pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786
Effective URL:
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Submission: On May 22 via manual (May 22nd 2023, 1:08:03 pm UTC) from US — Scanned from DE

Summary HTTP 168 Redirects Behaviour Indicators

Summary

This website contacted 72 IPs in 10 countries across 57 domains to perform 168 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.96.162.14 208.96.162.14	22418 (COLOG) (COLOG)
1 1	54.197.164.167 54.197.164.167	14618 (AMAZON-AES) (AMAZON-AES)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
3	13.224.189.14 13.224.189.14	16509 (AMAZON-02) (AMAZON-02)
1 1	23.23.204.175 23.23.204.175	14618 (AMAZON-AES) (AMAZON-AES)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:225... 2600:9000:2250:800:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:b600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	44.210.2.193 44.210.2.193	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:59e::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.239.188.145 44.239.188.145	16509 (AMAZON-02) (AMAZON-02)
8	23.38.98.44 23.38.98.44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f028:16:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	52.222.250.57 52.222.250.57	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.124 108.138.17.124	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	34.213.130.140 34.213.130.140	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
5	13.32.99.67 13.32.99.67	16509 (AMAZON-02) (AMAZON-02)
1	3.211.233.231 3.211.233.231	14618 (AMAZON-AES) (AMAZON-AES)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1 1	2600:1f18:730... 2600:1f18:730:b130:f139:5754:c04e:532b	14618 (AMAZON-AES) (AMAZON-AES)
1	52.70.19.159 52.70.19.159	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.137.31 18.66.137.31	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.69.189.225 3.69.189.225	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.71.253.33 3.71.253.33	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.212.178.201 52.212.178.201	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	99.80.252.1 99.80.252.1	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.70.151.165 3.70.151.165	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:4eaf:fc79:e33b:d580	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.76.13.171 54.76.13.171	16509 (AMAZON-02) (AMAZON-02)
1	52.209.157.144 52.209.157.144	16509 (AMAZON-02) (AMAZON-02)
1	3.140.128.226 3.140.128.226	16509 (AMAZON-02) (AMAZON-02)
2	54.146.248.82 54.146.248.82	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.228.29.235 3.228.29.235	14618 (AMAZON-AES) (AMAZON-AES)
168	72

1 208.96.162.14 (United States) 1 redirects

ASN22418 (COLOG, US)
PTR: mail6.gophercentral.com

ptv.pulsetv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.164.167 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-164-167.compute-1.amazonaws.com

ptv.gophercentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-14.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.204.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com

upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:b600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.210.2.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-2-193.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:59e::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.188.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-188-145.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.38.98.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-44.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f028:16:face:b00c:0:3 (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 52.222.250.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-57.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-124.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.130.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-130-140.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.233.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-233-231.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:f139:5754:c04e:532b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.19.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-19-159.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-31.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.189.225 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-189-225.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.253.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-253-33.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.178.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-178-201.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.252.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-252-1.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.70.151.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-151-165.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:4eaf:fc79:e33b:d580 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.13.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-13-171.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.157.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-157-144.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.140.128.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-128-226.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.248.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-248-82.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.228.29.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-29-235.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	593 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3487 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837 sslwidget.criteo.com — Cisco Umbrella Rank: 1726 widget.us.criteo.com — Cisco Umbrella Rank: 18228 dis.criteo.com — Cisco Umbrella Rank: 575	29 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	600 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 715	173 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 899 trc.taboola.com — Cisco Umbrella Rank: 635 sync-t1.taboola.com — Cisco Umbrella Rank: 1288 trc-events.taboola.com — Cisco Umbrella Rank: 1846	23 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	8 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	334 B
6	google.de www.google.de — Cisco Umbrella Rank: 6080	906 B
6	google.com www.google.com — Cisco Umbrella Rank: 2	906 B
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 109828 io.v2.customerlabs.co — Cisco Umbrella Rank: 136347	198 KB
6	upwellness.com 1 redirects pages.upwellness.com upwellness.com — Cisco Umbrella Rank: 823525 live.upwellness.com store.upwellness.com	63 KB
5	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 22894	121 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 secure.adnxs.com — Cisco Umbrella Rank: 417	4 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2968 tr.outbrain.com — Cisco Umbrella Rank: 2826 sync.outbrain.com — Cisco Umbrella Rank: 737	8 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 63140 api.useproof.com — Cisco Umbrella Rank: 60516	601 KB
3	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	1 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 765	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 343	13 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	8 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2570 rp.liadm.com — Cisco Umbrella Rank: 2164 rp4.liadm.com — Cisco Umbrella Rank: 9311	15 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18613	39 KB
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 230557	200 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 644	878 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1339	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	879 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 633 script.hotjar.com — Cisco Umbrella Rank: 793	73 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	115 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 57228 business.newsbreak.com — Cisco Umbrella Rank: 16065	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6143 flask.nextdoor.com — Cisco Umbrella Rank: 5889	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 717	20 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 9819	51 KB
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 87744	725 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1806	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2169	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4221	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33513	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2297	400 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 660	583 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1306	881 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2616	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 421	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 827	236 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1155	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 358	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1927	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	357 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 315	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 599	804 B
1	gstatic.com www.gstatic.com	390 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 24414	282 B
1	gophercentral.com 1 redirects ptv.gophercentral.com	870 B
1	pulsetv.com 1 redirects ptv.pulsetv.com	124 B
0	clickcertain.com Failed a.clickcertain.com — Cisco Umbrella Rank: 3271 Failed
168	57

