pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH231103PM
Effective URL:
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH...
Submission: On January 02 via manual (January 2nd 2024, 9:46:54 pm UTC) from US — Scanned from DE

Summary HTTP 273 Redirects Behaviour Indicators

Summary

This website contacted 96 IPs in 9 countries across 85 domains to perform 273 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on December 16th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.31.40.31 52.31.40.31	16509 (AMAZON-02) (AMAZON-02)
4	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
2	18.64.79.18 18.64.79.18	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:944b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:209... 2600:9000:2090:9800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	52.205.151.245 52.205.151.245	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.208.151.79 34.208.151.79	16509 (AMAZON-02) (AMAZON-02)
9	2.23.209.165 2.23.209.165	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.165.183.66 18.165.183.66	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.60 13.32.27.60	16509 (AMAZON-02) (AMAZON-02)
39	52.222.137.129 52.222.137.129	16509 (AMAZON-02) (AMAZON-02)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b120:91ea:16b1:565a:949a	14618 (AMAZON-AES) (AMAZON-AES)
1	44.210.34.0 44.210.34.0	14618 (AMAZON-AES) (AMAZON-AES)
1 6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	18.66.2.98 18.66.2.98	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.191 70.42.32.191	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.137.68 18.66.137.68	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.214.168.80 35.214.168.80	15169 (GOOGLE) (GOOGLE)
3	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	44.226.247.160 44.226.247.160	16509 (AMAZON-02) (AMAZON-02)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:226... 2600:9000:2261:8800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2.16.238.13 2.16.238.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1 7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.129.181 151.101.129.181	54113 (FASTLY) (FASTLY)
6	18.66.2.35 18.66.2.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20e8:a00:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2600:9000:226... 2600:9000:2261:6800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.2.12 18.66.2.12	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 28	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:226... 2600:9000:2261:9e00:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 3	52.58.145.198 52.58.145.198	16509 (AMAZON-02) (AMAZON-02)
5 6	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	88.221.168.23 88.221.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	217.182.178.233 217.182.178.233	16276 (OVH) (OVH)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 5	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	88.221.110.96 88.221.110.96	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	52.30.133.211 52.30.133.211	16509 (AMAZON-02) (AMAZON-02)
3 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	54.171.3.160 54.171.3.160	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
3	34.241.183.25 34.241.183.25	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.159.136.150 18.159.136.150	16509 (AMAZON-02) (AMAZON-02)
1	18.232.255.36 18.232.255.36	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	3.121.221.105 3.121.221.105	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:1f18:612... 2600:1f18:612b:4216:2994:5ad:21a7:a60b	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.213.165.82 23.213.165.82	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.78.158.58 54.78.158.58	16509 (AMAZON-02) (AMAZON-02)
1	52.57.138.113 52.57.138.113	16509 (AMAZON-02) (AMAZON-02)
1	18.64.119.48 18.64.119.48	16509 (AMAZON-02) (AMAZON-02)
2	52.214.3.70 52.214.3.70	16509 (AMAZON-02) (AMAZON-02)
4	3.210.192.5 3.210.192.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.192.87.239 54.192.87.239	16509 (AMAZON-02) (AMAZON-02)
1	52.28.243.58 52.28.243.58	16509 (AMAZON-02) (AMAZON-02)
1 1	3.227.60.148 3.227.60.148	14618 (AMAZON-AES) (AMAZON-AES)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1 1	18.192.29.189 18.192.29.189	16509 (AMAZON-02) (AMAZON-02)
1 1	18.199.22.54 18.199.22.54	16509 (AMAZON-02) (AMAZON-02)
4 4	54.36.150.182 54.36.150.182	16276 (OVH) (OVH)
1	3.122.86.227 3.122.86.227	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	52.73.241.111 52.73.241.111	14618 (AMAZON-AES) (AMAZON-AES)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.156.188.18 35.156.188.18	16509 (AMAZON-02) (AMAZON-02)
1 1	23.192.153.172 23.192.153.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	2607:ae80:192... 2607:ae80:192:1::172	26558 (FREEWHEEL) (FREEWHEEL)
1	35.186.196.148 35.186.196.148	15169 (GOOGLE) (GOOGLE)
1	18.206.27.123 18.206.27.123	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.64.79.71 18.64.79.71	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
273	96

1 52.31.40.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-40-31.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.79.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-18.txl50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:944b (United States)

ASN13335 (CLOUDFLARENET, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:9800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.205.151.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-151-245.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.208.151.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-151-79.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.23.209.165 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-165.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-66.zrh55.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-60.fra56.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.222.137.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-129.ams50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:91ea:16b1:565a:949a (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.210.34.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-34-0.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-98.txl50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-68.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.226.247.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-247-160.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2261:8800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-13.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.181 (United States)

ASN54113 (FASTLY, US)

views.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.2.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-35.txl50.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:a00:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2261:6800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-12.txl50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2261:9e00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.145.198 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-145-198.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.52 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.178.233 (France)

ASN16276 (OVH, FR)
PTR: ip233.ip-217-182-178.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.110.96 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-96.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.133.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-133-211.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.3.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-3-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.183.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.136.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-136-150.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.255.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-255-36.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.221.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-221-105.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:2994:5ad:21a7:a60b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.158.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-158-58.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.138.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.119.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-48.txl50.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.3.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.210.192.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-192-5.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.87.239 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-87-239.ams50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.243.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-243-58.eu-central-1.compute.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.60.148 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-60-148.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.29.189 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-29-189.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.199.22.54 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-199-22-54.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.182 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip182.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.86.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-86-227.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.241.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-241-111.compute-1.amazonaws.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.188.18 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-188-18.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.153.172 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:192:1::172 (United States) 2 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.196.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.196.186.35.bc.googleusercontent.com

sync.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.27.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-27-123.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.79.71 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-71.txl50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	cloudfront.net d9hhrg4mnvzow.cloudfront.net d2cli4kgl5uxre.cloudfront.net	2 MB
28	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 398	23 KB
23	wistia.com fast.wistia.com — Cisco Umbrella Rank: 11192 embed-ssl.wistia.com — Cisco Umbrella Rank: 19585 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 16748 distillery.wistia.com — Cisco Umbrella Rank: 17080	3 MB
11	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	10 KB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4009 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867 sslwidget.criteo.com — Cisco Umbrella Rank: 2480 widget.us.criteo.com — Cisco Umbrella Rank: 27168 dis.criteo.com — Cisco Umbrella Rank: 943	34 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	786 KB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 818	263 KB
9	upwellness.com pages.upwellness.com live.upwellness.com store.upwellness.com	107 KB
8	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 1255 trc.taboola.com — Cisco Umbrella Rank: 960 trc-events.taboola.com — Cisco Umbrella Rank: 2320 sync.taboola.com — Cisco Umbrella Rank: 1916	24 KB
7	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 692 c.bing.com — Cisco Umbrella Rank: 539	31 KB
7	google.de www.google.de — Cisco Umbrella Rank: 4002	1 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	2 KB
7	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 2033 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505 cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418	1 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 x.clarity.ms — Cisco Umbrella Rank: 27242 c.clarity.ms — Cisco Umbrella Rank: 2579	28 KB
6	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	5 KB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 36370	125 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3674 tr.outbrain.com — Cisco Umbrella Rank: 3336 wave.outbrain.com — Cisco Umbrella Rank: 3465 sync.outbrain.com — Cisco Umbrella Rank: 1287	9 KB
5	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 100603 api.useproof.com — Cisco Umbrella Rank: 98097	602 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 6260	1 KB
4	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 391471	2 KB
4	casalemedia.com 3 redirects r.casalemedia.com — Cisco Umbrella Rank: 2571 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796	2 KB
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173 usermatch.krxd.net — Cisco Umbrella Rank: 3030	693 B
3	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1499 image2.pubmatic.com — Cisco Umbrella Rank: 1555 image6.pubmatic.com — Cisco Umbrella Rank: 1215	465 B
3	360yield.com ad.360yield.com — Cisco Umbrella Rank: 995 match.360yield.com — Cisco Umbrella Rank: 3385	595 B
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	2 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1664 c1.adform.net — Cisco Umbrella Rank: 1001	1 KB
3	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 620 token.rubiconproject.com — Cisco Umbrella Rank: 744	892 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	247 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1083	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
3	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 9164 gtrace.mediago.io — Cisco Umbrella Rank: 6276	38 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 876	7 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4454 rp.liadm.com — Cisco Umbrella Rank: 2334 rp4.liadm.com — Cisco Umbrella Rank: 5208	16 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2396	1 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 274	614 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 958	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 930	343 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 2790 lm.serving-sys.com — Cisco Umbrella Rank: 4864	777 B
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522 sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 12026	75 B
2	tremorhub.com 1 redirects criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791 amazon.partners.tremorhub.com — Cisco Umbrella Rank: 11608	787 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	69 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	279 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	326 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	91 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 67197 business.newsbreak.com — Cisco Umbrella Rank: 13910	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 9125 flask.nextdoor.com — Cisco Umbrella Rank: 7778	4 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1174	21 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 27554	51 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 33390	37 KB
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 3740	342 B
1	fout.jp sync.rfp.fout.jp — Cisco Umbrella Rank: 8891	275 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 3735	122 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 1261	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 973	486 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 6280	491 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 2319	324 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1708	375 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 2126	204 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 11143	656 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 5795	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 6811	879 B
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 1732	82 B
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 123986	812 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 3028	44 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4236	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28126	153 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1607	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1753	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 9290	265 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 658	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1124	385 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	319 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3178	163 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1093	787 B
1	gstatic.com www.gstatic.com	114 KB
1	unsplash.com views.unsplash.com — Cisco Umbrella Rank: 100420
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2641	822 B
1	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 167045
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	27 KB
1	welldaily.com 1 redirects go.welldaily.com	2 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	myvisualiq.net Failed t.myvisualiq.net Failed
273	85

	Domain	Requested by
39	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
28	s.amazon-adsystem.com	1 redirects pages.upwellness.com s.amazon-adsystem.com
13	fast.wistia.com	pages.upwellness.com fast.wistia.com
10	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
9	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
7	www.google.de	pages.upwellness.com
7	www.google.com	1 redirects pages.upwellness.com
6	ib.adnxs.com	5 redirects
6	embed-cloudfront.wistia.com	fast.wistia.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	bat.bing.com	pages.upwellness.com bat.bing.com
6	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
4	cookie-matching.mediarithmics.com	4 redirects
4	live-visitor-counts.herokuapp.com	cdn.useproof.com
4	ups.analytics.yahoo.com	s.amazon-adsystem.com
4	cm.g.doubleclick.net	4 redirects
4	trc-events.taboola.com	cdn.taboola.com
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
4	pages.upwellness.com	pages.upwellness.com cdn.mediago.io
3	dpm.demdex.net	2 redirects
3	x.bidswitch.net	2 redirects
3	www.facebook.com	pages.upwellness.com
3	x.clarity.ms	www.clarity.ms
3	ct.pinterest.com	s.pinimg.com pages.upwellness.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	uipglob.semasio.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	c1.adform.net	2 redirects
2	match.360yield.com	s.amazon-adsystem.com
2	beacon.krxd.net	s.amazon-adsystem.com
2	api.useproof.com	cdn.useproof.com
2	match.sharethrough.com	s.amazon-adsystem.com
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	s.amazon-adsystem.com
2	rtb-csync.smartadserver.com	s.amazon-adsystem.com
2	pixel.rubiconproject.com	1 redirects
2	dis.criteo.com
2	pipedream.wistia.com	fast.wistia.com
2	c.clarity.ms	1 redirects
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	sp.analytics.yahoo.com	pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	gtrace.mediago.io	cdn.mediago.io
2	www.clarity.ms	pages.upwellness.com www.clarity.ms
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tr.outbrain.com	amplify.outbrain.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	builder-assets.unbounce.com	pages.upwellness.com
1	image6.pubmatic.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	sync.rfp.fout.jp	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	sync.taboola.com	1 redirects
1	sync-amazon.ads.yieldmo.com	s.amazon-adsystem.com
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	s.amazon-adsystem.com
1	crb.kargo.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	capi.connatix.com	s.amazon-adsystem.com
1	dsum-sec.casalemedia.com	1 redirects
1	analytics.proofapi.com	cdn.useproof.com
1	distillery.wistia.com	fast.wistia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	criteo-sync.teads.tv
1	contextual.media.net
1	c.bing.com	1 redirects
1	www.gstatic.com	cdn.useproof.com
1	script.hotjar.com	static.hotjar.com
1	d2cli4kgl5uxre.cloudfront.net	cdn.mediago.io
1	flask.nextdoor.com	pages.upwellness.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	views.unsplash.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	region1.google-analytics.com	www.googletagmanager.com
1	embed-ssl.wistia.com	pages.upwellness.com
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	business.newsbreak.com	static.newsbreak.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	wave.outbrain.com	amplify.outbrain.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	mug.criteo.com	pages.upwellness.com
1	www.googleadservices.com	www.googletagmanager.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	cdn.mediago.io	pages.upwellness.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	cdnjs.cloudflare.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	go.welldaily.com	1 redirects
0	sync.search.spotxchange.com Failed	s.amazon-adsystem.com
0	t.myvisualiq.net Failed	s.amazon-adsystem.com
273	130

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2023-12-16` - `2024-03-15`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.js.ubembed.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
live.upwellness.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
store.upwellness.com R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
useproof.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-06-25` - `2024-07-23`	a year	crt.sh
*.mediago.io Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M02	`2023-08-28` - `2024-09-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-05` - `2024-08-05`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-01` - `2024-12-21`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
proofapi.com GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2023-04-14` - `2024-05-12`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M03	`2023-12-12` - `2025-01-10`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.rfp.fout.jp RapidSSL TLS RSA CA G1	`2023-08-03` - `2024-09-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Frame ID: 13B7E9BF75C87820F5C0EE52D1131FF6
Requests: 181 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 2FE1E1CCCF32F859798F0D03A5D4626B
Requests: 2 HTTP requests in this frame

Frame: https://pages.upwellness.com/_ub/static/ts/0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js
Frame ID: 575C69C1004C93CC2BB7370B4E5D2577
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 68C264CACD25EC141F9C587B49CF0DDC
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450&dcc=t
Frame ID: 4A68B3CBB62D8AA8508AE6C1A1761619
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 8A0A35B5B07F3E3B20BEF8D913B7DF65
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_gid=CAESEFkAjqawvq_VfgTw2mIuiNc&google_cver=1&google_ula=913071,0
Frame ID: DAD2697FBEC1560D5CF3FA9E0868A21C
Requests: 30 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Frame ID: 426AC5F5E55AE6395B8997733EC785D5
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH231103PM HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFF... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

273
Requests

86 %
HTTPS

26 %
IPv6

85
Domains

130
Subdomains

96
IPs

9
Countries

7425 kB
Transfer

12406 kB
Size

101
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH231103PM HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://rp.liadm.com/j?dtstmp=1704232007645&aid=a-057g&se=e30&duid=f0f26c15fa8f--01hk629dv340fvdat9s1695fes&tna=v2.11.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?se=e30&duid=f0f26c15fa8f--01hk629dv340fvdat9s1695fes&aid=a-057g&tna=v2.11.2&dtstmp=1704232007645&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6NA%3D%3D&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-

Request Chain 49

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VYE-zXxTTVNtTTdOaHcwYnBqaSt2dXNwT09xVmgzMytaY1M5TjNKdVZKdGhPNTRObi95RTZqQlMzbkprZTVoK2Q0TVVuNjEwUWo4L0h6ME5USVgvd0xQM2FGRW5tdHZGTlAxRTZnQWZjVThnYUJzNnpYM3BDcWhLVDRkVFhVenB5ZkNkbzdabHUxTHBrTHc0dkZNTktSc1BMSjZUSS9hRGcrVVlMZEpvenA0dFJsTUJxRndPNU1tV1hmYjBLbUNwWUJEczlQYUxCNTRkUVRtanJoY0lHNGoreFpUaXlxLzFLSTFpdCtOMTFya0FkeWZnMlFzNzg4SHpJSFJBdjlMRkEyQ0FZUjlJYlN1WThoTktHUTZzSTR5VlVSc2pwaWkrcXQ3N2hTTmlmaFIzMEhhcz18&cppv=2

Request Chain 71

https://sslwidget.criteo.com/event?a=102531&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRUkUzJTJGWHprUWZxNUtIM2tESkRQck8xYWRiTVFEVnVOTmdxWVlQczY3Z0xQN3M2Sm5Ha0hKaUdKakU2WkxsNmJkSEpRdDV1eEIxJTJCdiUyQmdEZUN2YTNIRFBua1VyOGxiZGpYTzFUbGVMYkVxQkRUUjI2NXVYZGpxZyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102e4374e08f24b853c51d97120f51%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH231103PM&ceid=17dbb0da-c093-4c0b-86fd-71c0eee48f55&dtycbr=58841 HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRUkUzJTJGWHprUWZxNUtIM2tESkRQck8xYWRiTVFEVnVOTmdxWVlQczY3Z0xQN3M2Sm5Ha0hKaUdKakU2WkxsNmJkSEpRdDV1eEIxJTJCdiUyQmdEZUN2YTNIRFBua1VyOGxiZGpYTzFUbGVMYkVxQkRUUjI2NXVYZGpxZyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102e4374e08f24b853c51d97120f51%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH231103PM&ceid=17dbb0da-c093-4c0b-86fd-71c0eee48f55&dtycbr=58841

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=SISUZcBKgJfvwQ-hqoegBg&sscte=1&crd=&pscrd=Ek5DaEFJZ0lYUHJBWVF5TEM2djdpbjE3OGJFaVlBNG0xdjlmUXd2QUdDTWZnMDNsZ2s4bmVRRnJZZnNTcXRnWEVyWEFYRDZGWWxsS1N0V2caWkNoRUlnSVhQckFZUXhheXZzWXV1enZQUEFSSXVBSGtWMmVQMkF2OTFKV3d2UWdTaWRXLU1PejBtYjl2WE9idE9tYk5iU241c01FU01XQURYcjZaRmU0a2NTQSITCMCOz_vWv4MDFYDLOwIdIdUBZA HTTP 302
https://www.google.com/pagead/1p-conversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0lYUHJBWVF5TEM2djdpbjE3OGJFaVlBNG0xdjlmUXd2QUdDTWZnMDNsZ2s4bmVRRnJZZnNTcXRnWEVyWEFYRDZGWWxsS1N0V2caWkNoRUlnSVhQckFZUXhheXZzWXV1enZQUEFSSXVBSGtWMmVQMkF2OTFKV3d2UWdTaWRXLU1PejBtYjl2WE9idE9tYk5iU241c01FU01XQURYcjZaRmU0a2NTQSITCMCOz_vWv4MDFYDLOwIdIdUBZA&is_vtc=1&ocp_id=SISUZcBKgJfvwQ-hqoegBg&cid=CAQSKQAvHhf_MmHa1-IuetcMjTekZ_x4q1_CaqGIRRTv2x6i8v9yL3Ik-WjX&random=515008975 HTTP 302
https://www.google.de/pagead/1p-conversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0lYUHJBWVF5TEM2djdpbjE3OGJFaVlBNG0xdjlmUXd2QUdDTWZnMDNsZ2s4bmVRRnJZZnNTcXRnWEVyWEFYRDZGWWxsS1N0V2caWkNoRUlnSVhQckFZUXhheXZzWXV1enZQUEFSSXVBSGtWMmVQMkF2OTFKV3d2UWdTaWRXLU1PejBtYjl2WE9idE9tYk5iU241c01FU01XQURYcjZaRmU0a2NTQSITCMCOz_vWv4MDFYDLOwIdIdUBZA&is_vtc=1&ocp_id=SISUZcBKgJfvwQ-hqoegBg&cid=CAQSKQAvHhf_MmHa1-IuetcMjTekZ_x4q1_CaqGIRRTv2x6i8v9yL3Ik-WjX&random=515008975&ipr=y

