21
141.226.228.48
143.204.222.226
151.101.129.44
151.101.65.131
151.139.128.10
170.187.185.18
178.250.0.157
178.250.1.9
18.207.63.238
18.66.200.179
212.82.100.181
23.206.208.183
23.35.237.86
23.36.162.152
2600:1f18:730:b140:318:4480:a19a:ad9
2600:9000:223c:d400:8:8845:1500:93a1
2600:9000:223e:1800:1e:c86:4140:93a1
2600:9000:223e:ce00:1e:c86:4140:93a1
2600:9000:2250:aa00:1d:11cf:5800:93a1
2606:4700:20::681a:27a
2606:4700:20::681a:932
2606:4700:3034::ac43:a9b0
2606:4700:3035::6815:2f0c
2606:4700:3108::ac42:2b71
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2003
2a00:1450:4001:810::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a02:2638::14
2a02:26f0:3500:895::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::622
2a04:4e42::622
2a06:98c1:3121::3
3.126.202.50
3.213.120.66
3.93.168.254
34.111.113.62
34.230.252.255
34.236.88.218
44.237.224.31
52.16.92.191
52.213.31.46
52.222.149.112
52.222.149.81
52.222.174.50
52.222.236.43
52.222.250.38
52.51.237.18
52.89.7.180
54.83.6.65
64.202.112.95
74.119.119.150
04db19863572b86fa46d45e097464ae6eddeec55d267227266fa332897326b1f
05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173
07bfeb247350657d6ae6efecb634288d14aedff52413edc11a9bb24878422484
0810d0e635f12e1297c2f6f3bd6be187d2a7ad8f79e17f5dd16aea281d529709
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa
0cbbcfca95bcebbe80abb951e011dd0cefe9db438f44013c85ab3b3dfba0069b
0d587f248ea1c0d1c3b3a3fc4d5d5c9b6a46ec99da9389b7bb5c846b5cee0938
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f4e06f2809f3adcd87e8a9682893c131d1cb55922a2701427c6386af7cc199f
17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59
18c2e19ad9b4baa8acf1eeb1e885559d412c83807da379caf854b0720b3fcf49
194b61ea7c150cd887afff564f576ac2fd1d96e8d210feb18f43d2d5bdc90f76
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
265bd2efe70f56cf52f1be3ec3bd09ffaf7adf2a5386021e68c2d6c71ce3ed84
2816917edd50b188aeb74fcf10ba69ffd6fdc1cb98f786fd205991d03f887b41
282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2e89f0751d19ba20497a73a38871501d927e8f9e3e54afca934e80d899da85f9
2ea15d13fdab482b2e1a65e1472ae8ff13cfa87e885485c943d85aabb8de8a93
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
301f8d94defec9737842bc50bdfc63df97a37e29a1397c6acf87b500e8045590
316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3
31aefe7b5bdb81ed5f516708ce92360e8d4653e9ff540b041b164eca4d6cd3d5
34578cbb643e46bf7c804a6f3d09d73b2cb6b5943a19d89a31d5bcf722f66aeb
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f
3da2f7959056fe0bc653de93a8992204e8778b56ca5b1d44de5728863a5551a1
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
457a6bbd32523a72293e8041d1ba07046b5f2c936c20b63b3e6786545ecfcb7f
4a8fb6fd9cc5b9c9629d9877e2934bcf8ebb01d7a546e3882dc26d0b9d603f8d
4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d09ce32fe10e3e70916270eb59af62924e24ec1d590b090f88322d392748ade
5fcf16da104a4c57a805b0b7d4f4b86972e5ef555ce33d5c6961f27e3806c491
6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371
635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da
673b470642c66a8ef082e17cceffb9f2e22788c55070626100a4ae88045e3243
68c88c7142356fa135fd98aa31306497b045145a164baffee2dc76575110381f
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918
70d69ca3d7e5ef763e7a12722001e9efcc8db6203cfa1288d1a7f3e990678928
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7dd7d12d4cc195e05cd72a9623588ecabf14c71d7037558b22cee18309ee35b4