	Domain	Requested by
26	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
9	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
8	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
6	www.facebook.com	pages.upwellness.com
6	www.google.de	pages.upwellness.com
6	www.google.com	pages.upwellness.com
5	io.v2.customerlabs.co	cdn.js.customerlabs.co
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
5	googleads.g.doubleclick.net	www.googletagmanager.com
4	trc-events.taboola.com	cdn.taboola.com
3	ct.pinterest.com	s.pinimg.com pages.upwellness.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
3	store.upwellness.com	pages.upwellness.com
3	builder-assets.unbounce.com	pages.upwellness.com
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	sp.analytics.yahoo.com	pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
1	analytics.proofapi.com	cdn.useproof.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	api.useproof.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	flask.nextdoor.com	pages.upwellness.com
1	mug.criteo.com	pages.upwellness.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	script.hotjar.com	static.hotjar.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	events.ub-analytics.com	pages.upwellness.com
1	business.newsbreak.com	static.newsbreak.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	static.hotjar.com	pages.upwellness.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	upwellness.com	1 redirects
1	pages.upwellness.com
1	ptv.gophercentral.com	1 redirects
1	ptv.pulsetv.com	1 redirects
0	a.clickcertain.com Failed
168	83

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
store.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
useproof.com GTS CA 1P5	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
proofapi.com GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh

This page contains 5 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Frame ID: 4AE68447BE45412A8ACC06B116AC1461
Requests: 131 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 9EE47632193ED3770BE34188AC0A9D6E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 865D4775BD542876354E9A68ADC436B0
Requests: 6 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: A65A286F9CC7B876B011D758D6ED9367
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30
Frame ID: 1AE25FD36FDA53F51B25C021B85CCA15
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786 HTTP 302
https://ptv.gophercentral.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786 HTTP 302
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786 Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

168
Requests

91 %
HTTPS

27 %
IPv6

57
Domains

83
Subdomains

72
IPs

10
Countries

3179 kB
Transfer

5968 kB
Size

78
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786 HTTP 302
https://ptv.gophercentral.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786 HTTP 302
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://upwellness.com/services/scripts/jquery/jquery.min.js HTTP 301
https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Request Chain 75

https://rp.liadm.com/j?dtstmp=1684760877448&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1684760877448&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMzoxYjIwOjY6ZjAxMTo6N2U%3D&n3pc=true

Request Chain 94

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wO4iqHx4OW5jbTUyUi9xemoyeG1oNklLTHFxZXl6cm54anpqbWZ1VjYzVUdadEtrdFF5bTliV1RrbFp5MWttQ2JGZzFuSDk4MmorTmdsbytBRVNuV0lmT3hodGpmOVJiYUI3bEZkSDJzOWFrSWJNWkVHRXhZMnhrQWVsVGlnTnduUGhva00vRjBvaU5oSGk4akJUUk9LaWNla1lPMFREVzBQNGJFNnRSN3RLVGc2S1NWQ3JBNHZaWGVqdFAzMFZNV2h5Y2xVemY3dEZrbXp1OWkvdFBFdjJuOWhGQngxVWhmcng4OVF4QmFveW9Dd2F5UWttYy9yaWhLMUtFV3Y4T3gxd2xMQlYrQVo1amlLd3kvcmhIemhkQXk0UT09fA&cppv=2

Request Chain 115

https://sslwidget.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6TndkazVNTUQlMkZicVpOWU1NTGx5WXNsNTlCY05YZ2wwUHRDemlUZE1MbyUyRjdPVDV2OTBjUG5ZRFR5czE1dHlaQTFkcXprVkhCUHglMkJVT1JmYTFVSGpVdmZBWW00cVZZdDloNWtJVTlnY0NaUmtVc2JwRU4xcjNtUmtBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2526sid%253D89933538%2526cnid%253D786&ceid=953b78de-2ff0-46b5-880d-4a768bdb74df&dtycbr=58403 HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6TndkazVNTUQlMkZicVpOWU1NTGx5WXNsNTlCY05YZ2wwUHRDemlUZE1MbyUyRjdPVDV2OTBjUG5ZRFR5czE1dHlaQTFkcXprVkhCUHglMkJVT1JmYTFVSGpVdmZBWW00cVZZdDloNWtJVTlnY0NaUmtVc2JwRU4xcjNtUmtBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2526sid%253D89933538%2526cnid%253D786&ceid=953b78de-2ff0-46b5-880d-4a768bdb74df&dtycbr=58403