Request Chain 176

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450&dcc=t

Request Chain 178

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CF8D7ED2220B4759AAC6F0F638FF0823&RedC=c.clarity.ms&MXFR=1DD0372EB92F65663C7624D4BD2F6B8D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CF8D7ED2220B4759AAC6F0F638FF0823&MUID=21E7845FBDB469DF0CBE97A5BC3F681B

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_cm&google_hm=ay02VDh0YTVEN29BTllFNHhETGUtNzBxcVRlUVJGZmcxcURrRjZZUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_gid=CAESEFkAjqawvq_VfgTw2mIuiNc&google_cver=1&google_ula=913071,0

Request Chain 182

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4944762894601664460

Request Chain 192

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DAc0WpD7oANYE4xDLe-70qqTeQTLQyRJIIdMlw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DAc0WpD7oANYE4xDLe-70qqTeQTLQyRJIIdMlw&C=1

Request Chain 193

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=6-2vp5bcQ6I5nNcpvPdXfQD27QVeDrUG HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=6-2vp5bcQ6I5nNcpvPdXfQD27QVeDrUG

Request Chain 213

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ECXoasLR1VqRBb_JYqahkIG5zvrJt34W

Request Chain 219

https://ib.adnxs.com/setuid/a9?entity=188&code=E63xWyzYRXKXd_O5_6ZEzw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=E63xWyzYRXKXd_O5_6ZEzw

Request Chain 222

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=TUhbukHGRVSdwGltsTIJ9A&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZZSESuQejaRvKX-.yMvmXAAA

Request Chain 225

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=6549d3c8d526432393f242e446fc443e

Request Chain 226

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 229

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=126042d011d874025

Request Chain 230

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KDe_G8HBQkCfTfFeRr1Qzw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KDe_G8HBQkCfTfFeRr1Qzw

Request Chain 231

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PDam62e5SWisOGv5eMlGXA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75148124913757248733466117686573801770

Request Chain 233

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9154305815548015478

Request Chain 234

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%221e5633eb-8a0b-4bb1-b700-b0e4292c011b%22,%22Time%22:%2220240102T214650.772812%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=1e5633eb-8a0b-4bb1-b700-b0e4292c011b

Request Chain 235

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEOwA9ruESFt3jcA1wvh75Fs&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOwA9ruESFt3jcA1wvh75Fs&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4944762894601664460&opid=apx&ops=&utidl=tech:goo:CAESEOwA9ruESFt3jcA1wvh75Fs&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 303
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-65573418266&gdpr=0

Request Chain 236

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LMazerQqx9wfezzKsa6IaTc4fM04ZgAC

Request Chain 238

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4944762894601664460&ex=appnexus.com

Request Chain 240

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5GamtT7hMbSzfyH6rGeg7g&ex=rubiconproject.com&status=ok

Request Chain 242

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=87711E0A4B8494652B00244C02585D17

Request Chain 245

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=21bf268d-6c0d-484b-8ff2-ce12ab360d2a-tuctc8e09cb

Request Chain 246

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217553104749005316244&ex=neustar.biz

Request Chain 247

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6469c9f2f7e77c75e571325379dda9af

Request Chain 248

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 251

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Request Chain 252

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=53b360b316c9afd5b941dffa99bd6ed&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 256

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=SOoyQzDdSsqe-GcXzc_sHA&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=869ba257eb38166ac1c98795e2c793a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=SOoyQzDdSsqe-GcXzc_sHA

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDFkAGTpBzVR2A1W-osba7Q&google_cver=1

Request Chain 260

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a89134f9ad2597027b743b0e20348d0d

Request Chain 263

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=FE3DD7FDA32CC97A

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=PuuVyzyDSOqKwizJ5m2OXg& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 265

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=aae3d8c105eb724451dbaf7619282332d0ecf3392daf4eda708c40929a69e2ba

273 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-fps/
Redirect Chain

https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH231103PM
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

300 KB
42 KB

231ms
87ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f12d4c7c40ae07e622741c09f162cc106459f968b2a3bfae44370357b843b5c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 41640
content-location: https://pages.upwellness.com/uc-grplus-fps/
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 21:46:47 GMT
etag: "an:3febca2311fc445eb23be86cff01efdd"
link: <https://pages.upwellness.com/uc-grplus-fps/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: 6d2c7105-ebae-455a-91f2-47af4209ed5f
x-unbounce-variant: an
x-unbounce-visitorid: 3febca23-11fc-445e-b23b-e86cff01efdd

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 02 Jan 2024 21:46:47 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102e4374e08f24b853c51d97120f51
X-Request-Id: c8050b77d1c90e1ab831290e809661f8
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 103ms
28ms Stylesheet
text/css 18.64.79.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-18.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 18:08:11 GMT
content-encoding: gzip
via: 1.1 7da1d60a481ae3940f6605e4b4cab476.cloudfront.net (CloudFront)
x-amz-version-id: fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop: TXL50-P2
age: 8653117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Tue, 11 Jul 2023 16:18:48 GMT
server: AmazonS3
etag: "99b89a3d5f7bab4f89aad694ef70a6d8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CDfu1t5PIaX5CUIvznASfW8YdQO6eA1lvhzJBay-LHJ58piaLRyvag==

GET
H/1.1 200
OK 0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js Show response
pages.upwellness.com/_ub/static/ts/ 43 KB
15 KB 68ms
40ms Script
application/javascript 3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/_ub/static/ts/0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a0149e197633f530e4276ca95494ebb284d366b16130445c582ec88692130602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:01:50 GMT
content-encoding: br
x-proxy-backend: <CACHE>
last-modified: Tue, 02 Jan 2024 16:49:33 GMT
age: 13498
etag: W/"02f84055825eea29aac01c046fc89427"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript
x-cache: Hit
cache-control: public, max-age=31536000, immutable

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 14 KB
3 KB 338ms
235ms Script
application/javascript 2606:4700:4400::ac40:944b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:944b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8af44652e5f6af07beba7fb8f1d527a8526f104b3bc3d4c9d541b858d27972b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"0b68de1d337f896a130b1dac801da85c-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 83f6325ed9c1915e-FRA

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 47 KB
15 KB 132ms
44ms Script
application/javascript 2600:9000:2090:9800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:9800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba13ebeff0124c38e142c1060dfb23ffe2ce2aaef3ed4cf6924f8ce7d93fbc82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:30:15 GMT
content-encoding: gzip
via: 1.1 645f72cdd7b73d139609aec0ade6f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 58592
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: syI-RNfh7pXc0uBcbqdxbFW9Pg9pIele_vmjMKKNskm11gmCAiil7w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 140ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3fdcc42d46ed4a5f84796079a87646aa7e47dfea3179ffce9b907f2c6a76215f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72465
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 150ms
64ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bf01aab370e2a1d33b3f8d3767ef4ef037ef58fd668ac1cbf66ba48fd2486e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76503
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
84 KB 228ms
142ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8509a7487f6a65dbc4b594ca4d2970321659ede2ed2098fbe2e7d09df0fa9b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85683
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 127ms
42ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

239c16567028afd60d02bb72dfbcdab8117f251533806e4fedba9b3cdc3845cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 226ms
180ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ea0de313cf1b61b3ef60ee3fd482c85613d15618cf426224dfa6e9d8bf99881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77637
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 e8xcaqkjm4.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 182ms
182ms Script
application/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d6a82e6a71b0b085d39e2b2c0c81edb67be133ebd94a5797b98a10fe6d1dc6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 71610
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 48
content-length: 1777
x-request-id: 259b52ff-aac2-4c1f-be34-ee282b703006
x-served-by: cache-iad-kiad7000020-IAD, cache-sof1510026-SOF
x-runtime: 0.045926
x-browser-version: 120
server: envoy
x-timer: S1704232008.535218,VS0,VE110
etag: W/"d6a82e6a71b0b085d39e2b2c0c81edb6"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BtOnzyNqSgYlmr7eWvlDK-vIAqsje4nOdNk__yzqOfZNU7hQhrse1w==
x-cache-hits: 448, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 741 KB
126 KB 58ms
58ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f6f8bedd7ca1f6fe78ca248d4d486de032aecf53f09fed283af259a2aa7be25

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 484
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 128416
x-served-by: cache-iad-kjyo7100100-IAD, cache-sof1510026-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:34 GMT
server: AmazonS3
x-timer: S1704232008.535454,VS0,VE0
etag: "95d12be4e17c5f4c4fb77d85f5482a0a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41, 4

GET
H2 200 swatch
fast.wistia.com/embed/medias/e8xcaqkjm4/ 5 KB
5 KB 209ms
61ms Image
image/jpeg 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
access-control-request-method: *
via: 1.1 d3cd567650e598ded7d5dd9266aa396c.cloudfront.net (CloudFront), 1.1 9c90b41a9e5ac2856624d29ed4da4234.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 30303
edge-cache-tag: 9c999aa0107b556d5cd5f59d9dd7e014
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 37
content-disposition: inline
content-length: 4891
x-served-by: cache-iad-kiad7000136-IAD, cache-sof1510026-SOF
x-browser-version: 120
last-modified: Tue, 05 Oct 2021 16:24:56 UTC
server: envoy
x-timer: S1704232007.472502,VS0,VE2
etag: KTO7iHMFy31bRBoB_X8SLpxC2Uc=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zMMwdw6f8oFFiSezH307pfAZ-kp4nUs8zxjPSH-GXBWtKL9NUGA3Yw==
x-cache-hits: 144, 1

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 494ms
232ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
813 B 528ms
166ms Script
text/javascript 52.205.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.205.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-151-245.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 363ms
132ms Script
text/javascript 52.205.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.205.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-151-245.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 851

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 127ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1659626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27198
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yWmno%2FfnxtwPeDvNV2SgehY%2BC3ZQOwlMSZcNYs2rWakIrGGoEKHNoEgALlCvm8HYp6Kv2JyXxmU2W67TpZ4A1dE67OlAvTUSCQy08aHrx%2Fc5HvjnrqALdM3QnDAAURxWil68KpYWbNT0dmhQdKQGyCH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83f6325ebf6518e7-FRA
expires: Sun, 22 Dec 2024 21:46:47 GMT

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 34ms
34ms Script
application/javascript 18.64.79.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-18.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 23:45:18 GMT
content-encoding: gzip
via: 1.1 7da1d60a481ae3940f6605e4b4cab476.cloudfront.net (CloudFront)
x-amz-version-id: 6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe
x-amz-cf-pop: TXL50-P2
age: 11656890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Tue, 11 Jul 2023 16:18:45 GMT
server: AmazonS3
etag: "3208b0848f289d158acfc0caf5894954"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZhRiPK5LrZ6Vh3tRiCrMmvn_Ak7yqGl_k1VDQIbuQucJMFGyLvEaQA==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 579ms
190ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WTH87Z8FS4T51QEK
age: 3054955
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: BoMvq8GKltZa60OS/wNkZ1r8mBN3Pfq5p+sBIiss19gVxfi2vgd37siRwwPbm7VR4MLagB5EgQY=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP68sovOuLderCohcWBjxmYWETvpqoT5jLg0tX8n4HYr7l8s0%2F2YFrvri9rJT1CBugEDZplETgk1wn92EoMe80HR5EUXag%2BUq2XLuDLrz0GbBxtnPE61%2BrpbF0MNSgA%2B4wQENLF%2BG6geuMFZ7vgQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 83f63261f8ef1701-SJC

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 121ms
39ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-cdn: fastly
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1793

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 134ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Tue, 02 Jan 2024 21:06:23 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: HGAGZZF07M78XMXD
age: 2425
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: 1HshWH37tUo7LiDWCMt/lv80v9nFGp1LB9gZmzY1x3P6ZdsZcRT03JZ59Qr3qGyj2OUrt/NQfls=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 64 KB
20 KB 243ms
152ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d67eec3d32fe9e976bce215e97be8e235e61317886815d35a2be9c526cbda798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 2sChOaJo4OoMgB2JPN.PCeSaklM.bxbD
content-encoding: gzip
via: 1.1 varnish
date: Tue, 02 Jan 2024 21:46:47 GMT
x-amz-request-id: 9NJJ2S5BRFS1D9EM
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19977
x-amz-id-2: xZACFI/8f3nL7P8LSlxaFuixKMd201xotz6uaM2xASJq0P7BRTubFbVL5PV30HzPfyI8lQ6Uoxo=
x-served-by: cache-fra-etou8220109-FRA
last-modified: Sun, 31 Dec 2023 11:23:39 GMT
server: AmazonS3
x-timer: S1704232008.754472,VS0,VE112
etag: "11989b1d270278c87df358e429b5f063"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 26 KB
8 KB 138ms
42ms Script
application/x-javascript 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:46:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 13:05:28 GMT
Server: AkamaiNetStorage
ETag: "928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7779
Expires: Tue, 02 Jan 2024 22:06:47 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
4 KB 697ms
216ms Script
application/javascript 34.208.151.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.151.79 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-151-79.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

c240a93a46e9bd5a277f88990753d67bf235a800a5ee6023d628e3970ce18537

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Mon, 11 Dec 2023 21:50:55 GMT
server: istio-envoy
etag: W/"6577843f-1d46"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 5

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 232ms
144ms Script
application/javascript 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 199a0f2d3284fc76e206f6facb997c27b6b032ce71bcab18b0575dec7a60730c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 2f96c081
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240102214647D0A756F48B9FBC929EB9-63BD6B60EBB6F18B-00
x-cache: TCP_MISS from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
content-length: 1632
pragma: no-cache
server: nginx
x-tt-logid: 20240102214647D0A756F48B9FBC929EB9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,2.23.208.37
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b957f1a6617a80ca556a5ab276b5f9abb1785ed3d89a572a51e030fd5eb85e0a7736ce21de49fd7feefa09d6482951ff8db76c0bed81133a9f63fc3b2fd0b657e1fad4704b74e0e73d804d80aad2e02be47
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 187ms
47ms Script
application/javascript 18.165.183.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1704240000000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-66.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
date: Tue, 02 Jan 2024 12:35:15 GMT
x-amz-cf-pop: ZRH55-P1
age: 33228
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 1UF-6xq34QDrkLdSEaWWlMrx8k-Tfx-mEA1zOK7M4kypvSEkC8ZnOg==

GET
H2 200 pixel.js Show response
cdn.mediago.io/js/ 38 KB
38 KB 134ms
46ms Script
text/javascript 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/pixel.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1531fe2342a287dd1c9945c29736ff407f5466553b8b02412903d4278d8b0f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fuEdVcMZv_uD584u8SNCSRGMkbEEOcUP
date: Tue, 02 Jan 2024 01:13:53 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
last-modified: Mon, 25 Dec 2023 08:55:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 73975
x-amz-server-side-encryption: AES256
etag: "f8ffb3274eccc06b188d3b12e19afd5f"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 38421
x-amz-cf-id: GLdEuMpEisIXytJ1S65KZzeTMgY099LwG3dbleY9woQe8Z1W3-8W2Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
87 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e62facb1b6c665d1641e89d9b53d3dd264e40dcdf44eb173bfa2c0faaea16a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89393
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 178ms
137ms Script
application/javascript 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8de0ca263f81792b0a41cc5fe3c2f836b94be44c1c007c06c3145408aaf5e1c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: d21ea683.2f96c082
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240102214647F51C79438C052CD026EF-7BEC15D403AAFFC4-00
x-cache: TCP_MISS from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 94,2.23.208.37
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=9, inner; dur=5
content-length: 2083
pragma: no-cache
server: nginx
x-tt-logid: 20240102214647F51C79438C052CD026EF
x-cache-remote: TCP_MISS from a23-201-31-180.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.201.31.180
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b95cbdc5040946e3f96dc758ecb92ffd34bf0438e8599eefa0f5197e593c918925b38ab76710006747c6d197daef4cbc9f36dc58234afa5fd5ec0cccd4f3b0f222eefbe971f3adfaad244d4820e9f99f3e33c760eb364d452bae13111827624d4ed
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 42 KB
42 KB 156ms
46ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:27 GMT
x-amz-version-id: pciPEFrkwUvZ5jgQ9bWHCg0sJFMoLgKS
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791021
etag: "e3753887ecf5fb15513cde566e26a803"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 43016
x-amz-cf-id: qpALvYclLno99TKS0fLBnPzIcwl9HiqFu97AYO4yl45LekGiDB7iUQ==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 121 KB
121 KB 91ms
90ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:48:19 GMT
x-amz-version-id: r3LvHpikl1vZWgXYZCCxcNxx.0BNDn2H
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3769109
etag: "8623460fd509c8bce7623df03b517ef6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 123673
x-amz-cf-id: 1oy669dusEPPFi4rL1ySfVTf5rn_o1isOYWqDOlPkZSbxDcneJ8FUg==

GET
H2 200 cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 34 KB
35 KB 46ms
45ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:48:19 GMT
x-amz-version-id: l2bm5LjjkcPN2eENqlpsIyHZ982WDX.q
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3769109
etag: "57ad6757695bd394d132dffc6cf3d1fd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 35034
x-amz-cf-id: z8nh6koqp5XMFqJOLvYeZYzzGjofXujZQapkCp04Vfd-O1SYrZ9lqA==

GET
H2 200 a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 185 KB
186 KB 110ms
110ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 22:11:19 GMT
x-amz-version-id: k5c9h5gYDneyaUgKIbV3SzWB2MAZtpBV
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3368129
etag: "ce5156cacf580d0e35ff189b67aacfbc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 189879
x-amz-cf-id: AAklD_KLYHxgtFpA_tCFWlSpBITUKua9DAIp8JAzAjiEpSx1abAo-A==

GET
H2 200 aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 167 KB
167 KB 56ms
56ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:47:20 GMT
x-amz-version-id: qg5nLd0D96xjG47pGocGnnhDLkTqcgwo
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1688368
etag: "981ccd318264bd584234aaec828d43ce"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 170550
x-amz-cf-id: OlY0F7vhyoJhUNH1bsHig9USAE5NM_9KNDtEiIAYaTwnob4TsJ9axw==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 91 KB
92 KB 160ms
160ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:31 GMT
x-amz-version-id: B8vmpOHdvUPI.BGHq7_RGX16J.ndL0U4
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791017
etag: "fc4db20401afee8c48e1ca79db0f0ec7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 93607
x-amz-cf-id: woWeME7okh7_aC--2Gr-NTEg_4Ic6i9gWpPbGOgtB-65PC6kMocKjQ==

GET
H2 200 f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 393 KB
394 KB 173ms
173ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 06:48:19 GMT
x-amz-version-id: Mvqc6W6ySRvAe8plYG.qUoNdTwFIEQkn
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3769109
etag: "056ca93a156b7b1ffad3e735ce3b7550"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 402177
x-amz-cf-id: L-oNIFqhf6wGJGZu5u2oujAxTSfdxBF5jjBgEjYcgBsMcqvsRAk35A==

GET
H2 200 5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 117 KB
117 KB 135ms
134ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 17:55:50 GMT
x-amz-version-id: VcYZyBU3Urd1kTpUs7Ly8cGLyn45Qvd8
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 2605858
etag: "3e061c61f1b29bc2e19ae6c9a78f8819"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 119389
x-amz-cf-id: YAm6-y3D37aZ4rYCiz3KEDQKQzv7lLsvGxYEanDxPkH54yh0ZC2P7g==

POST
H/1.1 200
OK i
pages.upwellness.com/_ub/ 2 B
348 B 133ms
133ms Ping
text/plain 3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/_ub/i
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/_ub/static/ts/0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
x-proxy-backend: collector
server: akka-http/10.2.9
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pages.upwellness.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
content-length: 2

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2FE1 14 KB
6 KB 130ms
43ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:46:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 459312
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1704232007645&aid=a-057g&se=e30&duid=f0f26c15fa8f--01hk629dv340fvdat9s1695fes&tna=v2.11.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessi...
https://rp4.liadm.com/j?se=e30&duid=f0f26c15fa8f--01hk629dv340fvdat9s1695fes&aid=a-057g&tna=v2.11.2&dtstmp=1704232007645&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6NA%3D%3D&pu=https%3A%2F%2...