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153
86986d6474300ea909176542575649e86e28b033e68b9af6177deef7bb8b91ec
87433f3ccbe4b9b04c2f1c71a78981be8cf7f4ad080bca74fd2f5032cf2751ca
876de18e83e13739b393e42acd0287e6ec5fcc9d7f589a253026a2f9adb2595a
8e8bcffc1a544adc3948e0dbf31ca6be52ff083f5f68f952b96612922f399a5b
8ed9e0d5afcaed5fe18ebb7d938824c4712703e31d79a3e53c26ea9bae9db9f1
8f28db54bb578866db6b14678931d7b91ebbf26cb798f3913c7298266281d806
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92757c48c846b8f8c1954ccb09a3a4b7e086ca408e4e346cf09c8085dc6ea2f2
936ab2395676ca99f02a86db9c88b8eadac19e465f37481b03ce89d2800c2feb
977bc968ece763aae13a3b6de45dc1f909c7b407ab260f4dcb7ecaa070bf756a
9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306
9abfe2e64f8fe1d51ec458aa9c38886240600d589d8013a1d2e5ff033b45391d
9ff8380e1cd4e31ccf877aff589c0f0ac4dc16f0d3d4476d9001f69f0c42c98c
a119b787844e66e12853a9bd720e4ca511619e2f33f5aedf1a4cf565c4f047f9
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a25d2674b1e57094f1abce6ba27f63e639fbbf339bb164ed30d107d9d92f71bd
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
bad4fefd52afc4c5dd800e371464d2a7efcff0465811d648313bfe153f6d7e5a
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
be4a01c68a03621a0e9d917d11a0807b12640080ab86f5d766040ca9dc2e45cd
bea1fcc84e0690ef12eebaa114be35c46f92e19022767f32b962788a60b3e1bd
c13927223f0133ee9ecde0f8f65cf415c0f2ae898044a038a002aa05d266edc5
c36c35defd7d43c06001ead5fdacefba8baa03194a67da2de6463352715000d2
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb922ba96736c011c5c8e3bad8312a52b45f3afd24ed8791d050c52ea2b2f407
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d24266de1015429582c762096bb6378f2c73d2885ca8daabc88fb22887f52446
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
da8c4e992b498fd0be4289d50ea0bd78b6e2369312298fce60144b48134c88d2
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
def564fc498bc5147cf79aa16e5a6f93789115cc0f4740b0b089df37fa6ba132
df2e42d1925f2666332734df23a98758a267a9db2abc600a90a68e4a12baff74
dfa4cef9560957ad3f7a2725b4658ca4891abc3cc38febd674a073f53c398f05
dfe8af3b10655f0863d2428e52f52699ac3f3b7d0fdfd3887cb35efc8242e10c
e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e24dcc66155374719121ae3ad31a21a0864ab4fe6b63fdf63f6c5b8ccff5cf
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e72ac596eba62521f2d7e2e9182f96ba7409a304a6e3d1f3755613b18aea45b5
e9b0d91e8e65b08938cb76ceefafb488c027824895e531f72260b1c2c89992a8
eea034ffd62f0a545a3542a92bf21505cc33bd8cffcc233132069983eea7512d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f18a5d228906cf78085b322bc7a3cb24fd01ec1aedd3fc865c6fdd43dfb0cef7
f1ebc79881dee1021c638c925b9f92b3b68d2e60f5f55380ff16e4c6fbcac984
f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5fdb0e547028256fdb5662c9e84afcf84927ea56148435c521ba356e7b6f0ac
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a
fe50ae8e0cade09e78b21fd77b1985ea3a282d373c2e61041dd2c612718f9770

pages.upwellness.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

93 %HTTPS

42 %IPv6

43 Domains

67 Subdomains

59 IPs

7 Countries

4510 kBTransfer

9156 kBSize

52 Cookies

0 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

93 %
HTTPS

42 %
IPv6

43
Domains

67
Subdomains

59
IPs

7
Countries

4510 kB
Transfer

9156 kB
Size

52
Cookies

162 HTTP transactions
1 data transactions