Request Chain 125

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-joq-O-VUYfYHKt9vUIlAXpbwhkLVuoGN-qDC7Q&google_cm&google_hm=ay1qb3EtTy1WVVlmWUhLdDl2VUlsQVhwYndoa0xWdW9HTi1xREM3UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-joq-O-VUYfYHKt9vUIlAXpbwhkLVuoGN-qDC7Q&google_gid=CAESEG5V3OirwcrjdaH_r1J-NZY&google_cver=1&google_ula=913071,0

Request Chain 127

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1690752577519948877

Request Chain 128

https://secure.adnxs.com/setuid?entity=52&code=k-PI9JUeVUYfYHKt9vUIlAXpbwhkINcTTV0da6EA HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-PI9JUeVUYfYHKt9vUIlAXpbwhkINcTTV0da6EA

Request Chain 139

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iXGFIuVUYfYHKt9vUIlAXpbwhkIkGtH5SvkvJQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iXGFIuVUYfYHKt9vUIlAXpbwhkIkGtH5SvkvJQ&C=1

Request Chain 140

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=t3iyhfAGfGTxIoD2Si40duOxY85dAjES HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=t3iyhfAGfGTxIoD2Si40duOxY85dAjES

Request Chain 142

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-yoZ6U-VUYfYHKt9vUIlAXpbwhkLu9GUe5a3Yrw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-yoZ6U-VUYfYHKt9vUIlAXpbwhkLu9GUe5a3Yrw

Request Chain 151

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dpoBCuJHo2I7edfLp3XRETHz7Xp9uRKE

Request Chain 152

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=GfLvGJe-UvwbOXAomF6jLH6U8K3M4HV1

Request Chain 156

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448 HTTP 302
https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448 HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

168 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-ps09-nat/
Redirect Chain

https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786
https://ptv.gophercentral.com/?a=7689&oc=117&c=24136&p=r&sid=89933538&cnid=786
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

200 KB
32 KB

78ms
21ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1a1db3ceea6844ec094760009b1b13034ab7ea7b7f977c60c8abfe880f878c04

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 32178
content-location: https://pages.upwellness.com/uc-grplus-ps09-nat/
content-type: text/html; charset=utf-8
date: Mon, 22 May 2023 13:07:56 GMT
etag: "z:67a67f315b644d6faa428a597b4108a8"
link: <https://pages.upwellness.com/uc-grplus-ps09-nat/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: ce8e0f3a-9c23-49fc-a8e9-a0c2b288709f
x-unbounce-variant: z
x-unbounce-visitorid: 67a67f31-5b64-4d6f-aa42-8a597b4108a8

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 233
Content-Type: text/html; charset=utf-8
Date: Mon, 22 May 2023 13:07:56 GMT
Location: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 40ms
7ms Stylesheet
text/css 13.224.189.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-14.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:52:08 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-version-id: Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop: FRA2-C1
age: 5555749
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Mon, 13 Mar 2023 16:18:47 GMT
server: AmazonS3
etag: "15295835030f315ea1ec0147abd5ea63"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: f2rjpVLKCOwkAnCa258lti9bWsF_-5fZuw9NYnUNd2WIgkgY3peubA==

GET
H2

200

jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/
Redirect Chain

https://upwellness.com/services/scripts/jquery/jquery.min.js
https://live.upwellness.com/services/scripts/jquery/jquery.min.js

87 KB
31 KB

456ms
214ms

Script
application/javascript

3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

Redirect headers

expires: Mon, 22 May 2023 13:31:28 GMT
x-gateway-request-id: 95919912c2c696f5b33980f973e369b0
date: Mon, 22 May 2023 13:07:56 GMT
server: Pagely-ARES/1.10.28
x-redirect-by: redirection
x-gateway-skip-cache: 0
content-type: text/html; charset=UTF-8
location: https://live.upwellness.com/services/scripts/jquery/jquery.min.js
x-gateway-cache-key: 0||https|upwellness.com|||/services/scripts/jquery/jquery.min.js
cache-control: max-age=3600
content-length: 0
x-gateway-cache-status: HIT