13 B
318 B

391ms
118ms

XHR
application/json

44.210.34.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=f0f26c15fa8f--01hk629dv340fvdat9s1695fes&aid=a-057g&tna=v2.11.2&dtstmp=1704232007645&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6NA%3D%3D&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Server: 44.210.34.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-34-0.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
x-pixel-event-id: 2b82e6b9-de88-4355-acdd-c2cd2e6a241b
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=f0f26c15fa8f--01hk629dv340fvdat9s1695fes&aid=a-057g&tna=v2.11.2&dtstmp=1704232007645&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6MTMzODo5Mjo6NA%3D%3D&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
access-control-allow-origin: https://pages.upwellness.com
date: Tue, 02 Jan 2024 21:46:47 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6f0aab26135dd5d9b912f40e68acde5db90a17f98dc7cfeed44a37b9c11fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72471
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
1 KB 168ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1704232007664&cv=11&fst=1704232007664&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fafe33d4b610d1afe90be0eada1fabafa0c5fef4db35ace6a7d17dd2a61f113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
84 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35f305159240b0e06995ac60649c414dabb9f34326b499f82a6d02bec694f51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85748
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

325bfcc01dd0e412b307fba7e4c59ccfd08073aa277d164d3518676f40fb5de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77646
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
1 KB 100ms
82ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1704232007684&cv=11&fst=1704232007684&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96651608968da2e7610d408f6063410ee5ae3464bd2fc9fdf35d201fff2a0285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
2 KB 91ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1704232007730&cv=11&fst=1704232007730&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fded8c8f4b2be9174f3c76544b30ad1fe512c3009e1d613df83d609c708f22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/458254939/ 3 KB
2 KB 180ms
81ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/458254939/?random=1704232007740&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

af411f7b5aac0f1d44fd90781b4f0319987ce2e9668cb2dcd99975504a0131f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1704232007746&cv=11&fst=1704232007746&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v897602535&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc30276f833574d5bea7b937bb175df80edf44ad7ddf1ea613104fe1478a7304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 41ms
40ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
x-cdn: fastly
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18895

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2FE1
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=VYE-zXxTTVNtTTdOaHcwYnBqaSt2dXNwT09xVmgzMytaY1M5TjNKdVZKdGhPNTRObi95RTZqQlMzbkprZTVoK2Q0TVVuNjEwUWo4L0h6ME5USVgvd0xQM2FGRW5tdHZGTlAxRTZnQWZjVThnYUJzNnpYM3BDcWhLVDRkVF...

431 B
650 B

48ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VYE-zXxTTVNtTTdOaHcwYnBqaSt2dXNwT09xVmgzMytaY1M5TjNKdVZKdGhPNTRObi95RTZqQlMzbkprZTVoK2Q0TVVuNjEwUWo4L0h6ME5USVgvd0xQM2FGRW5tdHZGTlAxRTZnQWZjVThnYUJzNnpYM3BDcWhLVDRkVFhVenB5ZkNkbzdabHUxTHBrTHc0dkZNTktSc1BMSjZUSS9hRGcrVVlMZEpvenA0dFJsTUJxRndPNU1tV1hmYjBLbUNwWUJEczlQYUxCNTRkUVRtanJoY0lHNGoreFpUaXlxLzFLSTFpdCtOMTFya0FkeWZnMlFzNzg4SHpJSFJBdjlMRkEyQ0FZUjlJYlN1WThoTktHUTZzSTR5VlVSc2pwaWkrcXQ3N2hTTmlmaFIzMEhhcz18&cppv=2

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e9a39f3ef0733d1d12e9ad63ef3fb66b7bf90cca3bad1df8439d064003614457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3622842
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=VYE-zXxTTVNtTTdOaHcwYnBqaSt2dXNwT09xVmgzMytaY1M5TjNKdVZKdGhPNTRObi95RTZqQlMzbkprZTVoK2Q0TVVuNjEwUWo4L0h6ME5USVgvd0xQM2FGRW5tdHZGTlAxRTZnQWZjVThnYUJzNnpYM3BDcWhLVDRkVFhVenB5ZkNkbzdabHUxTHBrTHc0dkZNTktSc1BMSjZUSS9hRGcrVVlMZEpvenA0dFJsTUJxRndPNU1tV1hmYjBLbUNwWUJEczlQYUxCNTRkUVRtanJoY0lHNGoreFpUaXlxLzFLSTFpdCtOMTFya0FkeWZnMlFzNzg4SHpJSFJBdjlMRkEyQ0FZUjlJYlN1WThoTktHUTZzSTR5VlVSc2pwaWkrcXQ3N2hTTmlmaFIzMEhhcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 308558
content-length: 0
expires: 0

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 2 B
465 B 122ms
41ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 02 Jan 2024 20:51:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1Y3DVY8ZXHHX69CH
age: 3312
content-length: 2
x-amz-id-2: V8S6UOSh1CBvac02NT1qml2wGcbWeNFObv3EV9zW1ACiUbf8/de0YNqzIPjDk0RyYJep55nUzm8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 2 B
137 B 123ms
43ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 02 Jan 2024 20:51:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 1Y3BC4EV3KZCKCFZ
age: 3312
content-length: 2
x-amz-id-2: mKDbG2fvM2N20wvTJZWqSGOf9Fm3sZtBTg3h77ahTNiEjNnLl8rkUY17BgPt9Zt/+SctUubeHhM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 119ms
34ms Script
application/javascript 18.66.2.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-98.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:08:38 GMT
content-encoding: gzip
via: 1.1 f433681e4e05cd33f208653db4a15b1a.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P1
age: 9081489
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: WQkOucxRykPqtb1r5RYROQ0SiBfLCnjEQxg8vNZ1wuLH2Aq0mbYQug==

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 473ms
120ms Ping
image/gif 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06795700728461254&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:46:48 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 416695694f3cda7a2d2acc125be38c36
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 489ms
129ms Script
application/javascript 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: br
X-TraceId: e4544d2fda79080124479ff6f8e749fd
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00e83052a71a1dff3bc62d5d40765808fc Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 145ms
53ms Script
text/html 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:46:48 GMT
Content-Encoding: gzip
ob-sent-time: 1704205148018
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: ff16a8d7a56664d005b4675a74d2ad43
Content-Length: 22
Expires: Tue, 02 Jan 2024 21:47:48 GMT

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 69 KB
19 KB 61ms
61ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba159a8cda2a65d4942161f16037b985146fa914b4ca51cb662e0ad50f9d3384

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2619
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18925
x-served-by: cache-iad-kcgs7200026-IAD, cache-sof1510026-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:35 GMT
server: AmazonS3
x-timer: S1704232008.930848,VS0,VE1
etag: "5d670fb03a95da7c992413317dc57a36"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44, 17

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ca47f78bfe366be50333204d368691520ad226a20def37c1750cda66c7c2194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 223ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Jan 2024 19:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7111
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 02 Jan 2024 21:48:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ffaf137e3f96e57a4a2000087c199637a467530b17df7bb06b456cc0d9ba5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72464
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 21:46:47 GMT

GET
H2 403 cl4975ot4arrr6.js
cdn.js.customerlabs.co/ 0
0 804ms
619ms Script
application/xml 18.66.137.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-68.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P4
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header, Content-Length
content-type: application/xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CaDeBsiL-DKDfLwwd8kULfSgCWBBdaxObjVw0LExhZwJNyLKWp5cRQ==

GET
H2 200 jz7ox0tvgu Show response
www.clarity.ms/tag/ 650 B
1014 B 334ms
149ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3eac7c9ebc00929bc3d9aab5ebcf7ac52a82ad4b8e30b2c6c2d0a4ad85843f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
date: Tue, 02 Jan 2024 21:46:48 GMT
x-azure-ref: 20240102T214648Z-4vxnc583y578b5xqze74h96w740000000ap000000000h1m2
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 choose Show response
gtrace.mediago.io/cv/ 5 B
341 B 150ms
42ms XHR
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrace.mediago.io/cv/choose?acid=&cpid=&dpid=0
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
621 B 150ms
69ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1704232007918&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2274525172683439
content-length: 172
pin-unauth: dWlkPU9UYzFPV0UwT0RFdE5UUmtNQzAwTlRrMExXSmxZVEl0T0RreU5XSTNNR0kwTjJZMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 99 KB
30 KB 60ms
59ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc6f46b32f4c086715d6ecb21ffe926596421902dfa99ebd256b79d2fbf065cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1367
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 30157
x-served-by: cache-iad-kjyo7100102-IAD, cache-sof1510026-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:35 GMT
server: AmazonS3
x-timer: S1704232008.946955,VS0,VE0
etag: "53e007cb4932127cfff4af67daa9b6fc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 3

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
185 B 70ms
69ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1704232007920
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3866792600619953
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 651ms
211ms Ping
application/json 44.226.247.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-ar9rf8ps-lqwvqh9t&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&rl=&ts=1704232007378&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20120&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&tz=-60&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1704240000000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 44.226.247.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-247-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 214 B
1 KB 192ms
191ms Script
text/javascript 52.205.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-fps/%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.205.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-151-245.compute-1.amazonaws.com

Software

Apache /

Resource Hash

11f26143fb46677db3be790033741957ec9545d326a15047d7a8f240ade7aacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 142

GET
H2 200 main.MWNkZmM2YTcxMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 428 KB
111 KB 49ms
49ms Script
application/javascript 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a37d254a60d0936e5d2e0e42fe90d0386751c137a215017a4cbb9c4e0fc631f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 2f96c0e1
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231221134346D85AC2541ECB784CB48A
x-tt-trace-id: 00-231221134346D85AC2541ECB784CB48A-2A46D771EAEFBC4F-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0113658b11a42222236ef5bbd509166307af0d99ab9f573bafe6ddc6f76eefef363c8ba56a8f13cb4e7fa473baab8bd6cf0998b7eaeeb3196a730508d89d0a5b794e38df17585b4482fa22ed3a2e7bf9015a045f2fd4d24da18b0c034b75e32f26
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 113085

GET
H2 200 main.MWNkZmM2YTcxMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 401 KB
108 KB 133ms
133ms Script
application/javascript 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 2f96c0e2
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023122112484512A81EF35ED325553E47
x-tt-trace-id: 00-23122112484512A81EF35ED325553E47-14517EEAA904437C-00
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0133cfb4b3bc3d8396dc0eb6f3d7c37166d1cc662334de1bc982afd4a8fd719d56fd2bf3793d271c2f9de768132e29aaee03085196daab8d0641e5899d580426bbb55e831f3eafe9aed70adfa00c99323219be24739d850ea9167c932767efc67c
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
content-length: 110350

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 76ms
64ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1704232007928&data=%7B%22id%22%3A407%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704232007925%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704232007927%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ced753674d079abea5093bfb7edf6f812f8103efc7c970d30fcd2a92b1911af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 26
date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.381875
x-fastly-to-nlb-rtt: 7590
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220109-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1704232008.071332,VS0,VE26
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRU...
https://widget.us.criteo.com/event?a=102531&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRU...

10 KB
5 KB

391ms
140ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRUkUzJTJGWHprUWZxNUtIM2tESkRQck8xYWRiTVFEVnVOTmdxWVlQczY3Z0xQN3M2Sm5Ha0hKaUdKakU2WkxsNmJkSEpRdDV1eEIxJTJCdiUyQmdEZUN2YTNIRFBua1VyOGxiZGpYTzFUbGVMYkVxQkRUUjI2NXVYZGpxZyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102e4374e08f24b853c51d97120f51%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH231103PM&ceid=17dbb0da-c093-4c0b-86fd-71c0eee48f55&dtycbr=58841

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

21b49aa4df68e0dca7a9b7c94e32f09c3ff668e90428c6f39649d0e504c51d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16909944
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=102531&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRUkUzJTJGWHprUWZxNUtIM2tESkRQck8xYWRiTVFEVnVOTmdxWVlQczY3Z0xQN3M2Sm5Ha0hKaUdKakU2WkxsNmJkSEpRdDV1eEIxJTJCdiUyQmdEZUN2YTNIRFBua1VyOGxiZGpYTzFUbGVMYkVxQkRUUjI2NXVYZGpxZyUzRCUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102e4374e08f24b853c51d97120f51%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH231103PM&ceid=17dbb0da-c093-4c0b-86fd-71c0eee48f55&dtycbr=58841
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13133792
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 192ms
61ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2002%20Jan%202024%2021%3A46%3A47%20GMT&n=-1&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Jan 2024 21:46:48 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 131ms
62ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 02 Jan 2024 21:46:48 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 111ms
54ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1704232007730&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_MEP1N_HSm1rw4cEm3kwj34Gv4aE4kA&random=1723676645&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
455 B 140ms
51ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1704232007730&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_MEP1N_HSm1rw4cEm3kwj34Gv4aE4kA&random=1723676645&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
455 B 57ms
52ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1704232007664&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_yv375to2KCQXlkkIJZ-bKHCZn41_8g&random=836733301&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
108 B 95ms
52ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1704232007664&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_yv375to2KCQXlkkIJZ-bKHCZn41_8g&random=836733301&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 52ms
52ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1704232007746&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v897602535&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xYCp91EwA3fGYrZlI5PbkZfj-CVJ4Q&random=242332287&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 85ms
55ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1704232007746&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v897602535&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_xYCp91EwA3fGYrZlI5PbkZfj-CVJ4Q&random=242332287&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 51ms
50ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1704232007684&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IAgAW4kNckYBg1Xja_55MmPa3ymcJQ&random=3714866979&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 83ms
54ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1704232007684&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_IAgAW4kNckYBg1Xja_55MmPa3ymcJQ&random=3714866979&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 474 KB
116 KB 173ms
58ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0a1a7a0d6b82f94681ec87a0051ca2bd3648cb19ba253212c657c054db101d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 296
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117982
x-served-by: cache-iad-kcgs7200167-IAD, cache-sof1510036-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:34 GMT
server: AmazonS3
x-timer: S1704232008.181470,VS0,VE0
etag: "6ee8aec94d37e76019eb205e69e9e69c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30, 14

GET
H2 200 0b76a8eda7c331eb805ad8af326f611e.png
embed-ssl.wistia.com/deliveries/ 96 KB
96 KB 154ms
47ms Image
image/png 2600:9000:2261:8800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/0b76a8eda7c331eb805ad8af326f611e.png?image_crop_resized=1920x1080
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:8800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 12:35:19 GMT
access-control-request-method: *
via: 1.1 136293f2894c59a2f91cf08997c7140a.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 810689
edge-cache-tag: 0b76a8eda7c331eb805ad8af326f611e
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 233
content-disposition: inline
surrogate-key: 0b76a8eda7c331eb805ad8af326f611e thumbnail-delivery
last-modified: Thu, 23 Sep 2021 14:58:31 UTC
server: envoy
etag: MCRQ8DYfj2ieeWrQGMrwuPDRHns=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: M3nYRIPNKbfmhYxzo_BtoX_tyP_ujuJPaqELwUjq15Z81V9WKvU0Kw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
2 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1704232008051&cv=11&fst=1704232008051&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e59001b9cbf56fe46dfc74fdd200aa576b2a54866c810d70af037e3e7cd5147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 234ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E56T163DF6&gtm=45je3bt0v9126958639z879737984&_p=1704232007377&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1887819398.1704232008&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704232008&sct=1&seg=0&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1244
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/458254939/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham...
https://www.google.com/pagead/1p-conversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
https://www.google.de/pagead/1p-conversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...

42 B
108 B

85ms
56ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0lYUHJBWVF5TEM2djdpbjE3OGJFaVlBNG0xdjlmUXd2QUdDTWZnMDNsZ2s4bmVRRnJZZnNTcXRnWEVyWEFYRDZGWWxsS1N0V2caWkNoRUlnSVhQckFZUXhheXZzWXV1enZQUEFSSXVBSGtWMmVQMkF2OTFKV3d2UWdTaWRXLU1PejBtYjl2WE9idE9tYk5iU241c01FU01XQURYcjZaRmU0a2NTQSITCMCOz_vWv4MDFYDLOwIdIdUBZA&is_vtc=1&ocp_id=SISUZcBKgJfvwQ-hqoegBg&cid=CAQSKQAvHhf_MmHa1-IuetcMjTekZ_x4q1_CaqGIRRTv2x6i8v9yL3Ik-WjX&random=515008975&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/458254939/?random=1785566863&cv=11&fst=1704232007740&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9101108372&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=1853931951.1704232008&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0lYUHJBWVF5TEM2djdpbjE3OGJFaVlBNG0xdjlmUXd2QUdDTWZnMDNsZ2s4bmVRRnJZZnNTcXRnWEVyWEFYRDZGWWxsS1N0V2caWkNoRUlnSVhQckFZUXhheXZzWXV1enZQUEFSSXVBSGtWMmVQMkF2OTFKV3d2UWdTaWRXLU1PejBtYjl2WE9idE9tYk5iU241c01FU01XQURYcjZaRmU0a2NTQSITCMCOz_vWv4MDFYDLOwIdIdUBZA&is_vtc=1&ocp_id=SISUZcBKgJfvwQ-hqoegBg&cid=CAQSKQAvHhf_MmHa1-IuetcMjTekZ_x4q1_CaqGIRRTv2x6i8v9yL3Ik-WjX&random=515008975&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_ce767.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 44ms
43ms Script
application/javascript 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 2f96c143
date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202312211231572A98FEF9611D5DF46F7E
x-tt-trace-id: 00-2312211231572A98FEF9611D5DF46F7E-5E2D4E9C7D100226-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e9add925bccb96a082c3a3cbb561d0f9ece148a950fc2fa50da062ab148dda2ca7ede8fbf8b294766e1673f15fbde102a33d6ac78c6715ded70ba963fcbe174e7bcb3da0a49d06c92cb553d75be6d8506497c14aefdf41e887398ba2b4520d8f
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 36065

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 179ms
179ms Ping
text/plain 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2f96c14f
date: Tue, 02 Jan 2024 21:46:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401022146487D30229B1F127084FEAE-2416A0903921A72F-00
x-cache: TCP_MISS from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=6, origin; dur=132
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401022146487D30229B1F127084FEAE
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,2.23.208.37
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b957f1a6617a80ca556a5ab276b5f9abb17cfdb441f1e77de72ae5cbd5dcd4e4d736b9f9d0e8a58b6bbd852e57fc219ff9f8a6d2d44f83ff04a8afc8274f7b12526fbcdd8864fb68c34794ff82fdfc2be0c
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jan 2024 21:46:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 194ms
194ms Ping
text/plain 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2f96c150
date: Tue, 02 Jan 2024 21:46:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24010221464876BC81572C61337B5207-6F4B94DBEDE8D712-00
x-cache: TCP_MISS from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=53, cdn-cache; desc=MISS, edge; dur=5, origin; dur=147
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024010221464876BC81572C61337B5207
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 147,2.23.208.37
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b957f1a6617a80ca556a5ab276b5f9abb177a51e2495711a19eb246bc73d07dca8964adfb6141d09f26bb372feb39e25736f2ce23de9317d344d6d58765fd991eb2cd755b90aa1963517e03b2dcdf1f7159
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jan 2024 21:46:48 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
822 B 252ms
139ms Ping
text/plain 2.16.238.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-13.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 290ed1df
date: Tue, 02 Jan 2024 21:46:48 GMT
x-bytefaas-request-id: 202401022146488B62D96CBC308BA29B5A
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401022146488B62D96CBC308BA29B5A-6972C3E3F009F852-00
x-cache: TCP_MISS from a2-16-239-13.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401022146488B62D96CBC308BA29B5A
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.85
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b95ce1e6f4db7ba791220bbccb06a5f2b3d9d6ec0ac6bf4ab8f4ae4ce0bbcedf466254397f2e98f90a1a2e3e3705e19a4d6daea48c1f7dd8d727b212b381f754b3624b8762064fed9d5d7b0f5c6945a4bb2
x-origin-response-time: 100,2.16.239.13
access-control-allow-headers: *
expires: Tue, 02 Jan 2024 21:46:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
838 B 187ms
187ms Ping
text/plain 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: decc04cf.2f96c152
date: Tue, 02 Jan 2024 21:46:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240102214648E065F9C649DA1B7E86A8-5E2D4E9CD3923BA6-00
x-cache: TCP_MISS from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 139,2.23.208.37
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=51, inner; dur=48
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240102214648E065F9C649DA1B7E86A8
x-cache-remote: TCP_MISS from a23-201-31-207.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.201.31.207
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b95cbdc5040946e3f96dc758ecb92ffd34bda9a6b3e989ffbccd28043b72213f83758b8a0fa5a41b9107c2437f05429645558183723cdc4ee2fab0a43043e9a2cf4110dc8d240feaa3b8ba06c2cee57183389c414ac9f920113fc08d73aa7292322
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jan 2024 21:46:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 120ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Jan 2024 21:46:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8qFYoeEgvAYgstyV/+7G7j2EeNfHMO6klwq5WhIebLW6yq+dH4vlv1oX4FHtrKm5YpYpIzeLK87IXLm99n9kEA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 9 KB
4 KB 171ms
73ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

46293e95a7bd293386c828fed3bb95e0d485a7448e62e450ac1437bdd3bea86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 02 Jan 2024 21:46:48 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/1c094e4927d3d54bf64fa9bb56240897
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DTTGM6DJYhmGNaUUh3_6SzfPH-H4I3aExfxI6Q2eAgI-zvJbOGh_1A==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 146ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 02 Jan 2024 21:46:48 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14C9A741BEB4445DAA4CE6FBAB008924 Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:48Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
BLOB 200
OK e5d7ab8a-4000-40a3-92c5-dd23d909042f
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/e5d7ab8a-4000-40a3-92c5-dd23d909042f
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 v
views.unsplash.com/ 0
0 138ms
39ms Image
application/json 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.unsplash.com/v?app_id=27955&photo_id=0tgmnmiyq9y,0tgmnmiyq9y,0tgmnmiyq9y
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 css
fonts.ub-assets.com/ 6 KB
1 KB 266ms
161ms Stylesheet
text/css 18.66.2.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-35.txl50.r.cloudfront.net

Software

Resource Hash

fb0b3d8be94bbc2eb3863260516c0b4e18c9811c4d1f4ef0f4d85003590b897c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 672096d0d92d3141442f75941c957076.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amzn-requestid: 3f7b98dd-5062-422b-9d07-d2ec7cfe4e45
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Q7mbWHwOoAMEKoA=
content-length: 684
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-65948448-00596a5f0a50d0cc3937c213
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: oB3GLqsxzJSxFuAigeo_JWHd4G5yGxcOM9gcyuZFhYQy72dIkv0VZg==

GET
H2 200 2181c4f3-upwellness-logo_104201o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 4 KB
4 KB 44ms
40ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2181c4f3-upwellness-logo_104201o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:26:44 GMT
x-amz-version-id: 30yobg1_0MPmwLZj7Yqg34mbuG.tXKwh
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3943205
etag: "7b6c725ae1e3af92af160df87ba31720"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3678
x-amz-cf-id: lA_5JbGE4HoCOKFpuJBfhR1K3F7l74Vng8YcZPxoqb9-rBxmYxsVyg==

GET
H2 200 32f07f71-whitecheck_100p00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 542 B
960 B 45ms
41ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100p00w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:26:44 GMT
x-amz-version-id: Rqfc8_9A8Kpm2JF6TIvX5n1RIJ8Ay_Cm
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3943205
etag: "4825b4ea0d4c880b6307c2e7132ee9a6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 542
x-amz-cf-id: GH7vTp_Pr_e7IXPk1dypkd4wbKLgBy8DG3bzHJzpafz9K8mxcsk9oA==

GET
H2 200 95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 46ms
42ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:41 GMT
x-amz-version-id: eRyCkB2M4MTi0cA9bD2gTOYzDSO5SUPv
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791008
etag: "65bf040063564f89972c66052d155a51"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16499
x-amz-cf-id: eC_cIhs1T6vsJmwWQT-jNjMRNI2YMSSVcHOpGnBStDsQ2U3mRLZ2og==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 3 KB
3 KB 46ms
43ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:47:53 GMT
x-amz-version-id: sQmKrCpWFlrXyMBMLGbFIsECtHiR1F_N
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3794336
etag: "88263fec2db483b6e115f831a65022a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2981
x-amz-cf-id: Ffx54MwA2i4gz3uE_-AIxHGv3OfWKbPUeVlaNFfauzzaCj0LfGCS6Q==

GET
H2 200 ac1a08cd-inflammation-1_108t09u08b09p009005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 44 KB
44 KB 48ms
44ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ac1a08cd-inflammation-1_108t09u08b09p009005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:42 GMT
x-amz-version-id: 2k0glezRweBIxpzgrH5I1i5n6ku9Yz7f
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791007
etag: "359ed3bb81729f290b18d9b109cf06a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 44857
x-amz-cf-id: 1kgL5QI0SGzk3JxsXyvDBN5t5GR66cBfP9w3CHuhZ7mNP4SKkHtQfA==

GET
H2 200 4cac7528-white-215136347-1_10dm0c7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 47ms
43ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/4cac7528-white-215136347-1_10dm0c7000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:26:44 GMT
x-amz-version-id: 6f8VTznfDohi02UL0Cv9Nk8b6nnhf7_l
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3943205
etag: "816661072aa7266a68ff0387b3c14c4e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27101
x-amz-cf-id: nQQ4GbUavFfMxWxrQ4xJoSb1yN8eNFCsw2qeWm4Gk_hHU9vUJNnpsA==

GET
H2 200 100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 23 KB
23 KB 49ms
45ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:19:10 GMT
x-amz-version-id: pm1Jc7C3.8Mpkh8DI5XTCdb6GSYueGXp
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1193259
etag: "9e943cd62e2bfe0bc4e138564aa93a3e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 23241
x-amz-cf-id: wBI0X0DtXfNL917AQJiQhrhXVm482e3Mp5IeuVc5HwVm3DAHFPuyWg==

GET
H2 200 55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 92 KB
93 KB 50ms
47ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: Fj6ijUkZVRCuoULNqbkwTkoONiIfmUJs
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791003
etag: "49e2d3fbfeb102084be57d44c2246bb6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 94271
x-amz-cf-id: qq8Tx4Gb8oszUIG8z3Dpi_E7W6Y9L1UI4kwkyPXONO3vS9GGcfEehg==

GET
H2 200 d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 22 KB
22 KB 51ms
47ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:53:22 GMT
x-amz-version-id: weZqy_JN8XlaAkbQcP2CMcvOp1Gq9oti
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1371206
etag: "4b457e95483072fff9080800977a4a8c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22266
x-amz-cf-id: lHQ9d61BqAsCgqoJFhD9O-qsOTLi9CtGAnKUnEr0qnLT3Q93Lf2eSQ==

GET
H2 200 bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 73 KB
73 KB 51ms
48ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:53:22 GMT
x-amz-version-id: 9MMsA8It._DJE8wV3Ll_nysl4UbUVbkD
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1371206
etag: "866a3982d7193270694f5153cacfd6f1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 74374
x-amz-cf-id: Vvg0Uaky-CI8tkmMKy6nxUFePG9n_0q4nf32RWORhW1HG8ybyOHpmQ==

GET
H2 200 d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 17 KB
18 KB 84ms
81ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:53:22 GMT
x-amz-version-id: Vl5LXnPl3pYuQcSozl3DAaEKPFFph74e
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1371206
etag: "1ec345ee01c3de0754cc0a131de2cc90"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 17818
x-amz-cf-id: _9kxNVHhzNzR8eWWMwu8U1fSwz7DzMIkiiJILfWY25vm_uTIykfE-w==

GET
H2 200 a72f1bbb-lr-283136986-1_109o0en000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 51 KB
51 KB 91ms
88ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a72f1bbb-lr-283136986-1_109o0en000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:53:22 GMT
x-amz-version-id: 2kM_dHeeHvKp6CSzzaZVL5rDg7keCC1b
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1371206
etag: "6de55b9cb1893772e0b63bbbfd24d503"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 52060
x-amz-cf-id: Zep8v6dgAP1Hep9_948YqDV2bUZjwjH4tTRcXVQVKQRQplihJtW6dw==

GET
H2 200 d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 86ms
83ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:47:53 GMT
x-amz-version-id: xnLgZN7fIHiVu0Z3YOT9K4oeXZiuLciK
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3794336
etag: "e0f67241c0cda7c8283f88e34e2a62b1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 26863
x-amz-cf-id: rxA7rswWr6_9ujaSCCUewuwjkFg9K1R9ri9ZMUw4DkSIJs917VFn0w==

GET
H2 200 da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 45 KB
45 KB 89ms
87ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: xVz886_.4NX8zKuEzsu3ze_vLWCyz7N4
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:10:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791003
etag: "95c55c95d92c456dd43b16b64f4b3ff5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 45619
x-amz-cf-id: KfBhmX8eqIuflTZzu5WozKpHNrXE96BB1nz-b1dwFsX7-qa_5MJcmA==

GET
H2 200 5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 85ms
83ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 22:11:18 GMT
x-amz-version-id: F7_9weu2J.c0LF5YXQBK26D8gnx0yzHs
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3368131
etag: "6f566bf0ca15c5ac601a04d4b7fb5559"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1092
x-amz-cf-id: C45GbJs2M_1UTYYkigg9rcO1phxxPlT-VSscPDNsN7KjOZCwfFuNhw==

GET
H2 200 50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 926 B
1 KB 84ms
82ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:47:53 GMT
x-amz-version-id: ZF5JVvP7YkqeIrabVfOxw3P5qrxODcoG
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3794336
etag: "c4dea36dfe1ed65d42e45c3b855c61e3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 926
x-amz-cf-id: zxPZo_fIYJsXal3-OOzePnC22genRnZUp-uS6sFIf7zt_qdt2JM58A==

GET
H2 200 56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
16 KB 92ms
89ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:26:44 GMT
x-amz-version-id: 7x7v_fPsdijHG6iw.Sg79TyNVmA2Sa.n
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3943205
etag: "8ca90ce9d5610ced95d378903074b5dd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16228
x-amz-cf-id: 8SGzybC0W1qbVR-k8xhb0DYuIUwsURtLrYR-rzeJbsE5hy-HCtKLnA==

GET
H2 200 0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 67 KB
67 KB 93ms
91ms Image
image/jpeg 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 02:22:41 GMT
x-amz-version-id: ZH02roOr6fuUn3wXr16OsEc43uHvl5eY
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 4562648
etag: "8a35e1ec124590183b3b65717bbdf858"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 68470
x-amz-cf-id: rgTsEAPoxmGaBOi4BGjkmPFwzds2pL6nhsW-OuYhMQQEyysdqq0ahQ==

GET
H2 200 52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 308 B
726 B 86ms
84ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: WhsKVSQAuVesPEE95YRTkQT8lgf4NUYb
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791003
etag: "664e0b74b02a5184054577ac4e266e5d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 308
x-amz-cf-id: sAV3AdFsbpXbaqmOSAkCIFw_dTnSvtiXP3d00ls9UVymo_DGmFDL2Q==

GET
H2 200 7f01bac7-five-stars-original_103m012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 778 B
1 KB 87ms
85ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/7f01bac7-five-stars-original_103m012000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: q9ej42R845fWKQiVPhlinVCHId6zqd6Y
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791002
etag: "918ec8903473fef53c9ba0b9cf21cd8b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 778
x-amz-cf-id: GFa6pE4P2aqO8GYQa1a_1Q_ljzb_-DuETYaZTBV56Keg1l_-DFfCmQ==

GET
H2 200 8c77d1de-rightarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1009 B
1 KB 95ms
93ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8c77d1de-rightarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 06:26:44 GMT
x-amz-version-id: z3iF44Fp.Q12WHAfRblVtvRyIE8Qp7GW
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3943205
etag: "6eeccde26d2dc7f37f4370ec5f7bdef3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1009
x-amz-cf-id: OvEJPPx_GfxDF0xeQNHTp61Yk5rDrQrgTI6bt3UMVoVdUXRilKBK1w==

GET
H2 200 382a6532-leftarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 88ms
86ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:47:53 GMT
x-amz-version-id: zsc2lHYLCXshXMyg1W1eoCLjqbalfi5e
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3794336
etag: "38636c9904e9e46c854a0c55d99255c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1060
x-amz-cf-id: nOWxNK8gAdNmm5CCxSnlJRyHYRtOz_qyWHw7THLIMPaX6IBO3guDJQ==

GET
H2 200 382a6532-leftarrow-angle_1046045000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 2 KB
2 KB 94ms
92ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_1046045000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:19:10 GMT
x-amz-version-id: 4gTsdq5VKgaPreoIvezj2c_yuTBGNs29
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1193259
etag: "c1a8b03787621838c3a03591dad5f219"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1875
x-amz-cf-id: YepqMJV2luAMFBuCMeJ-AFrVWWkbQFe4YVgqtNG6hMOd1ckeicv8Yg==

GET
H2 200 0a4cf109-rightarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1020 B
1 KB 94ms
93ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0a4cf109-rightarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 23:47:53 GMT
x-amz-version-id: SAj4ytmi_oJsp0DjlJY.XTPHhDdD.5FK
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 3794336
etag: "efe6e12ca3ee76495ec9ae8ee9198ca5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1020
x-amz-cf-id: Rkuzjd873tZ6FlVwB4FljOjhEPJt4R4uYQhF_dupxhijuNBJEYd4Bw==

GET
H2 200 29f0369a-lefftarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
2 KB 92ms
90ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/29f0369a-lefftarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:53:22 GMT
x-amz-version-id: jgqwdSMhLU6SpJ2hk45xoMe0r1EMlFf4
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1371206
etag: "032c54654550e68afaa8897a89466d3b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1155
x-amz-cf-id: YrLYsurK8febNPyAqMi2dMbDbHMkYC4xTQ7UHdffT5hHVaWwDP8IMg==

GET
H2 200 32f07f71-whitecheck_100m00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 464 B
881 B 96ms
94ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100m00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: MMk6v_dgc21xSzbSmJlTM.dUtHREM.rE
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791003
etag: "a04ce831c57d2ab68e6238b18207182b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 464
x-amz-cf-id: 6vhgPv8hn2KuZa6gnOOrnl_22C5i_SK7eKDcZVY9LXJH74Vtea9hFA==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 11 KB
12 KB 96ms
95ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: qu14eRJiC0WAmop0rirA6XpBnOdR5Auk
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791002
etag: "5cb3c3f5b3507c11c9caac73d0935f02"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 11539
x-amz-cf-id: 0sv9a1ecrgiB3JZ5cdekjLq8tsoOOAS9T1z0qdMIQVQd7px-8ubZhg==

GET
H2 200 8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 56 KB
56 KB 97ms
96ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: .qmwAfxopTRJNE1HKbRRZmBiZyA5XmPf
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791003
etag: "b1ac86144722d6bb5139c086266e3a29"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 57139
x-amz-cf-id: F4KFQkB9QbBYu31J05tDF5TVPZTxwtKufgf7NWkZvzYtdlaPVc92MA==

GET
H2 200 2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 62 KB
63 KB 101ms
100ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:16:46 GMT
x-amz-version-id: Y6gT8kl9zOfxxJxUD5L8NtSey32mIJof
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1791002
etag: "c20ef03d9c4142b86e99acdee2bda368"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63662
x-amz-cf-id: gMtlEQUf0dWoVXWrtSmtceVuxZmjvb8eik7t3jd0nE5EAdf4bnNj4w==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 41 KB
41 KB 103ms
102ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:53:22 GMT
x-amz-version-id: Ldx3hIqE0Xvb3OsHxm0PJ42JJa5XrZnm
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 1371206
etag: "3a2b95d01cb23a2899f17b0099a335ca"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 41717
x-amz-cf-id: AVTYIMEoliEvIYrtYgpzhtWuI0MaokhGVGELEbCOyUfbmnndB7zELA==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_10910h3000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 49 KB
49 KB 100ms
99ms Image
image/png 52.222.137.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_10910h3000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-129.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5444b48af5940e46bff886e60bba6fc2c1c6705f30a1c8d0577d710fcb9b5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 16:41:33 GMT
x-amz-version-id: tgvljqY2ob5beJ8P9sbGL..Qp_FC8qpM
via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 15:09:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 2610316
etag: "2b195f509b97cf523257ce393cf5e75f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 49713
x-amz-cf-id: NtemwNSFgYifOfsmFcproRspN3qZ_iwKSt9O0DxO-wYhdU_ikzK7wA==