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 39ms
8ms Script
application/javascript 13.224.189.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-14.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 01:45:55 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-version-id: go6NP.GLZbPC.C716LHmcB2f5hVernjS
x-amz-cf-pop: FRA2-C1
age: 5052122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Mon, 13 Mar 2023 16:18:43 GMT
server: AmazonS3
etag: "047e85385e0a5e3eab26ac2f0f013f96"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0nvNpXBKTYt_GmjbOj3M7iGyxYWQnC7CbDeNyoDlE-OPCfhDwRNNpQ==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 42ms
8ms Script
application/javascript 2600:9000:2250:800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:41:41 GMT
content-encoding: gzip
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 10769176
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: _0hDVnmkJ-mPu6DCEFVYNSmzfi0JRiu9pfDhz-gWRIc5mfsHzxsthg==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 61ms
12ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4818e463cf3948a51fbcce0c955b9b6e9da598d9d7cb55d4ef7909da5722119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:56 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: WAW51-P3
age: 3696
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: FUsdjELgDoEF28A=

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 41ms
8ms Script
application/javascript 2600:9000:225e:b600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:43:04 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 23092
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 3RVzdnOSkgIE3A5rMK01_dbp5xRWTR0kS9AZ5ukD8Ic1BLFiHU0-iA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 153ms
68ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

843fbb3b58dcc35b48b97aa9c436416aeb7925da6f710563cda7947567a6f167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53406
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fedd75c375cca8b4c4d62b6b9cba3c14b6b90d43a21dc9bea115a980bcd3250d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70121
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
77 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86530ab602bc8bb7b5c44567ebcdbb2a8dbd77054654b0f4ff9354dd5645845d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78612
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
15 KB 69ms
29ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

21426b8b0badcd043a67deb91f069fe369e6657156266422357fd549b18fc676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 93ms
91ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1b8858b70870f6e718d735b1a4ab819353de7e2c55a859f96252245a5c81223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71122
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 403 UCInvisibleLink
store.upwellness.com/cgi-bin/ 0
0 393ms
120ms Script
text/html 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-2-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 403 UCAffiliateId
store.upwellness.com/cgi-bin/ 0
0 391ms
118ms Script
text/html 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateId?merchantId=UPWEL
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-2-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 403 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
0 122ms
120ms Script
text/html 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?merchantId=UPWEL&ThemeCode=SF680
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-2-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 main.bundle-85a7477.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 10ms
8ms Script
application/javascript 13.224.189.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-14.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 11 May 2023 04:58:19 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-version-id: TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop: FRA2-C1
age: 979779
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33747
last-modified: Mon, 27 Feb 2023 19:12:56 GMT
server: AmazonS3
etag: "b4081a636463cc60b1faf49e579e8cb9"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SZa2Feb8KCgNr9FlPjxPjuU09abtNUo5oNvg9Wf2D-tGGoyIvDF20Q==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 78ms
30ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R4JW94M6NGJHXXA7
age: 2160311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: l3ERVJm6qFXxk5L5eD6+CSDtAFQx7O9EW4keuLuuWkqieY2ZDu2iGe/KRryjfrfGYdmG0aTIYFs=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbTxDiitZLEtbDMdRuSTBOhKpc2cUrN5rupwHSrEaL2yPgUMPuQgWQ4yUFbuaglMDr3DraiuZ7PdkvTSETUhoKp%2BiTGCuc9kmBAs89oU%2BJ2QwCpUzXHqhsBA7PRpNQjddXlX%2BYGTHPUgY9H%2FtzaJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7cb548fb08c737e6-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 41ms
11ms Script
application/javascript 2a02:26f0:480:59e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:59e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a62387c9826311dd23b686c73af32a3922cbbb087222698947a74301414b87ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "a04e1291e6ed2967f1c0f633fddfe433"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1444