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 2 KB
1 KB 59ms
59ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1704232008159&data=%7B%22id%22%3A306%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704232007925%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704232007929%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 52cd9531eb68670ee4496393b2903d9966204b1d2e69aefd5c6060317eea3ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.33225
x-fastly-to-nlb-rtt: 7455
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220109-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1704232008.409596,VS0,VE21
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
108 B 51ms
50ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1704232008051&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_pnXEnpqEZ0Ed1eCC9mcZon3mKMp0ca9iQ1xCun_OUCPpIDlB&random=3849862106&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
108 B 52ms
52ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1704232008051&cv=11&fst=1704229200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_pnXEnpqEZ0Ed1eCC9mcZon3mKMp0ca9iQ1xCun_OUCPpIDlB&random=3849862106&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=489428041&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1115285253&gjid=1972929126&cid=1887819398.1704232008&tid=UA-28307243-3&_gid=271639312.1704232008&_slc=1&gtm=45He3bt0n81M3S986Pv79737984&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1791473572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 143ms
49ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28307243-3&cid=1887819398.1704232008&jid=1115285253&gjid=1972929126&_gid=271639312.1704232008&_u=YCDAiEABBAAAAGAAI~&z=1764142269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 02 Jan 2024 21:46:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
535 B 149ms
141ms Stylesheet
text/plain 52.205.151.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.3348291764611451&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.205.151.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-151-245.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 78ms
78ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: br
last-modified: Tue, 02 Jan 2024 08:59:32 GMT
etag: W/"0x8DC0B71233A1338"
vary: Accept-Encoding
x-azure-ref: 20240102T214648Z-4vxnc583y578b5xqze74h96w740000000ap000000000h1ma
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8f5a9dd1-801e-0048-3d5a-3d33ec000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
698 B 274ms
274ms Ping
text/plain 2.23.209.165
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.165 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2f96c1a4
date: Tue, 02 Jan 2024 21:46:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24010221464876BC81572C61337B520E-513F5471E17723AB-00
x-cache: TCP_MISS from a2-23-208-37.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=80, cdn-cache; desc=MISS, edge; dur=7, origin; dur=175
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024010221464876BC81572C61337B520E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 175,2.23.208.37
x-tt-trace-host: 01363bab9ca6e103ddc00a3e4d9d614b957f1a6617a80ca556a5ab276b5f9abb177a51e2495711a19eb246bc73d07dca89803f24a242614865623b451ec0951d3dd44348c069b10bb1690849199734f21bc6a7d96efde9eabab6664c81ef802864
access-control-allow-headers: Authorization,*
expires: Tue, 02 Jan 2024 21:46:48 GMT

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 168ms
168ms XHR
application/x-mpegurl 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
via: 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 41198
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 33
content-length: 935
x-request-id: e1314696-c9ac-43ac-af22-8aa9c2af0678
x-served-by: cache-iad-kiad7000102-IAD, cache-sof1510036-SOF
x-runtime: 0.032393
x-browser-version: 120
server: envoy
x-timer: S1704232008.387469,VS0,VE110
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IVOCVQuSJMrnD9DGsNzxBAK-jiIDF4YWFo4s-UvrF2aldFxpd8vCng==
x-cache-hits: 1260, 0

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 57ms
57ms Image
image/gif 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3430
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-sof1510036-SOF
x-browser-version: 120
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1704232008.388045,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 309

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28307243-3&cid=1887819398.1704232008&jid=1115285253&_u=YCDAiEABBAAAAGAAI~&z=424957452

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 50ms
50ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28307243-3&cid=1887819398.1704232008&jid=1115285253&_u=YCDAiEABBAAAAGAAI~&z=424957452

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 220ms
212ms Image
text/plain 34.208.151.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&vrs=8.2&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=96bff754-63a6-489c-b4cc-45070a285a32&pageid=96847d11-d3f1-48fb-9078-06fcbb65b70e&sessionid=7e159211-3a5f-4336-b6ad-914b4c9e0a8c&cd=%7B%7D
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.151.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-151-79.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
context-id: f4bdfde0-7044-429a-be1f-9e317671b845

GET
H2 200 val.html Show response
d2cli4kgl5uxre.cloudfront.net/js/h/ Frame 575C 11 KB
11 KB 114ms
32ms Document
text/html 2600:9000:20e8:a00:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2cli4kgl5uxre.cloudfront.net/js/h/val.html
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:a00:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0a28a1049f342e532d464553097e93d0e67687915b3e286b4e8c256701bef03

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73807
content-length: 10766
content-type: text/html
date: Tue, 02 Jan 2024 05:17:33 GMT
etag: "eb80ca22000cc5359e068bea70213c4a"
last-modified: Fri, 08 Dec 2023 06:13:36 GMT
server: AmazonS3
vary: Origin
via: 1.1 41232b1248b5064ae14550b383a46694.cloudfront.net (CloudFront)
x-amz-cf-id: KZKktdPDNWnoiF1Z7mfqgG_eK3f2DQKRNBAyRORL0Y2FzWY71CmQog==
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: aEj9l4cfelvl8VOVc8JGuECmFFUoDMSL
x-cache: Hit from cloudfront

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 92ms
34ms Font
font/woff2 18.66.2.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-35.txl50.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 21159220
x-amzn-requestid: 4f676554-5a99-4f9a-9cda-d41b3fd5a3a1
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcLNGdcIAMFslw=
content-length: 22518
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a714-4646b3b76c5600fb1e3965d7
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KLRKK4Y5ewk442QZZxfizMlvdRgxtB4O8KlI_05mM_kA6SUda8l_3A==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
24 KB 114ms
56ms Font
font/woff2 18.66.2.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-35.txl50.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 5614118
x-amzn-requestid: a51de0bf-535a-4b43-8cdd-388770fa181e
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: NlcFZGPxIAMER3A=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-653eda22-717c0f9d1e8180ff3c57601e
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eW-JLk_JLjd1TyYD142aKkqiBklaFq_iPdHorfTO-HqSrYbkubsQ7g==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 122ms
64ms Font
font/woff2 18.66.2.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-35.txl50.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 17:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 8136184
x-amzn-requestid: 1d3ccf8b-5877-4162-9a3e-f91c7d5b96f7
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: MFOspFLhIAMEjKg=
content-length: 23041
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65185e50-2dc2d742584fe8b358992560
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SOCwxlnQRbrSBplbTKDqWTjdof-TfUi6-ENDviv5iEjzN7iyh7wuxg==

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 24 KB
25 KB 122ms
65ms Font
font/woff2 18.66.2.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-35.txl50.r.cloudfront.net

Software

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 07:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 24448
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 8777306
x-amzn-requestid: 97ebe96c-ea3d-4a44-8236-ecdff3139ed6
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: LsxdNE1XIAMEZ9Q=
content-length: 24405
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-650e95ed-064949da39a17ac126be5b5e
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cux1fp5RA7TKV8s1GTiCWW-o_pIL9WQ738YOoBmlEJCXjSHSxB0i8w==

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v53/ 28 KB
29 KB 144ms
87ms Font
font/woff2 18.66.2.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-35.txl50.r.cloudfront.net

Software

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 11:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 28512
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 8071479
x-amzn-requestid: 30f12bb6-f986-46b2-8fa9-417118b38ccb
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: MHsqrGbUoAMEc1g=
content-length: 28534
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65195b10-490613176a31144640f1b801
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 65zFbCqgZqEfukMRckiCwHOem3vN4YZ7tNv199cS52y6igYRKCc0wg==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
300 B 662ms
379ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 02 Jan 2024 21:46:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 a18adcb3fe4d694342677106235399fede11a10f.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 151ms
45ms XHR
application/vnd.apple.mpegurl 2600:9000:2261:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 22:17:12 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 1726176
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 119
content-length: 13708
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: B3iFhlkGX0BmjNIPfqvSUfYRG3F-v9jiHzIDicQuBqAb-EWENaEZDg==
expires: Thu, 12 Dec 2024 22:17:12 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 69ms
69ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a774b19d5173d81cf31cc63eff99b6ee8d9dd29651acfb93efa45f88459421dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:48 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 706
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18255
x-served-by: cache-iad-kjyo7100078-IAD, cache-sof1510036-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:34 GMT
server: AmazonS3
x-timer: S1704232009.567405,VS0,VE0
etag: "e6186b0372b100dc5cc6243bf65e2c68"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 46, 37318

GET
H2 200 modules.618aa075c4d9b6424e07.js Show response
script.hotjar.com/ 220 KB
55 KB 115ms
33ms Script
application/javascript 18.66.2.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-12.txl50.r.cloudfront.net

Software

Resource Hash

4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 1078602
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55689
last-modified: Thu, 21 Dec 2023 10:09:33 GMT
etag: "6ed2c6300d63320c76677ced187741fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: B9PpKbno-_XqGlQRnW2Kfn9nGrBSEdL8neON0lA8f5kmz3dpvVROsw==

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 139 KB
37 KB 123ms
123ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.138&r=stable&domain=pages.upwellness.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97785500fe371f2901afe83c7b4b66a21052445a36f7b0951f582d9856989d81

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Jan 2024 21:46:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: n/gwBoJNB7saipfEY2vVKmnlcFidzVcK7Bt+46z4fXj+EVNZaD0GU8332nvI8Hw2kC0fjPmFRlQFJmev++7SdA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27015508.js Show response
bat.bing.com/p/action/ 1 KB
849 B 64ms
64ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8d10991f6da2bcf90c90fbac7d48552546749b319d44c03050c1287fb781416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 02 Jan 2024 21:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C224B981E4344BC8083D0E3F6A86A7C Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:48Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
289 B 101ms
101ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=99d0758f-444a-4741-931c-5abb9addce35&sid=6e650960a9b811ee9cc20bcdc1f7caa8&vid=6e64fc20a9b811eeb8f9594aaa9fb1b3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM&r=&lt=1325&evt=pageLoad&sv=1&rn=604140

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 21:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A1AC23C16E84F0AA3EE2CFEFB3881A8 Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938a19aa964680c64c663d113e941222a537fbc54e315382fdc6569bf088ac21

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/ 2 MB
2 MB 73ms
73ms XHR
video/mp2t 2600:9000:2261:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:30:45 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 1145763
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 264
content-length: 1690872
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3AZaqs9YHueBiu-fzX8cqTubx_iADnE4rkqqZqRE_WBkoe1zEixrmw==
expires: Thu, 19 Dec 2024 15:30:45 GMT

GET
H2 200 27015508 Show response
bat.bing.com/p/insights/t/ 724 B
904 B 187ms
187ms Script
application/x-javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/27015508

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/27015508.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b968ce63ec18fdd9614dc9c733bdd25211ab6fec9636a351b98fa0870d710905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 02 Jan 2024 21:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF5A4E10F9B941DBB2179A6271988CCB Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:48Z
vary: Accept-Encoding
x-azure-ref: 20240102T214648Z-3twvtbq6vd6tx4x7550nm4ksp000000006tg00000000aehx
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 615
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK 0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js Show response
pages.upwellness.com/_ub/static/ts/ Frame 575C 43 KB
15 KB 80ms
80ms Document
application/javascript 3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/_ub/static/ts/0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a0149e197633f530e4276ca95494ebb284d366b16130445c582ec88692130602

Request headers

Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13499
cache-control: public, max-age=31536000, immutable
content-encoding: br
content-type: application/javascript
date: Tue, 02 Jan 2024 18:01:50 GMT
etag: W/"02f84055825eea29aac01c046fc89427"
last-modified: Tue, 02 Jan 2024 16:49:33 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: Hit
x-proxy-backend: <CACHE>

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 120ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1704232008742&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704232008741.2573807&ler=empty&it=1704232008578&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Jan 2024 21:46:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 120ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1704232008743&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1704232008741.2573807&ler=empty&it=1704232008578&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Jan 2024 21:46:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 119ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1704232008743&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1704232008741.2573807&ler=empty&it=1704232008578&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Jan 2024 21:46:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 pageview
gtrace.mediago.io/api/bidder/track/pixel/ 0
60 B 43ms
43ms Ping
text/plain 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrace.mediago.io/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=&ptd=&tkd=&acd=&cpid=&v=140700513&apiV=2
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 68C2 325 B
818 B 504ms
504ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 83f632694e9a1701-SJC
content-length: 325
content-type: text/html
date: Tue, 02 Jan 2024 21:46:49 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Buvek%2Fw1YJHh2MNiXx8T%2Fwtkci0cEEh17ROS4gvnfkGoFFmawH7ev7B3T5HpfY%2BQHVHTVblIjhyctJFl2a%2FPUVz4M0mCZnBBvIyPnPIzmKAYHcR6lbLVH43WxYhPnfhQOKx65y5UzVIonGLikmz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: 58JlWuElZ/2pR+1rEKz6SpTf5LyBxp247Bn/vKozjrLsyF92JXEMgII+jWUK69WiYXyYBqrdYtk=
x-amz-request-id: AHGRQN7QDZWG76HZ
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 0.7.20 Show response
bat.bing.com/p/insights/s/ 34 KB
15 KB 67ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.20

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/27015508

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 02 Jan 2024 21:46:49 GMT
x-cache: CONFIG_NOCACHE
content-length: 14592
last-modified: Wed, 13 Dec 2023 19:58:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97EC62DAA9F74A5682CDD4A78A8450E5 Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:49Z
etag: W/"0x8DBFC15D3D7323E"
vary: Accept-Encoding
x-azure-ref: 20240102T214649Z-78zcxznt090a7bk94h0wfpef0n0000000g30000000008854
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1c03666b-101e-005a-4931-39483c000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H2 200 577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 44ms
44ms XHR
application/vnd.apple.mpegurl 2600:9000:2261:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:31:20 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 1145729
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 151
content-length: 13708
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GwB4EOCifRod7f0IYW6Qai78jmnLs1sm5ZVb48TYpIeE9zIebb6bRg==
expires: Thu, 19 Dec 2024 15:31:20 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 268 KB
269 KB 46ms
45ms XHR
video/mp2t 2600:9000:2261:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:31:23 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 1145726
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 154
content-length: 274104
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tPX6UuxzmUu0zDUWRafMHHCC1ZGrhKUbQpwQ-t3P6mVZHcj6HCcSWw==
expires: Thu, 19 Dec 2024 15:31:23 GMT

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 265 KB
266 KB 45ms
45ms XHR
video/mp2t 2600:9000:2261:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:31:31 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 1145718
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
content-length: 271096
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8rPLKrYrIIeJ7hWm1IOG_qMPXKZAT88WPyeXeI0x9AUY87iw8CdczQ==
expires: Thu, 19 Dec 2024 15:31:31 GMT

POST
H2 204 x Show response
bat.bing.com/p/insights/c/ 0
214 B 154ms
154ms XHR
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/x

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.20

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 21:46:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 236AB07D88DC4529B84BEFFF0D2EBE00 Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:49Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 185ms
44ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1704232007926&ver=36&isls=true&src=i&invt=1500&msa=15193&rv=1&tim=1704232009488&vi=1704232007925&ri=636f8a5412d131fa8370956172f1affb&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
250 B 184ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1704232007926&ver=36&isls=true&src=i&invt=1500&msa=15193&rv=1&tim=1704232009489&vi=1704232007925&ri=9389ed680048e2f1cf478d836feba8e1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
300 B 252ms
252ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 02 Jan 2024 21:46:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 68C2 389 KB
114 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 14:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Dec 2024 14:00:25 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 68C2 112 KB
112 KB 192ms
191ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BT4PKYY72CEC6J8M
age: 4337149
alt-svc: h3=":443"; ma=86400
content-length: 114404
x-amz-id-2: HFS6F5lPJL53XV4ZGRI9hRyjElRyDJ9/NZgCyvot3GY8OZu+YD7c8pkV+rxU9DGeShXBCRVaRXHu7VFQGRJqDE8xGWi/doZaLSNGZyONhXk=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDqCzsj%2BmD5olyByGx%2FgzSMH84fpyeJ46sEIpc9snQHJl0rzXA2uiPBkh56nwgRoHbbZWk%2BEtBIoHF1qlhsQdaL%2FkiQ%2B6EXHdTfjKG3PA3isHt8K7ZVezahXdEhakKjWKNQeD8V3e1PHIGOFD9x7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 83f6326c79681701-SJC

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 79 KB
21 KB 61ms
61ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e59f8184388cbf7873147d14016ebf88a7f73feb7802e9fe764aa6dedc2809c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 984
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21103
x-served-by: cache-iad-kcgs7200176-IAD, cache-sof1510036-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:34 GMT
server: AmazonS3
x-timer: S1704232010.858444,VS0,VE0
etag: "7061aad4670a61dbecdcde446142fc17"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30, 83

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 4A68
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...

2 KB
2 KB

150ms
150ms

Document
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450&dcc=t

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102e4374e08f24b853c51d97120f51&n=tune&AFFID=477232&subid=1_TH231103PM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

64c29bc740bbfc2c6a3ab3e40178c62a805a579f54883a6c862fd5a0a95252b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1695
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 02 Jan 2024 21:46:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: NZ66XA9DVWE281019C9H

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 02 Jan 2024 21:46:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TWMYWZE1N04BWXP0SSB8

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 8A0A 565 B
428 B 67ms
66ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 21:46:49 GMT
pinterest-version: 8c23f27d55c77c9c78a5d022d53a766b1295cc23
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1226689377529762

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CF8D7ED2220B4759AAC6F0F638FF0823&RedC=c.clarity.ms&MXFR=1DD0372EB92F65663C7624D4BD2F6B8D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CF8D7ED2220B4759AAC6F0F638FF0823&MUID=21E7845FBDB469DF0CBE97A5BC3F681B

42 B
443 B

56ms
55ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CF8D7ED2220B4759AAC6F0F638FF0823&MUID=21E7845FBDB469DF0CBE97A5BC3F681B
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E61FA11EC8F54CABBD5C1ABE517DEBF8 Ref B: FRA31EDGE0615 Ref C: 2024-01-02T21:46:50Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CF8D7ED2220B4759AAC6F0F638FF0823&MUID=21E7845FBDB469DF0CBE97A5BC3F681B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
330 B 221ms
138ms Fetch
text/plain 2600:9000:2261:9e00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:9e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: MMNjcFNEQJdp7Q6Wy4nSTFv_KoNqAhJjX184nB6bmdUnOIRPztKPNQ==

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame DAD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_cm&google_hm=ay02VDh0YTVEN29BTllFNHhETGUtNzBxcVRlUVJGZmcxc...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_gid=CAESEFkAjqawvq_VfgTw2mIuiNc&google_cver=1&google_ula=913071,0

43 B
369 B

41ms
40ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_gid=CAESEFkAjqawvq_VfgTw2mIuiNc&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 789325
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6T8ta5D7oANYE4xDLe-70qqTeQRFfg1qDkF6YQ&google_gid=CAESEFkAjqawvq_VfgTw2mIuiNc&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame DAD2 43 B
146 B 129ms
40ms Image
image/gif 52.58.145.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-DtSjhpD7oANYE4xDLe-70qqTeQR1RaG637kLQw&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.145.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-145-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DAD2
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4944762894601664460

43 B
370 B

40ms
40ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4944762894601664460

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1315743
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
an-x-request-uuid: 75a10296-b0d5-474b-b28e-1e4d9232bea4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4944762894601664460
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame DAD2 57 B
787 B 174ms
63ms Image
image/gif 88.221.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-eKps8JD7oANYE4xDLe-70qqTeQRnIplsBfCLcQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 02 Jan 2024 21:46:50 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 02 Jan 2024 21:46:50 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame DAD2 0
239 B 195ms
43ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Db9VCJD7oANYE4xDLe-70qqTeQRYdkxA8euYWg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame DAD2 43 B
163 B 201ms
50ms Image
image/gif 217.182.178.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-vBBd05D7oANYE4xDLe-70qqTeQTBXrDs4BRWMA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame DAD2 23 B
163 B 193ms
67ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-R8oZ7JD7oANYE4xDLe-70qqTeQREy9j1wCc2aQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 02 Jan 2024 21:46:50 GMT
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame DAD2 37 B
140 B 119ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-i0nxdpD7oANYE4xDLe-70qqTeQTsb-cxTv9udg&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DAD2 0
125 B 150ms
43ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OLXwApD7oANYE4xDLe-70qqTeQQ9OC1Rz777JA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame DAD2 56 B
319 B 252ms
91ms Image
image/gif 88.221.110.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-OLXwApD7oANYE4xDLe-70qqTeQQ9OC1Rz777JA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.110.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a88-221-110-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 02 Jan 2024 21:46:50 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Tue, 02 Jan 2024 21:46:50 GMT

GET
H2 200 pixel
cm.adform.net/ Frame DAD2 43 B
163 B 125ms
38ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-BWNvBZD7oANYE4xDLe-70qqTeQQn1NVKggSBkQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame DAD2 49 B
385 B 199ms
60ms Image
image/gif 52.30.133.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-pGF4tZD7oANYE4xDLe-70qqTeQS4o03D1P4bFw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.133.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-133-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame DAD2
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DAc0WpD7oANYE4xDLe-70qqTeQTLQyRJIIdMlw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DAc0WpD7oANYE4xDLe-70qqTeQTLQyRJIIdMlw&C=1

43 B
326 B

77ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-DAc0WpD7oANYE4xDLe-70qqTeQTLQyRJIIdMlw&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URhA0Kl2Ipa9FHv0QUiDm0SKyvkfQuiCkYj44HZe8fIM3bjEmNIFTY%2B6y53bDCEgCd%2BfOWbsq78lHdZhgbjYV1y0RNuGOLJdUQFqigJ7LWC9DS4d4nuDNcCx%2FpgF3Jfl3Zma"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83f6326fcd6358e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbsOBpgxqUch1i1KxrpmDPKAKwPmKXoUK%2FupblDXzOiMvUc%2Fo1S7Q8tytE%2B30%2FyuAwA%2BrDeaLP%2FybYdAjbdhdhxx9njVYxctyj92MH%2Fow6PJiv9cHO0yKvk%2Bn4bgR%2FcGfdYP"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-DAc0WpD7oANYE4xDLe-70qqTeQTLQyRJIIdMlw&C=1
cache-control: no-cache
cf-ray: 83f6326f3c6f58e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame DAD2
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=6-2vp5bcQ6I5nNcpvPdXfQD27QVeDrUG
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=6-2vp5bcQ6I5nNcpvPdXfQD27QVeDrUG

42 B
717 B

56ms
56ms

Image
image/gif

54.171.3.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=6-2vp5bcQ6I5nNcpvPdXfQD27QVeDrUG

Protocol

Server

54.171.3.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-3-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-082fe620b.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 62mlKPnTQ9Q=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-08513f95b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: BYBLMh8/S/U=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=6-2vp5bcQ6I5nNcpvPdXfQD27QVeDrUG
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame DAD2 43 B
921 B 131ms
40ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-FA57N5D7oANYE4xDLe-70qqTeQQ2USeJ0kADfw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 02 Jan 2024 21:46:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame DAD2 43 B
199 B 243ms
57ms Image
image/gif 34.241.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-NDFkG5D7oANYE4xDLe-70qqTeQTqMxCTBJi5bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Jan 2024 21:46:50 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame DAD2 42 B
265 B 146ms
48ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-QKl405D7oANYE4xDLe-70qqTeQSsZqV39gAdTA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame DAD2 0
882 B 138ms
50ms Image
text/html 18.159.136.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-OTy8vpD7oANYE4xDLe-70qqTeQQi7zrC9Fy0bQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.136.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-136-150.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame DAD2 43 B
422 B 377ms
118ms Image
image/gif 18.232.255.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-9c1HD5D7oANYE4xDLe-70qqTeQQfHuEopq0mSQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.255.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-255-36.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame DAD2 0
145 B 457ms
115ms Image
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-vPvpZJD7oANYE4xDLe-70qqTeQQ8JttD7dEqUw&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:46:50 GMT
Cache-Control: no-cache
X-TraceId: 4d3224f2bb6b54dd9d5a601921240c00
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame DAD2 0
225 B 157ms
47ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Z8L025D7oANYE4xDLe-70qqTeQTUN2N10RxXhw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame DAD2 0
35 B 153ms
40ms Image
text/plain 3.121.221.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-fc2rvpD7oANYE4xDLe-70qqTeQQ7Js5qYu_uEA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.221.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-221-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame DAD2 43 B
398 B 379ms
117ms Image
image/gif 2600:1f18:612b:4216:2994:5ad:21a7:a60b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-B8dUbpD7oANYE4xDLe-70qqTeQSh747rS6t1dg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:2994:5ad:21a7:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 02 Jan 2024 21:46:50 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame DAD2 43 B
153 B 155ms
51ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-ipo1sZD7oANYE4xDLe-70qqTeQStWPGPsX6BJA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Jan 2024 21:46:50 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DAD2 0
235 B 153ms
61ms Image
text/plain 23.213.165.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-RPBzEJD7oANYE4xDLe-70qqTeQSfdoU3PL8u3Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 01 Jan 2024 21:46:50 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DAD2 0
38 B 201ms
57ms Image
text/plain 54.78.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-QUBBipD7oANYE4xDLe-70qqTeQS0cho5z6vngg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-158-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame DAD2 0
44 B 131ms
39ms Image
text/plain 52.57.138.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-CCOJ5pD7oANYE4xDLe-70qqTeQTIEq6wC0-vaA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
server: awselb/2.0

POST
H2 204 x
distillery.wistia.com/ 0
0 201ms
133ms Fetch 18.64.119.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.119.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-119-48.txl50.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
via: 1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: KwqsUak24WbLpGeApP33Sxt4lGcCor6o1J3X8fwrw5WjMlfVA3Ka7Q==

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 68C2 787 B
1 KB 571ms
452ms XHR
application/json 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
via: 1.1 fab151d68d1a2f6afb087e422136c6fe.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 787
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P4
x-amzn-requestid: 0e09a6fb-3524-43ff-bb9b-25b1382c1e42
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: Q7mbpHjMIAMEeoQ=
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"313-+rkeP2UpHjKs6MCqLnNipDqgc1I"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmcr35Yl9gkimpt%2BJN08EDT%2BHPFwkoUXL9kjLHn9xF%2FWAgjkyoIM9019SMgNnOkcTHWUmmA7J3%2BuHvBBt%2BdcD6pC4BeFApL1jmq90gr0Q%2BTA1Zznmr%2FlYtrnyYRGnnK5gakG5u2Oe9iBOrIHbEaU"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 83f6326e9d6804a6-CDG
x-amzn-remapped-date: Tue, 02 Jan 2024 21:46:50 GMT
x-amz-cf-id: FPxrqCnbqjw7bndZbmHZPeHk6IDmxtiz1k3vJMsI_jMdxaBsDWDvVA==
expires: 0

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 58ms
58ms Image
image/gif 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3431
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-sof1510036-SOF
x-browser-version: 120
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1704232010.902030,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 310

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 57ms
57ms XHR
application/x-mpegurl 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:49 GMT
via: 1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 41199
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 935
x-request-id: e1314696-c9ac-43ac-af22-8aa9c2af0678
x-served-by: cache-iad-kiad7000102-IAD, cache-sof1510036-SOF
x-runtime: 0.032393
x-browser-version: 120
server: envoy
x-timer: S1704232010.903870,VS0,VE0
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IVOCVQuSJMrnD9DGsNzxBAK-jiIDF4YWFo4s-UvrF2aldFxpd8vCng==
x-cache-hits: 1260, 1

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame DAD2 0
38 B 44ms
43ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-OLXwApD7oANYE4xDLe-70qqTeQQ9OC1Rz777JA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame DAD2 43 B
854 B 39ms
39ms Image
image/gif 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-q3rMnZD7oANYE4xDLe-70qqTeQQdp6zsMw6ljg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
an-x-request-uuid: 660ec003-9058-4b4a-a271-b9e8c3c9f6e7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DAD2
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ECXoasLR1VqRBb_JYqahkIG5zvrJt34W

0
337 B

212ms
56ms

Image
text/plain

52.214.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ECXoasLR1VqRBb_JYqahkIG5zvrJt34W
Protocol: H2
Server: 52.214.3.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1704232010
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=ECXoasLR1VqRBb_JYqahkIG5zvrJt34W
date: Tue, 02 Jan 2024 21:46:49 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 743858
content-length: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 426A 7 KB
8 KB 123ms
123ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c5bab03a0fc8a215b860196499b4ee4848c1c7df0213046d1488324b6781e112

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=496625507003432450&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 7544
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 02 Jan 2024 21:46:50 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: RK5MPJ6ZXQV82KYED47Z

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 550ms
119ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Tue, 02 Jan 2024 21:46:50 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704232010&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=dIUYWHXeCcisZE8o4IH6nhZ%2FEd%2BElxdamMBGr%2BoLY6c%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704232010&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=dIUYWHXeCcisZE8o4IH6nhZ%2FEd%2BElxdamMBGr%2BoLY6c%3D
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 68C2 0
701 B 160ms
127ms XHR
text/plain 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 02 Jan 2024 21:46:51 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704232011&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=H35IIZZvLNQGPbstqR864Z1qkqPDa1VeuEtXx0TvaGs%3D"}]}
Access-Control-Allow-Origin: https://cdn.useproof.com
Connection: keep-alive
Content-Length: 0
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704232011&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=H35IIZZvLNQGPbstqR864Z1qkqPDa1VeuEtXx0TvaGs%3D

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 68C2 70 B
812 B 342ms
221ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25223554fb41-a618-4d95-9a9b-59a5f5f45e65%2522%252C%2522captureIds%2522%253A%255B%2522-LOTAsTUT3N4RJrbQ3gp%2522%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522notificationId%2522%253A%2522-LOTAsTUT3N4RJrbQ3gp%2522%252C%2522campaignVariant%2522%253A%2522-MnloSbpswbbq1Mjqbrx%2522%252C%2522campaignVersion%2522%253A18%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102e4374e08f24b853c51d97120f51%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH231103PM%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-fps%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522activityNotifications%2522%253Atrue%252C%2522liveVisitorCount%2522%253Atrue%252C%2522hotStreaks%2522%253Atrue%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102e4374e08f24b853c51d97120f51%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH231103PM%2522%252C%2522actionBlurb%2522%253A%2522Purchased%2520Golden%2520Revive%2520%252B%2522%252C%2522activityLimit%2522%253A10%252C%2522restartActivityList%2522%253Atrue%252C%2522visitorThreshold%2522%253A2%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7dad22bf4e69d25f1a105f81aff43af98d1948bba3919cc2a97f43b04ac6e93a

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704232010&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uX%2Ffp9s2Td7blPhqNy1UOIeFuIvcwrk%2BQWUQO01fdfc%3D
server: cloudflare
etag: W/"46-nDpsUjQyKMjyNneAEOS1HHn2IwY"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704232010&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=uX%2Ffp9s2Td7blPhqNy1UOIeFuIvcwrk%2BQWUQO01fdfc%3D"}]}
access-control-allow-credentials: true
cf-ray: 83f632723abc700c-CDG
access-control-allow-headers: X-Requested-With,content-type

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
327 B 339ms
339ms Fetch
text/plain 2600:9000:2261:9e00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:9e00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: aweo29bDXXKRDgmoMOOMVKZNOaWt0mOprUtcsADFTAPtd6oDsA81bA==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=E63xWyzYRXKXd_O5_6ZEzw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=E63xWyzYRXKXd_O5_6ZEzw

43 B
479 B

124ms
123ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=E63xWyzYRXKXd_O5_6ZEzw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 948PSPWGBY3T2EXVXAX9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
an-x-request-uuid: e8f6e923-c228-47fe-adff-ff6ac5e90466
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=E63xWyzYRXKXd_O5_6ZEzw
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
match.360yield.com/ Frame 426A 43 B
198 B 71ms
57ms Image
image/gif 34.241.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=FNjfDiytRbm3BE3getG4-A&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Jan 2024 21:46:50 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 426A 43 B
163 B 55ms
49ms Image
image/gif 217.182.178.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=LpM8qraPSJaPXtToNAIqww
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=TUhbukHGRVSdwGltsTIJ9A&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZZSESuQejaRvKX-.yMvmXAAA

43 B
479 B

349ms
129ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZZSESuQejaRvKX-.yMvmXAAA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ASCJC633ZTQK5QAHFF12
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkL1vwzpaq%2BzibsWbVI0RUgTrTV%2Fa9GQt2OKE9jgUMDu7wUUOZArsex0AzOfUCZycOVXhr05X78GPlca56EA5n0tyhg1ffBPlYvEbR4dqh9BeCYX%2FBKpzB5U8jsPiB%2B9dUi8%2B9GaG%2FAHkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZZSESuQejaRvKX-.yMvmXAAA
cache-control: no-cache
cf-ray: 83f63271b90a58e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58516/ Frame 426A 0
15 B 49ms
42ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=w0Dk4FmBSnagGyMORmcQOA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
capi.connatix.com/us/ Frame 426A 82 B
82 B 156ms
81ms Image
image/gif 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?pId=32&puId=8IO0_MGYRyGAM3MyA05EVw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 83f632721d3e6a73-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=6549d3c8d526432393f242e446fc443e

43 B
479 B

404ms
124ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=6549d3c8d526432393f242e446fc443e

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4MCZDP064Y8J1KNZ8W0F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=6549d3c8d526432393f242e446fc443e
date: Tue, 02 Jan 2024 21:46:50 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

296ms
130ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V9X8BDTCHCDMJYBQYTWQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=YM237THHY273NJHA3SRE:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: YM237THHY273NJHA3SRE
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: BWKYBWdicM_4OXpHPp3u77QvRcQ9BxfJi-wy0AILM_kjocE0tS05dA==

GET
H2 200 match
match.360yield.com/ Frame 426A 43 B
198 B 69ms
58ms Image
image/gif 34.241.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Jan 2024 21:46:50 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 426A 0
186 B 232ms
132ms Image
text/plain 52.28.243.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.28.243.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-243-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=126042d011d874025

43 B
479 B

155ms
126ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=126042d011d874025

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8WH69XFTTFNXE0M049ZK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 02 Jan 2024 21:46:50 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=126042d011d874025
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KDe_G8HBQkCfTfFeRr1Qzw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KDe_G8HBQkCfTfFeRr1Qzw

43 B
479 B

239ms
123ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KDe_G8HBQkCfTfFeRr1Qzw

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BX3901HFXXQPZDTVP702
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KDe_G8HBQkCfTfFeRr1Qzw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PDam62e5SWisOGv5eMlGXA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75148124913757248733466117686573801770

43 B
479 B

351ms
124ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75148124913757248733466117686573801770

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B0AHHQ9EG7YYVD9Y41YM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

dcs: dcs-prod-irl1-2-v054-05129358f.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ieG1gu9/QG0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75148124913757248733466117686573801770
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame 426A 42 B
204 B 137ms
48ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=B90Rl79eR0OP-WQ66DckPA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9154305815548015478

43 B
479 B

297ms
137ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9154305815548015478

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C9HB5X0AMH4E6N7WKW76
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=9154305815548015478
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%221e5633eb-8a0b-4bb1-b700-b0e4292c011b%22,%22Time%22:%2220240102T214650.772812%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=1e5633eb-8a0b-4bb1-b700-b0e4292c011b

43 B
479 B

125ms
125ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=1e5633eb-8a0b-4bb1-b700-b0e4292c011b

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 81CP7TF3GSSCMHSWAMSX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=1e5633eb-8a0b-4bb1-b700-b0e4292c011b
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEOwA9ruESFt3jcA1wvh75Fs&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOwA9ruESFt3jcA1wvh75Fs&gdpr=0&action=GET_ID&etid=&domid=1109
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4944762894601664460&opid=apx&ops=&utidl=tech:goo:CAESEOwA9ruESFt3jcA1wvh75Fs&gdpr=0&action=GET_ID&etid=&domid=1109
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-65573418266&gdpr=0

43 B
479 B

125ms
125ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-65573418266&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0ACV87EP7AEDG6KFA4E4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-65573418266&gdpr=0
date: Tue, 02 Jan 2024 21:46:51 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LMazerQqx9wfezzKsa6IaTc4fM04ZgAC

43 B
479 B

291ms
138ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LMazerQqx9wfezzKsa6IaTc4fM04ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C7HH94CVBM7NJV84Z3FW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt7F4zNAWu%2B8xz7V1Q12Plbv2kb99cs0itqnBiaaBOrR29N0KUil4fgXBnVVnsy7LjHCNX%2BFKPAKhRuG5%2F0EKBeB9XgAiuFyT8NPvEl2QHiVWS8%2F7nvqq%2FhTPofbhfhc%2FnxWlqRb%2FBTMAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LMazerQqx9wfezzKsa6IaTc4fM04ZgAC
cache-control: no-cache
cf-ray: 83f63272eb5458e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 amazon
crb.kargo.com/api/v1/dsync/ Frame 426A 43 B
375 B 134ms
40ms Image
image/gif 3.122.86.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/amazon?exid=P_27Te1fRni0cDj0OcDDsQ&r=https://s.amazon-adsystem.com/ecm3?ex=KargoHMT&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.86.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-86-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
x-accel-expires: 0
vary: Origin
x-rejected: consent
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=4944762894601664460&ex=appnexus.com