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 72ms
23ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:47 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 8VRWFWC7NAKETNTN
age: 11
x-amz-server-side-encryption: AES256
x-amz-id-2: Bll8JEnCjlXbRjXfkgb0yghfxfUqzfz9lvn+RJJqZCKwWyy2WYmOOqce8/eVOdKdkBjSg9GOYkY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 131ms
107ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 776d687f7c6169f8c44bc73bdfd92eedb28f1e138c1acde42e014b1c84808813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 5dm6oX.sa5TlaM8LyRhlaYusuYHTsapd
content-encoding: gzip
via: 1.1 varnish
date: Mon, 22 May 2023 13:07:57 GMT
x-amz-request-id: KSZTT23XK6CJM8RV
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18353
x-amz-id-2: zqGSs5GBdT0wyE3FkPzyziwCAmubJkzCO9gChvYTFjB5ViG7VeOVEvwCaIjR5z+wWM5akhlsC/A=
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Sun, 21 May 2023 11:11:28 GMT
server: AmazonS3
x-timer: S1684760877.259548,VS0,VE100
etag: "c726b616d36831dee71c2a7cf9bd0d55"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 31ms
7ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:07:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:15 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Mon, 22 May 2023 13:27:57 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 640ms
181ms Script
application/javascript 44.239.188.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.188.145 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-188-145.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Thu, 18 May 2023 23:46:10 GMT
server: istio-envoy
etag: W/"6466b8c2-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 155ms
107ms Script
application/javascript 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0a0f3914bd343453815dd20475084c71bfa20f48f3a85dc72f3c2b95f5732b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 61656283.36fd2354
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 93,23.38.99.108
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=9, inner; dur=2
content-length: 1368
pragma: no-cache
server: nginx
x-tt-logid: 20230522130757C7470E9804704943407A
x-cache-remote: TCP_MISS from a23-48-215-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.48.215.199
x-tt-trace-host: 01caa2bfae2ae533ca073f765b198d7a65abb5ade29a2f13c9a5ff9d90125f712e0a7ed025999dce6bb94dd8c066c6a894b303758c506fd5fe99bae92bbf80a8252694e1d8b3d18341ada6052ce56a5c18958d04775abd1bf0bec84bdd14962f976585629db4d5af25d6c80c799576cf56
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 65ms
8ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1684800000000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Mon, 22 May 2023 03:41:16 GMT
x-amz-cf-pop: FRA60-P3
age: 34044
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: W98b660wbFan4FV77DOrKOeKc-cdCywRnLKBSmCV39NcBDOce04ueA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
66 KB 101ms
100ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

521d21df73c01496a2bfadcaaf127a2813306001227e0ccfdac86f1af8735ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67225
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 156ms
109ms Script
application/javascript 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c8db9f4fb597c1bd63fb88470f891722aa1d06439a47bac047ad6c819e2b6b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 36fd2355
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
content-length: 1482
pragma: no-cache
server: nginx
x-tt-logid: 202305221307572A05A3B87906914914EE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.38.99.108
x-tt-trace-host: 01caa2bfae2ae533ca073f765b198d7a65262ea0c71dc83f935adfd421dd2d1c0e74c86734c948a9166d72b66dfc8cbb5ddf052a1f6f7caeb4710a353fbcda81047f6e22054d8efa1faa1a559796a6711393bed3f749b03ad3aab4d315f7f6a601
expires: Mon, 22 May 2023 13:07:57 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 116ms
33ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 May 2023 13:07:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0reg0CNvC29QFbNAI8lIsx2RVpaYXUjoojMCeqfNkSb1A3akHw7eOIA2ku6yw6T3gnNfVb6Rqt5PvH1ixw2b5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 10 KB
4 KB 62ms
39ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

2a601c6b748d06f6cab3c94fad23dab0ebf31329185b8dc75972d45facad0bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 May 2023 13:07:57 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c7ba80d01b752027c63fd08604302ae2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 92mhl7KIhCI5osktx2VFgJlCaAqa5LD9pHDjlKgU1MI4nng4djcSyw==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 63ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 May 2023 13:07:57 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6AF0C8B9BA81408888767214FA1CDC69 Ref B: FRAEDGE1214 Ref C: 2023-05-22T13:07:57Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 18v50ek-optio-gplay-pattern_100000005801v000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 1 KB
2 KB 32ms
8ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/18v50ek-optio-gplay-pattern_100000005801v000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0edc1b0d3583e816fa8ff3d7337d0775fcbf0a4ddc15e9f88392d304a9a7a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:36 GMT
x-amz-version-id: qh0PiYcWG.hfsdB8WTYVIEs.Nf9BGZjP
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488542
etag: "8ad184737d5deb05b414931744e2530e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1384
x-amz-cf-id: g0-UzUVlSSOAZtcdVX2LubDrNuA1wlnhheYSCmb219FM3t6OqcDi2A==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 8ms
8ms Script
application/javascript 2600:9000:2250:800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 04:47:10 GMT
content-encoding: gzip
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 2881248
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: -7VkogPkHaQGmpf0oZ3n1HTZuSBP_GAZYoDGsZ-4Wb9bMQyAelvLxA==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 52ms
7ms Script
application/javascript 108.138.17.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 845061
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: AJjT30szUdWy1EGC2WpacdsA3DH7Sn2G26bAKl1eQX8cVweixHqaYg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
2 KB 172ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1684760877286&cv=11&fst=1684760877286&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&hn=www.googleadservices.com&frm=0&auid=863381683.1684760877&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caccc7da5ccb8d0650d8305a5d36e124d4516ec51d248cd4d7c8f6f1ce2009ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2e7d404750f9c20d3eaf3f20ca19f0ea44f97ab2bbc7b6a0b6306af14e98ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70131
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
77 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96dc75e5730fe42ab1d2b5a130fc0b9c9efd43293ea6d8dcf6d3368f13d04607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78548
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 110ms
109ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a19a1a49cc23ca2f833cc3660a939f9ce657f9df83ce9211853806158798bed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71158
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 main.b68cecd9.js Show response
s.pinimg.com/ct/lib/ 62 KB
18 KB 8ms
7ms Script
application/javascript 2a02:26f0:480:59e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:59e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a603139b3b85a956beb096a23eb80bad0a19c119df91b618122779fe16bbff91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "c7f9533bd6b4e2008590df3f4d1a5fbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17974