43 B
479 B

359ms
128ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=4944762894601664460&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VZ7N1PQE7TD2DWFZR6TE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
an-x-request-uuid: 9cd63096-8889-42ac-bd20-9e25fa3121e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?id=4944762894601664460&ex=appnexus.com
x-proxy-origin: 80.255.7.104; 80.255.7.104; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 426A 0
74 B 66ms
47ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=LrcKh4sBR4Kz_F0CkvmkHg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=5GamtT7hMbSzfyH6rGeg7g&ex=rubiconproject.com&status=ok

43 B
479 B

125ms
125ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5GamtT7hMbSzfyH6rGeg7g&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TSAED47GXH15ZKN9KRR2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=5GamtT7hMbSzfyH6rGeg7g&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
loadus.exelator.com/load/ Frame 426A 0
324 B 303ms
56ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=87711E0A4B8494652B00244C02585D17

43 B
479 B

137ms
137ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=87711E0A4B8494652B00244C02585D17

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C4MNY3P6J9FRTBZV0F0G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 02 Jan 2024 21:46:51 GMT
server: openresty/1.21.4.1
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=87711E0A4B8494652B00244C02585D17
access-control-allow-origin: https://www.homedepot.com
access-control-expose-headers: User-NDAT
cache-control: no-cache, private
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
content-length: 151
expires: Tue, 02 Jan 2024 21:46:50 GMT

GET
H2 200 sync
sync-amazon.ads.yieldmo.com/ Frame 426A 0
37 B 116ms
57ms Image
text/plain 54.78.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=gKP09cBIT8aGvMSYdAZlzg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-158-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:51 GMT
content-length: 0

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame 426A 0
119 B 136ms
50ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=yYf-BzZYQGOEkraysNx3wA&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:51 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=21bf268d-6c0d-484b-8ff2-ce12ab360d2a-tuctc8e09cb

43 B
479 B

125ms
125ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=21bf268d-6c0d-484b-8ff2-ce12ab360d2a-tuctc8e09cb

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5YP7Y4NPERH1TRSNQH2V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=21bf268d-6c0d-484b-8ff2-ce12ab360d2a-tuctc8e09cb
date: Tue, 02 Jan 2024 21:46:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41970

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=217553104749005316244&ex=neustar.biz

43 B
479 B

127ms
127ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=217553104749005316244&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8YKRPZEV0SM075GSHSCX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:51 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=217553104749005316244&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6469c9f2f7e77c75e571325379dda9af

43 B
479 B

339ms
133ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6469c9f2f7e77c75e571325379dda9af

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 23EHTG86B0KH39EHEW1A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6469c9f2f7e77c75e571325379dda9af
date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

132ms
131ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CRBVBX5T9PNBN4J75Y6M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Tue, 02 Jan 2024 21:46:51 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET sync
t.myvisualiq.net/ Frame 426A 0
0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 426A 0
122 B 156ms
47ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=y_tB0EWpSw-ZDncz2B8QOw&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-ht258
date: Tue, 02 Jan 2024 21:46:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58725/ Frame 426A
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

0
15 B

42ms
42ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
date: Tue, 02 Jan 2024 21:46:51 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 355
content-language: en

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=53b360b316c9afd5b941dffa99bd6ed&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

126ms
126ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=53b360b316c9afd5b941dffa99bd6ed&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7YC2ABV3NESMMRGM0T2J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=53b360b316c9afd5b941dffa99bd6ed&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1704232011360037-331

GET
H2 200 map
sync.rfp.fout.jp/ Frame 426A 43 B
275 B 374ms
270ms Image
image/gif 35.186.196.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.rfp.fout.jp/map?dsp_id=12&uid=aNSkd60HRy2Ei1bLOPYcdA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.196.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.196.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:51 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: Accept-Encoding
p3p: CP="ADM NOI OUR"
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 426A 0
336 B 58ms
55ms Image
text/plain 52.214.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=bqD277GZSRGADUElTxEsIg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.3.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n001-dub-prod.krxd.net
date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1704232010
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 426A 0
34 B 42ms
40ms Image
text/plain 3.121.221.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=wE4DpHXcQL5mguNBAJxVK3sW&source_user_id=H85O7hFdRBatVbHwDds8CQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.221.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-221-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=SOoyQzDdSsqe-GcXzc_sHA&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=869ba257eb38166ac1c98795e2c793a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=SOoyQzDdSsqe-GcXzc_sHA

43 B
479 B

125ms
125ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=869ba257eb38166ac1c98795e2c793a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=SOoyQzDdSsqe-GcXzc_sHA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QR34DMG1RA01T2Y3AV4Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=869ba257eb38166ac1c98795e2c793a&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=SOoyQzDdSsqe-GcXzc_sHA
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1704232011429015-419

GET partner
sync.search.spotxchange.com/ Frame 426A 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDFkAGTpBzVR2A1W-osba7Q&google_cver=1

43 B
479 B

358ms
126ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDFkAGTpBzVR2A1W-osba7Q&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ET7T64R5359VQBZT9RRH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEDFkAGTpBzVR2A1W-osba7Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 426A 20 B
20 B 389ms
118ms Image
text/plain 18.206.27.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.27.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-27-123.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: usermatch-a021-ash-prod.krxd.net
date: Tue, 02 Jan 2024 21:46:51 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a89134f9ad2597027b743b0e20348d0d

43 B
479 B

127ms
127ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a89134f9ad2597027b743b0e20348d0d

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9VHFN5T0DDBT6TDR84FP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 02 Jan 2024 21:46:51 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=a89134f9ad2597027b743b0e20348d0d
content-length: 0
x-amz-cf-id: -EV51TER-oVZFainyY1laJn560sTF14o2dL8X3JSe-baWBaJpGzwog==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 426A 43 B
224 B 50ms
50ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 xuid
eb2.3lift.com/ Frame 426A 37 B
139 B 42ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=PwXijtUlRM2oyIrEzbsZQw&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=FE3DD7FDA32CC97A

43 B
479 B

134ms
133ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=FE3DD7FDA32CC97A

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8QR36CN27TGHFJYE03Y6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:47:01 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=FE3DD7FDA32CC97A
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=PuuVyzyDSOqKwizJ5m2OXg&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

345ms
120ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MEJP312QZ9WRHCB031C5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 426A
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=aae3d8c105eb724451dbaf7619282332d0ecf3392daf4eda708c40929a69e2ba

43 B
479 B

125ms
125ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=aae3d8c105eb724451dbaf7619282332d0ecf3392daf4eda708c40929a69e2ba

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jan 2024 21:46:51 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G6S9Z62H6750NP17RWJJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Jan 2024 21:46:51 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=aae3d8c105eb724451dbaf7619282332d0ecf3392daf4eda708c40929a69e2ba
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 426A 0
166 B 133ms
41ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=bqD277GZSRGADUElTxEsIg&dmt=3&ex-pl-n-g-hmt=PuuVyzyDSOqKwizJ5m2OXg&ep=ttam_T219Ay-cPciHbT10r54eH-8uE0AzLq4cIqLStP9KidyszUayylqmIQ1J5J5XVw2bR-sKHs6hcuExRFSros007263nk5h28x61zeFLC_KOBuzdNquhootp_OAHOgqvTp3RHU-xUlRkASJw3tuV_ilqSOVygZg64TOq_8Tz8vl1dYYTrzyd49TZaAHMZTc3hRI0uVE0TSYgXWuZgKgtdYJbvCe2bZzh8rruDCTitE6jSm_i7xIJRPyFM1UOQtD3MkJbFSBkbxVV7gwGY-uCaiIrLKkbD_UPc6KDfeOtDUQOGmNn55uvUci91-Y2mjjvFsJKqs6VfMyiQVusPColxyDZKAvfmF7Qz_kj0wFH3CRAXIVu47vSc4BGTpWWcIaSfIiDyfYSdXg27egbhe7_jjtB9YKKuzzg5_OBEHNL_zfffiQMp4k8K1N6UZWAB9bdyhkPWYmR24XZwXRFDOs6uCuI4qbYxcLbxbsqCHQ2ATSDskREAxghGmRZcRlw5VlUDL5OpKaX_3V9z7NDq6i9vvaUi4Zm4yJnKSPZnBKvdTQ8-NEgqOG4khSFxIn9EmcBVBJNLN1TDCeeXwasAXy2epSbfpXe32LthKkVYNk_r9UmBXo-ourEDT2HTH227ge5xEQ3hMGJLP0z7kG2k2KFAmLsMMgNHe-mAiSPIouMdBtgm2TUX-1rS05Vw5Jpon0-1V5Z8WM0csRIV864i_N9tRAWmu5RoaajrHEot61dUrt48Aio0opcUvsyGh4CLtO3ZB8Qbwe2Hge73nSCofvhexW41ZpbMFs7FE3Hk2TvhZ-wzXCW5lvrw8MTK-lNEdrqroxf7y-kntmnjBuDeZhxY08cBlXRemjvHtZgfW6vKnE7gng7r_Nk1HK4GHZJ0N7B5Lia-c3k9ChP3ClqDPRXLqLqtFmvXaorfbfLQ1Lyo7VYnsqfxrnfn7UYTedWTsOFm9jJ8wqSXArKhoSx92Y8Bul0Bb2C5T2huK7FvQPgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 02 Jan 2024 21:46:50 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/reporting/captures/ Frame 68C2 2 B
517 B 435ms
434ms XHR
application/json 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/reporting/captures/trtc0limNRYJwhvfi9uRqUFQo0w1?pixelId=trtc0limNRYJwhvfi9uRqUFQo0w1&integrationId=-LOTAsTUT3N4RJrbQ3gp&limit=10
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:51 GMT
via: 1.1 4587dd93b6f56d2b3f35f25ef2cabe70.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P4
x-amzn-requestid: a7e5bb07-c402-4462-bef8-f78ae8aa061b
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: Q7mbxG_aoAMEJ7g=
content-length: 2
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9z5ghZnf0k63qy%2BGAof8f4qgujaza%2BF6Q9Bu1mcaz6KmYOvCm12QxfRKY3SLvEgFDhqbRQLRzaKxfMpGda8KM%2FVS1C%2BwF6Vq0NiIWW8%2FO%2Fz8O5L9QCD6HQ9RJBe67nKEHKrfIRySPOEZJRwj01o"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 83f632739c4004a6-CDG
x-amzn-remapped-date: Tue, 02 Jan 2024 21:46:51 GMT
x-amz-cf-id: LUKxae3vsH7GY2TOBkCJmjo5QEpFoqFdPhYnG9bCMTAMSr6M60Hmtg==
expires: 0

POST
H/1.1 500
Internal Server Error domain Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 68C2 76 B
844 B 121ms
121ms XHR
application/json 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/domain
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 0413a5f9fed3b9faf5e2f489c6f4bc915613232cd9289457e207b891e8075b23

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 02 Jan 2024 21:46:51 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Vary: Origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704232011&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=H35IIZZvLNQGPbstqR864Z1qkqPDa1VeuEtXx0TvaGs%3D"}]}
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cdn.useproof.com
Connection: keep-alive
Content-Length: 76
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704232011&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=H35IIZZvLNQGPbstqR864Z1qkqPDa1VeuEtXx0TvaGs%3D

OPTIONS
H/1.1 204
No Content domain
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 320ms
118ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/domain
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Tue, 02 Jan 2024 21:46:51 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704232011&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=H35IIZZvLNQGPbstqR864Z1qkqPDa1VeuEtXx0TvaGs%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704232011&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=H35IIZZvLNQGPbstqR864Z1qkqPDa1VeuEtXx0TvaGs%3D
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 23 KB
6 KB 58ms
58ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e84ecd347be77f89dc47b2723f3afc033454ee36376d36c6661285044184da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:46:50 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 944
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5772
x-served-by: cache-iad-kiad7000043-IAD, cache-sof1510036-SOF
x-browser-version: 120
last-modified: Thu, 21 Dec 2023 10:51:34 GMT
server: AmazonS3
x-timer: S1704232011.865393,VS0,VE0
etag: "2942ab96d3d0bd16f436ec14f1ff614a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 6720e4af44032721067b9242d77172086ab1880d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 47, 35

GET
H2 200 seg-4-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 276 KB
277 KB 72ms
71ms XHR
video/mp2t 2600:9000:2261:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2261:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 12:35:38 GMT
via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: TXL50-P4
age: 810673
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 139
content-length: 283128
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PFknPHF6f2TtXfPzkg7xcmSwjD6BgITH2tEef0AoBtltq3Kg6MZK0w==
expires: Mon, 23 Dec 2024 12:35:38 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
300 B 125ms
125ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 02 Jan 2024 21:46:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 43ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=0&ssd=1&est=1704232007926&ver=36&isls=true&src=i&invt=3000&msa=15193&rv=1&tim=1704232012490&vi=1704232007925&ri=636f8a5412d131fa8370956172f1affb&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 43ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4564&scd=0&ssd=1&est=1704232007926&ver=36&isls=true&src=i&invt=3000&msa=15193&rv=1&tim=1704232012491&vi=1704232007925&ri=9389ed680048e2f1cf478d836feba8e1&ref=null&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102e4374e08f24b853c51d97120f51%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH231103PM
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 02 Jan 2024 21:46:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