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 536ms
174ms Ping
application/json 34.213.130.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-yi7n6zhn-lhyv4kqm&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&rl=&ts=1684760877231&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20113&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1684800000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.130.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-130-140.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 381ms
92ms Script
application/javascript 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:07:57 GMT
X-TraceId: a41008ad54fb2ea4c31115be3392006a
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 359ms
89ms Image
image/gif 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=04174711392184156&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:07:57 GMT
Cache-Control: no-cache
X-TraceId: aa761b191d8cff24039430ad9015ed16
Content-Length: 53
Content-Type: image/gif;

GET
BLOB 200
OK 57b79a40-75b6-4493-a9bb-af26b266dfe3
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/57b79a40-75b6-4493-a9bb-af26b266dfe3
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 12 KB
1 KB 50ms
9ms Stylesheet
text/css 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

0f367e5fe45efe7405ca02cfe8e804e76bdbd239331d2b998a7a868756acfe02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 424546
x-amzn-requestid: c579315a-4f25-40b7-823a-d1d6658f7f8a
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: FEo_zFwYoAMF7Fg=
content-length: 884
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-6464eecb-6bef375d549652790c9d7c0a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: X0Rq8RD4UZe3TqR79OVkuJUAQdC8dZHDFkNqNpqOUqWBHanjDYxuRg==

GET
H2 200 91f3bcfa-fotolia-224610458-subscription-monthly-m-1_108k05w00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 7 KB
7 KB 15ms
6ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/91f3bcfa-fotolia-224610458-subscription-monthly-m-1_108k05w00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69170ba89d801c5fd5fb33705c5060fc6b8fb78773b4986cecffd8d170ec98e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:42 GMT
x-amz-version-id: EA5MrDxp1ZI0Ag.hb.CeblKDEik.X.mR
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488535
etag: "45ff67f99b8645a206ddf5806a48530b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 6785
x-amz-cf-id: 42_ucP53iUFQM_XfRKOw5awpm7TuIyK4EfUBfLoLer_VOGHqMC-Uzg==

GET
H2 200 0c59db70-turmeric-bombs-for-inflammation-3_10ck0760au07500000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 15 KB
15 KB 20ms
9ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/0c59db70-turmeric-bombs-for-inflammation-3_10ck0760au07500000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91f29bea5b43a0dfe1c5e79aa0ebb5b29185ee673903e5064425bcee4d3fd443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:42 GMT
x-amz-version-id: FRyq3cbsfrMC5idOUNLHtD.2rHEo8xrK
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488535
etag: "8e87ab8a3ffe7eafadfaa0422a83f979"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 14982
x-amz-cf-id: n9U9WHL7FbdLmNWS1SRPsT5D6IjCGvFdc4I5ohTqYsTHtR3exiUjrA==

GET
H2 200 5cee5b1b-turmeric-bombs-for-inflammation-4_10du07v0ag07401s00001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 16 KB
17 KB 20ms
10ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/5cee5b1b-turmeric-bombs-for-inflammation-4_10du07v0ag07401s00001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dac8a8622ac059ca232804102f2ce04c438ad92f8f0d514fe226fee01dcec2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:42 GMT
x-amz-version-id: i0QS5Z7_5LYIwz6GDdPDQHZ9v_opdzcs
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488535
etag: "0bb2486d775da39f670e4cc2026ffd39"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16510
x-amz-cf-id: 1ijS6_aiTgT8j7Ey6aKS23whuyikXOAq8ASFIoqC6Ty251SgwmL2eg==

GET
H2 200 342479cf-turmeric-bombs-for-inflammation-5_10hy0a60av06n04f02701o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 13 KB
13 KB 21ms
11ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/342479cf-turmeric-bombs-for-inflammation-5_10hy0a60av06n04f02701o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 913da565b9955bdc2f199388ba94797a66f2226c510738419d2d3073eda6c56c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:43 GMT
x-amz-version-id: _COd5PXWKhynFvTQD1sxPVmsjiRpBcF2
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488535
etag: "525a45e51d21b19d26824519d9f78629"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 13100
x-amz-cf-id: 6UmhRinP4RRqin-hPk_7B34TtLrpp_uIOPFSdV4BNLCfpQhAagR3Ig==

GET
H2 200 2639beae-fotolia-181521432-subscription-monthly-m-1_109o06g08k06g00c00001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 5 KB
5 KB 21ms
11ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/2639beae-fotolia-181521432-subscription-monthly-m-1_109o06g08k06g00c00001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc41e44715b29eade3653057f6ab83c86e04ff10e7ef848238858df7c5b39cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:43 GMT
x-amz-version-id: czELbgG3RCAewBRmUHh8a3QYUdrFPbA_
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488535
etag: "4efbd038b4c82407b0e63eab024b3960"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4781
x-amz-cf-id: peYR_-h7FREyFQCx07uNNq9RMmMOGPD88X1tDgYrBh6ho5M8pafLFQ==

GET
H2 200 5ba00849-whiteupwellnesslogo_103r01j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 2 KB
2 KB 21ms
12ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/5ba00849-whiteupwellnesslogo_103r01j000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e63176bb96e5f6e117ae553f3a86ee7190458c7e517f3f8a39e4f053c2705689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 00:05:44 GMT
x-amz-version-id: 5TOp.Gsn1fAmpdhpsmfdz3dObvy6hIn2
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 08:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12488534
etag: "281394ac6865b4998b5e00430a64563c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1863
x-amz-cf-id: dVr37CX1OWoc1h6pKe8F7fJ_JOZLZMFZjFCt71rx7AHTRs93zFx2Xg==

GET
H2 200 a442cfb9-adobestock-248731696-1_10mb0ev0mb0c700002o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 42 KB
42 KB 25ms
16ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/a442cfb9-adobestock-248731696-1_10mb0ev0mb0c700002o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32fc2e72b47d8a300fa8eb5408697ec2f90c6f7d330644e3abef0ff9de96e849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: ebI3pEhoYSXbnPZwqOIp4FsjHy6vEhzm
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "5d1ba9cf7cf7aaad187bf0a42c8a82be"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 42710
x-amz-cf-id: nr9GkCWqJqeZMvsnsJGyYs4MWXSmkiDubNqJyR-4lUs_0zGFUyfyCA==

GET
H2 200 941b223d-https-app-unbounce-com-publish-assets-cd5d0481-b443-459b-a30a-be383ab58e5a-20b7305e-triangle-0n40qk000000000000001_100p00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 299 B
693 B 32ms
23ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/941b223d-https-app-unbounce-com-publish-assets-cd5d0481-b443-459b-a30a-be383ab58e5a-20b7305e-triangle-0n40qk000000000000001_100p00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f79f390cafd7bd238b274f05977bf5935c168e37c5501a1388f75bf72f757eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: i7rQY.l3vljgg9u8RPlVkOG75hkVVRMx
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "8d53957c8f746651783aa8b6a7be85e7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 299
x-amz-cf-id: utUaxDqyrz8kdxJsGzJMbvRssqQPgc020zkT_Ix25VTxhYwK61BWCw==

GET
H2 200 6140c901-lr-wh-officephotos-41-1_10920dk04s04s03701x01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 5 KB
5 KB 28ms
19ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/6140c901-lr-wh-officephotos-41-1_10920dk04s04s03701x01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4f5dc653c50337b2771b4aa4409ace646dddffb80485f9eb69d5bfe1d51e035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: PvJSzduoumclblsxWTzBj_kNk2gCUiog
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "6f576af297b0fb3c290d4abeabe522bd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 5042
x-amz-cf-id: gnWv6pfDDjxdHjcsVBV9vdp6GwGbMQL1CuHxD2Jh2HVoBOD-Qrb9FA==

GET
H2 200 642fcdd3-root-featured_10n00c500000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 27 KB
27 KB 28ms
19ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/642fcdd3-root-featured_10n00c500000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a39a58a4003924afe156a6c95e3ada700fb690494e9c5102324505093411577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 14:13:43 GMT
x-amz-version-id: aWr_5uTxSEuS0pzssQww8C5MuJvzaoo5
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 13:46:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4661655
etag: "61a1d5409ef32b9ab65657ebbc03fd09"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27271
x-amz-cf-id: SXZ-hP0R23vesXKoR6XlaX3cjnGO6kHzwLeHjCzSgrHXGJ07JyAaaQ==

GET
H2 200 86ba562c-check-1_100r00z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 502 B
897 B 33ms
25ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/86ba562c-check-1_100r00z000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75acd02f58ac9ece5d30075664b789ddc392d72e8b2ec8d3bb38e446a3142031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: wnelyoP8FUBKjvxZPQIX4B0PNJsy0ppk
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "e9cff8159839d280eba0685354f8c6cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 502
x-amz-cf-id: 7PEt12-J9oafjbEpED4QNunvduhfFz7RKlAFhjuykR-Pr7EqPDWEpA==