101 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-fps/	1970-01-20 21:48:49	Name: ubpv Value: an%2C6d2c7105-ebae-455a-91f2-47af4209ed5f
.liadm.com/j	1970-01-21 02:59:52	Name: lidid Value: 001ab563-4062-49c2-8687-b1558abf5fe4
go.welldaily.com/	1970-01-20 17:33:56	Name: enc_aff_session_67 Value: ENC039eeb5beba0e929ca60fca3dcaf441b0a0bbe66a16bd08a10573421b6e88c79284c0bae997635bc71f96024751cf18446c950e6ac632b26ae22d66e02c7eb623af2d31a440ca1e9e3d1bad5404bcac18567e68944eea413cba64f3a3aa0df34e3a6837a1f3e574abfdf9e4b06faf920796b9af56623039abd7bb3212e14f90f642cdb41a3
go.welldaily.com/	1970-01-21 02:59:52	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTI5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-20 21:43:04	Name: ubvs Value: 3febca23-11fc-445e-b23b-e86cff01efdd
.upwellness.com/	1970-01-20 17:28:11	Name: ubvt Value: v2%7C3febca23-11fc-445e-b23b-e86cff01efdd%7C6d2c7105-ebae-455a-91f2-47af4209ed5f%3Aan%3Aweighted
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-21 02:59:52	Name: _lc2_fpi Value: f0f26c15fa8f--01hk629dv340fvdat9s1695fes
.upwellness.com/	1970-01-21 02:59:52	Name: _lc2_fpi_meta Value: {%22w%22:1704232007524}
.upwellness.com/	1970-01-20 19:33:28	Name: _gcl_au Value: 1.1.1853931951.1704232008
.criteo.com/	1970-01-21 02:45:28	Name: uid Value: 6da91914-43c7-4768-b40e-de3cb953a4b1
.criteo.com/	1970-01-21 02:45:28	Name: receive-cookie-deprecation Value: 1
.js.ubembed.com/	1970-01-20 17:23:53	Name: __cf_bm Value: fjG7KIGIKxNIDJPLN08K0EOgpFC9gGs13ORYsckbD.c-1704232007-1-AbOZjeLl8uUCQ+MCjkx9j2itCrMfbHQ2GetZxFfEKe0Uh6BJQnd3k9y2YC27s4scdWgZSPMUZxzRtLfWZWu46ZI=
.tiktok.com/	1970-01-21 02:45:28	Name: _ttp Value: 2aPtOHOU8eb9iFSrRrO5MJ6EEUB
.upwellness.com/	1970-01-21 02:59:52	Name: __nbpix_uid Value: 1-ar9rf8ps-lqwvqh9t
.upwellness.com/	1970-01-21 02:53:16	Name: cto_bundle Value: mLTKQF9PNSUyQk9tYVU2bVdNOE9hM0dUdk9KNG00RWhMblYya2tRUkUzJTJGWHprUWZxNUtIM2tESkRQck8xYWRiTVFEVnVOTmdxWVlQczY3Z0xQN3M2Sm5Ha0hKaUdKakU2WkxsNmJkSEpRdDV1eEIxJTJCdiUyQmdEZUN2YTNIRFBua1VyOGxiZGpYTzFUbGVMYkVxQkRUUjI2NXVYZGpxZyUzRCUzRA
.liadm.com/	1970-01-21 02:59:52	Name: lidid Value: 001ab563-4062-49c2-8687-b1558abf5fe4
.mediago.io/	1970-01-21 02:09:28	Name: __mguid_ Value: 746ded220d540eb22lhvbe00lqwvqhd7
.upwellness.com/	1970-01-21 02:59:52	Name: _ga_E56T163DF6 Value: GS1.1.1704232008.1.0.1704232008.0.0.0
.pages.upwellness.com/	1970-01-21 02:09:28	Name: _pin_unauth Value: dWlkPU9UYzFPV0UwT0RFdE5UUmtNQzAwTlRrMExXSmxZVEl0T0RreU5XSTNNR0kwTjJZMQ
.upwellness.com/	1970-01-21 02:45:28	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-21 02:45:28	Name: _ttp Value: reEL--lLEXoMWya7WhtQF7Q_jiA
.pinterest.com/	1970-01-21 02:09:28	Name: ar_debug Value: 1
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: 5A4D7DD3E76FDA018CCC24B94A1FD100
.upwellness.com/	1970-01-21 02:59:52	Name: ucacid Value: 1255510271.415358
.store.upwellness.com/	1970-01-21 02:59:52	Name: ucacid Value: 1255510271.415358
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcQ8hN6R1MGcK301g8av
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcQ8hN6R1MGcK301g8av.n328
.doubleclick.net/	1970-01-21 02:45:28	Name: IDE Value: AHWqTUl4F0YIhTT2gkoEWNUU9asP3c_QkNacFiQgmKBUF87YX-gfE3DHTKj8kBK3
.upwellness.com/	1970-01-21 02:59:52	Name: _ga Value: GA1.2.1887819398.1704232008
.upwellness.com/	1970-01-20 17:25:18	Name: _gid Value: GA1.2.271639312.1704232008
.upwellness.com/	1970-01-20 17:23:52	Name: _dc_gtm_UA-28307243-3 Value: 1
.yahoo.com/	1970-01-21 02:09:49	Name: A3 Value: d=AQABBEiElGUCECPMo-hWmbQc177fnubI9-0FEgEBAQHVlWWeZeAJyiMA_eMAAA&S=AQAAAgqbqCpEsQnMB6pT4m9GSq4
www.clarity.ms/	1970-01-21 02:09:28	Name: CLID Value: ffe97e63912640b18171b755a22ed981.20240102.20250101
.upwellness.com/	1970-01-20 18:08:30	Name: session_id Value: 7e159211-3a5f-4336-b6ad-914b4c9e0a8c
store.upwellness.com/	1970-01-20 17:33:56	Name: AWSALB Value: bK4QBVeFBkSecmE05bngKQPgAsHCbjmyEemDcjkVP612sEJberGikjE4mhH/R1WFu3DyoJ6ZByi0BgDyXj7let//K1YL/MhkZSo0iTTdOIcFphI7xl4RQ8XHkt1y
store.upwellness.com/	1970-01-20 17:33:56	Name: AWSALBCORS Value: bK4QBVeFBkSecmE05bngKQPgAsHCbjmyEemDcjkVP612sEJberGikjE4mhH/R1WFu3DyoJ6ZByi0BgDyXj7let//K1YL/MhkZSo0iTTdOIcFphI7xl4RQ8XHkt1y
.store.upwellness.com/	1970-01-21 02:09:28	Name: UPWEL-ANP Value: 6141
.upwellness.com/	1970-01-21 02:09:28	Name: _clck Value: tf1grq%7C2%7Cfi2%7C0%7C1462
pages.upwellness.com/	1970-01-20 17:23:52	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1704232008421%7D
.unsplash.com/	1970-01-21 02:09:28	Name: ugid Value: 555b034068001e35899cd7b31db564ad5680773
.upwellness.com/	1970-01-20 17:23:53	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 17:23:53	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 17:23:53	Name: _hjSession_795540 Value: eyJpZCI6IjA0MmEzYzYwLTQ1OTItNDgwYy1hNTUxLTA1NjkwNDc3ZDA1MyIsImMiOjE3MDQyMzIwMDg3MjYsInMiOjEsInIiOjAsInNiIjowfQ==
.bing.com/	1970-01-21 02:45:28	Name: MUID Value: 21E7845FBDB469DF0CBE97A5BC3F681B
.upwellness.com/	1970-01-21 02:09:28	Name: _hjSessionUser_795540 Value: eyJpZCI6Ijk1ZDZmNWQwLTEyZWItNTEyZC04M2Q2LWViYzlhZmY3MmU3YyIsImNyZWF0ZWQiOjE3MDQyMzIwMDg3MjUsImV4aXN0aW5nIjp0cnVlfQ==
.upwellness.com/	1970-01-20 17:23:53	Name: _hjAbsoluteSessionInProgress Value: 0
.upwellness.com/	1970-01-20 19:33:28	Name: _fbp Value: fb.1.1704232008741.2573807
.upwellness.com/	1970-01-20 17:25:18	Name: _clsk Value: 17wiax0%7C1704232009155%7C1%7C1%7Cx.clarity.ms%2Fcollect
.bat.bing.com/	1970-01-21 02:45:28	Name: MSPTC Value: pvMG27CabcjbIYHc0Db6IJlF0aB0MO0xrn5iBPVdHE4
.upwellness.com/	1970-01-20 17:25:18	Name: _uetsid Value: 6e650960a9b811ee9cc20bcdc1f7caa8\|xp4fkq\|2\|fi2\|0\|1462
.upwellness.com/	1970-01-21 02:45:28	Name: _uetvid Value: 6e64fc20a9b811eeb8f9594aaa9fb1b3\|16v4zzg\|1704232009432\|1\|1\|bat.bing.com/p/insights/c/x
.adnxs.com/	1970-01-20 19:33:28	Name: uuid2 Value: 4944762894601664460
.media.net/	1970-01-21 02:09:28	Name: visitor-id Value: 3472336099085612000V10
.media.net/	1970-01-20 18:07:04	Name: data-c-ts Value: 1704232010
.media.net/	1970-01-20 18:07:04	Name: data-c Value: k-eKps8JD7oANYE4xDLe-70qqTeQRnIplsBfCLcQ~~3
.c.bing.com/	1970-01-20 17:33:56	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:45:28	Name: SRM_B Value: 21E7845FBDB469DF0CBE97A5BC3F681B
.demdex.net/	1970-01-20 21:43:04	Name: demdex Value: 75148124913757248733466117686573801770
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:45:28	Name: MUID Value: 21E7845FBDB469DF0CBE97A5BC3F681B
.c.clarity.ms/	1970-01-20 17:33:56	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:23:52	Name: ANONCHK Value: 0
.dpm.demdex.net/	1970-01-20 21:43:04	Name: dpm Value: 75148124913757248733466117686573801770
.casalemedia.com/	1970-01-21 02:09:28	Name: CMID Value: ZZSESuQejaRvKX-.yMvmXAAA
.casalemedia.com/	1970-01-20 19:33:28	Name: CMPS Value: 3242
.casalemedia.com/	1970-01-20 19:33:28	Name: CMPRO Value: 3242
exchange.mediavine.com/	1970-01-20 17:44:01	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%226f519c00-a9b8-11ee-b962-c19b955371b2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:44:01	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226f519c00-a9b8-11ee-b962-c19b955371b2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:44:01	Name: am_tokens Value: %7B%22mv_uuid%22%3A%226f519c00-a9b8-11ee-b962-c19b955371b2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:44:01	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226f519c00-a9b8-11ee-b962-c19b955371b2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:44:01	Name: criteo Value: %7B%22id%22%3A%22k-OTy8vpD7oANYE4xDLe-70qqTeQQi7zrC9Fy0bQ%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/	1970-01-20 18:07:04	Name: ayl_visitor Value: ae408b195a075992e3b2e7d264facf39
.amazon-adsystem.com/	1970-01-20 23:56:59	Name: ad-id Value: AzC0ULLvFUYHk3MF8ilcKkU
.amazon-adsystem.com/	1970-01-21 02:59:52	Name: ad-privacy Value: 0
.krxd.net/	1970-01-20 21:43:04	Name: _kuid_ Value: QAyt4cd9
.postrelease.com/	1970-01-21 02:09:28	Name: opt_out Value: 1
.adnxs.com/	1970-01-20 19:33:28	Name: anj Value: dTM7k!M40<F7/.XF']wIg2C$Knkbhs!]tbPl@/D!9hy6]/Cv^aF%Xcg2LP$i7evzYw*z@W0%!^Z:A`3NOCA]O)uclfol)C2Wb(Z+@)'%x)EN8JE8aaEZ]xR'?fv]!63CbLcB9wGzAxY3SgEDIN[l.wL4W1Qw1u_9ow!
.bidswitch.net/	1970-01-21 02:09:28	Name: tuuid Value: 2d375a51-51c1-47b3-98c8-6995de003d88
.bidswitch.net/	1970-01-21 02:09:28	Name: c Value: 1704232010
.bidswitch.net/	1970-01-21 02:09:28	Name: tuuid_lu Value: 1704232010
.tremorhub.com/	1970-01-20 18:07:04	Name: tv_UICR Value: k-B8dUbpD7oANYE4xDLe-70qqTeQSh747rS6t1dg
.tremorhub.com/	1970-01-21 02:09:48	Name: tvid Value: 6e29a5b68f364690ad1afcdd4a3d83e1
.tremorhub.com/	1970-01-21 02:59:52	Name: tv_UIAM Value: 6549d3c8d526432393f242e446fc443e
.adform.net/	1970-01-20 18:08:30	Name: C Value: 1
.adform.net/	1970-01-20 18:50:16	Name: uid Value: 9154305815548015478
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1704232010_1
.serving-sys.com/	1970-01-20 18:07:03	Name: u2 Value: 1e5633eb-8a0b-4bb1-b700-b0e4292c011b4Qc060
.kargo.com/	1970-01-21 02:09:28	Name: ktcid Value: 41a61044-3238-0047-5f6c-5138a300b44c
ads.samba.tv/	1970-01-21 02:55:32	Name: sambapxid Value: 126042d011d874025
.mediarithmics.com/	1970-01-21 02:09:28	Name: mics_vid Value: 65573418266
.mediarithmics.com/	1970-01-21 02:09:28	Name: mics_uaid Value: web:1:d9c0945a-de35-4e7c-b8d0-c450198e27cc
.mediarithmics.com/	1970-01-21 02:09:28	Name: mics_lts Value: 1704232011030
.agkn.com/	1970-01-21 02:09:28	Name: ab Value: 0001%3AZe6kOZuvN%2FbgEklH1TNWRvkXCkA4qh53
.ninthdecimal.com/	1970-01-21 02:09:28	Name: ndat Value: Ch5xh2WUhEtMJAArF11YAg==
.bluekai.com/	1970-01-20 21:45:56	Name: bku Value: b/X99WrWksUF6GWv
.bluekai.com/	1970-01-20 21:45:56	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.ispot.tv/	1970-01-21 02:59:52	Name: pt Value: v2:aae3d8c105eb724451dbaf7619282332d0ecf3392daf4eda708c40929a69e2ba\|921b44f8b4f796378b22d769ca4593439db96a7bcd10d9440f405402e78e9c65
.ads.stickyadstv.com/	1970-01-20 18:07:04	Name: UID Value: 869ba257eb38166ac1c98795e2c793a
.ads.stickyadstv.com/	1970-01-20 17:44:01	Name: uid-bp-30833 Value: SOoyQzDdSsqe-GcXzc_sHA
.semasio.net/	1970-01-21 02:09:28	Name: SEUNCY Value: FE3DD7FDA32CC97A

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/302615157369859?v=2.9.138&r=stable&domain=pages.upwellness.com(Line 132) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://pages.upwellness.com/_ub/static/ts/0eb14ff35dae7c6e6234bddd74f1eb34a4453e4d.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://live-visitor-counts.herokuapp.com/lvc/domain Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.twiago.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.nextdoor.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
amplify.outbrain.com
analytics.pangle-ads.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
builder-assets.unbounce.com
business.newsbreak.com
c.bing.com
c.clarity.ms
c1.adform.net
capi.connatix.com
cdn.js.customerlabs.co
cdn.mediago.io
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
cookie-matching.mediarithmics.com
crb.kargo.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d2cli4kgl5uxre.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
exchange.mediavine.com
fast.wistia.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
lciapi.ninthdecimal.com
live-visitor-counts.herokuapp.com
live.upwellness.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
odr.mookie1.com
pages.upwellness.com
pi.ispot.tv
pipedream.wistia.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
r.casalemedia.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
s.yimg.com
sb.scorecardresearch.com
script.hotjar.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-amazon.ads.yieldmo.com
sync-criteo.ads.yieldmo.com
sync.outbrain.com
sync.rfp.fout.jp
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
views.unsplash.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.imdb.com
x.bidswitch.net
x.clarity.ms
sync.search.spotxchange.com
t.myvisualiq.net
104.18.41.104
13.32.27.60
141.226.228.48
142.250.185.226
142.250.186.34
151.101.0.84
151.101.129.181
151.101.130.132
151.101.65.44
162.19.138.82
172.64.151.101
178.250.1.9
18.159.136.150
18.165.183.66
18.192.29.189
18.199.22.54
18.206.27.123
18.232.255.36
18.64.119.48
18.64.79.18
18.64.79.71
18.66.137.68
18.66.2.12
18.66.2.35
18.66.2.98
18.66.97.49
185.64.191.210
188.65.124.66
198.47.127.19
2.16.238.13
2.23.209.165
20.114.190.119
2001:4860:4802:32::36
212.82.100.181
217.182.178.233
23.192.153.172
23.213.165.149
23.213.165.82
23.32.185.35
2600:1f18:612b:4216:2994:5ad:21a7:a60b
2600:1f18:730:b120:91ea:16b1:565a:949a
2600:9000:2090:9800:8:8845:1500:93a1
2600:9000:20e8:a00:11:9be7:da80:93a1
2600:9000:2261:6800:1e:c86:4140:93a1
2600:9000:2261:8800:1e:c86:4140:93a1
2600:9000:2261:9e00:3:471f:5240:93a1
2606:4700:3034::ac43:a9b0
2606:4700:4400::ac40:944b
2606:4700::6811:190e
2607:ae80:192:1::172
2620:1ec:46::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:809::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::644
2a04:4e42:8e::84
2a06:98c1:3121::3
3.121.221.105
3.122.86.227
3.210.192.5
3.227.60.148
3.69.136.55
3.71.149.231
3.93.168.254
34.117.157.22
34.160.236.64
34.208.151.79
34.241.183.25
34.98.64.218
35.156.188.18
35.186.196.148
35.214.168.80
37.157.5.133
37.157.6.243
37.252.171.52
44.210.34.0
44.226.247.160
52.205.151.245
52.214.3.70
52.222.137.129
52.28.243.58
52.30.133.211
52.31.40.31
52.46.151.131
52.57.138.113
52.58.145.198
52.73.241.111
54.171.3.160
54.192.87.239
54.36.150.182
54.78.158.58
54.78.254.47
68.219.88.97
69.173.144.139
69.173.144.165
70.42.32.191
74.119.119.150
76.223.111.18
77.243.51.121
85.215.5.31
88.221.110.96
88.221.168.23
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29
0413a5f9fed3b9faf5e2f489c6f4bc915613232cd9289457e207b891e8075b23
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e59f8184388cbf7873147d14016ebf88a7f73feb7802e9fe764aa6dedc2809c
0ea0de313cf1b61b3ef60ee3fd482c85613d15618cf426224dfa6e9d8bf99881
0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
11f26143fb46677db3be790033741957ec9545d326a15047d7a8f240ade7aacd
13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d
1531fe2342a287dd1c9945c29736ff407f5466553b8b02412903d4278d8b0f35
199a0f2d3284fc76e206f6facb997c27b6b032ce71bcab18b0575dec7a60730c
1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67
1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062
21b49aa4df68e0dca7a9b7c94e32f09c3ff668e90428c6f39649d0e504c51d80
239c16567028afd60d02bb72dfbcdab8117f251533806e4fedba9b3cdc3845cb
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e84ecd347be77f89dc47b2723f3afc033454ee36376d36c6661285044184da8
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4
30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7
325bfcc01dd0e412b307fba7e4c59ccfd08073aa277d164d3518676f40fb5de3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35f305159240b0e06995ac60649c414dabb9f34326b499f82a6d02bec694f51f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b
3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e59001b9cbf56fe46dfc74fdd200aa576b2a54866c810d70af037e3e7cd5147
3eac7c9ebc00929bc3d9aab5ebcf7ac52a82ad4b8e30b2c6c2d0a4ad85843f29
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3fdcc42d46ed4a5f84796079a87646aa7e47dfea3179ffce9b907f2c6a76215f
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265
44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883
46293e95a7bd293386c828fed3bb95e0d485a7448e62e450ac1437bdd3bea86f
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5
4bf01aab370e2a1d33b3f8d3767ef4ef037ef58fd668ac1cbf66ba48fd2486e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6f8bedd7ca1f6fe78ca248d4d486de032aecf53f09fed283af259a2aa7be25
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc
52cd9531eb68670ee4496393b2903d9966204b1d2e69aefd5c6060317eea3ffb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3
5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6
5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2
64c29bc740bbfc2c6a3ab3e40178c62a805a579f54883a6c862fd5a0a95252b6
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e
6fafe33d4b610d1afe90be0eada1fabafa0c5fef4db35ace6a7d17dd2a61f113
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae
77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
7ced753674d079abea5093bfb7edf6f812f8103efc7c970d30fcd2a92b1911af
7dad22bf4e69d25f1a105f81aff43af98d1948bba3919cc2a97f43b04ac6e93a
7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23
7fded8c8f4b2be9174f3c76544b30ad1fe512c3009e1d613df83d609c708f22a
7ffaf137e3f96e57a4a2000087c199637a467530b17df7bb06b456cc0d9ba5a5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8509a7487f6a65dbc4b594ca4d2970321659ede2ed2098fbe2e7d09df0fa9b59
87260ecf581a44a18ca2165015348383b430e6b77ca0b0ec4a9a3b1ebff57160
89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d
8de0ca263f81792b0a41cc5fe3c2f836b94be44c1c007c06c3145408aaf5e1c5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
938a19aa964680c64c663d113e941222a537fbc54e315382fdc6569bf088ac21
96651608968da2e7610d408f6063410ee5ae3464bd2fc9fdf35d201fff2a0285
97785500fe371f2901afe83c7b4b66a21052445a36f7b0951f582d9856989d81
99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2
9ca47f78bfe366be50333204d368691520ad226a20def37c1750cda66c7c2194
a0149e197633f530e4276ca95494ebb284d366b16130445c582ec88692130602
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5
a37d254a60d0936e5d2e0e42fe90d0386751c137a215017a4cbb9c4e0fc631f4
a6f0aab26135dd5d9b912f40e68acde5db90a17f98dc7cfeed44a37b9c11fec6
a774b19d5173d81cf31cc63eff99b6ee8d9dd29651acfb93efa45f88459421dc
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
af411f7b5aac0f1d44fd90781b4f0319987ce2e9668cb2dcd99975504a0131f0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8af44652e5f6af07beba7fb8f1d527a8526f104b3bc3d4c9d541b858d27972b
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
b8d10991f6da2bcf90c90fbac7d48552546749b319d44c03050c1287fb781416
b968ce63ec18fdd9614dc9c733bdd25211ab6fec9636a351b98fa0870d710905
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
ba13ebeff0124c38e142c1060dfb23ffe2ce2aaef3ed4cf6924f8ce7d93fbc82
ba159a8cda2a65d4942161f16037b985146fa914b4ca51cb662e0ad50f9d3384
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8
bc30276f833574d5bea7b937bb175df80edf44ad7ddf1ea613104fe1478a7304
bc6f46b32f4c086715d6ecb21ffe926596421902dfa99ebd256b79d2fbf065cd
bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90
c0a1a7a0d6b82f94681ec87a0051ca2bd3648cb19ba253212c657c054db101d1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c240a93a46e9bd5a277f88990753d67bf235a800a5ee6023d628e3970ce18537
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5444b48af5940e46bff886e60bba6fc2c1c6705f30a1c8d0577d710fcb9b5b0
c5bab03a0fc8a215b860196499b4ee4848c1c7df0213046d1488324b6781e112
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d0a28a1049f342e532d464553097e93d0e67687915b3e286b4e8c256701bef03
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650
d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38
d67eec3d32fe9e976bce215e97be8e235e61317886815d35a2be9c526cbda798
d6a82e6a71b0b085d39e2b2c0c81edb67be133ebd94a5797b98a10fe6d1dc6df
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62facb1b6c665d1641e89d9b53d3dd264e40dcdf44eb173bfa2c0faaea16a2d
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e9a39f3ef0733d1d12e9ad63ef3fb66b7bf90cca3bad1df8439d064003614457
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f12d4c7c40ae07e622741c09f162cc106459f968b2a3bfae44370357b843b5c7
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb0b3d8be94bbc2eb3863260516c0b4e18c9811c4d1f4ef0f4d85003590b897c
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

pages.upwellness.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

273 Requests

86 %HTTPS

26 %IPv6

85 Domains

130 Subdomains

96 IPs

9 Countries

7425 kBTransfer

12406 kBSize

101 Cookies

0 Outgoing links

Page URL History

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

86 %
HTTPS

26 %
IPv6

85
Domains

130
Subdomains

96
IPs

9
Countries

7425 kB
Transfer

12406 kB
Size

101
Cookies

273 HTTP transactions
3 data transactions