GET
H2 200 d2f4dbc0-adobestock-295602074-1_10k50bc00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 51 KB
51 KB 31ms
24ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/d2f4dbc0-adobestock-295602074-1_10k50bc00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6995a036a583b6404c78610fe86cddfe3b66d1b25292ff5cb1817077cd44d53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: tRyOmGA5LWzM7sKzuxlmF1P48aXpYB4h
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "d5f9f531ee6a40591b8e24dc6c262fd7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 52268
x-amz-cf-id: nVPiKVTS_EJrieWbqeDbY5oMcZa-4FyHeNtb_u-gtYPUCYTPw_iXRw==

GET
H2 200 8ec7f92f-numbers-orange_106m03b01b016000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 724 B
1 KB 31ms
23ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8ec7f92f-numbers-orange_106m03b01b016000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db03ddc46040d664c0531d8bc6d2cd0c7fce100b5975a95f8832f8364674f82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: Q29tSbfeG53SotY02uBMBKjFBF_RIr18
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "cb08c98024b99ba99a24a3f9e38e3983"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 724
x-amz-cf-id: M0ytjmDusU7q9pRl03t9sARSp-5BmH8pcDxTcVEKAXVY9JKOVunyww==

GET
H2 200 8ec7f92f-numbers-orange_106m03b01b01601a000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 687 B
1 KB 33ms
25ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8ec7f92f-numbers-orange_106m03b01b01601a000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df9870582e5a92eed652d1815e328b48a9f5a44c00e5a513d11b031d4f015e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: JGg5YNIIXOzr3umVpiZwRW_Ndom9mmsR
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "379a8f48390d4f7761ac8b686eb0287b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 687
x-amz-cf-id: CHBgIQ36dzqlUi-z88VZe3lYqOBWlJB7tO79PQwLq1tAC7_zsAPMXg==

GET
H2 200 8ec7f92f-numbers-orange_106m03b01b01702o000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 792 B
1 KB 33ms
26ms Image
image/png 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8ec7f92f-numbers-orange_106m03b01b01702o000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2f3c8ed4c196a53974d846d262966b179f23137e92679d5fd5ea015b675cfb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: T.7iu51v5RgsdIS_S1q3f_t_bcUgVJam
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "cf46b322f66af467ee44d39e77dd97ea"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 792
x-amz-cf-id: X27doydGy4YlhcSC0JpEVgLlPWYQov8H_oQyQqmZBp9dJmVAAOJOew==

GET
H2 200 ae037011-lr-adobestock-313477569-1_10m20ep0ln0bx00000401o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 18 KB
19 KB 33ms
26ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ae037011-lr-adobestock-313477569-1_10m20ep0ln0bx00000401o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f809211eab38c5a90ec5a3b203bdda302b8b762745ad3769cb01cec798376429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: nncYwJdFuOCPyC9PyAEGBAQ1nk5hKcI9
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "d708eb2a05e94b37d59b01c645d91d97"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 18723
x-amz-cf-id: jPpMNMtWkAEdVavKX5SZK7eboz9McfcYcjRKiALeGjZKbuMJsLtt2A==

GET
H2 200 7c14b2c6-lr-adobestock-273675983-1_10mb0ev0mb0c900000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 62 KB
62 KB 42ms
35ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/7c14b2c6-lr-adobestock-273675983-1_10mb0ev0mb0c900000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08f900d04e68f8fb42f835a013978dbb28f86a28c2b23e2dd28052b84f2a97b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: EjAnPWW.Np21ju9JPxPnaINLQJbjoTO4
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "cc8518212c4fb52c983364171fc6300e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63294
x-amz-cf-id: EXZtpkntKdcm9E-mNXZCD_aPwrG_MiRm_enVIyO8VV7kzqK5I1G8Iw==

GET
H2 200 ad975c08-adobestock-219735387-1_10mb0f80mb0c900000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 49 KB
49 KB 40ms
33ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ad975c08-adobestock-219735387-1_10mb0f80mb0c900000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95a6a09a708909ab28e44dba5416f7e45f63e205d6f97faecaa3343bf1a2e117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: putAUtXzJ..qw6gFLLpCnWH_LiTS.oeW
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "397bf630a3ca0897033c478f3ab3dea7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 49781
x-amz-cf-id: J-QrxsOSSlqRdagxSqvafxRb10SCboSUpzRCidqohVinA87rOvqbIw==

GET
H2 200 dcdb6abc-lr-adobestock-189335797-1_10mb0ew0mb0c800002o01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 59 KB
59 KB 35ms
28ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/dcdb6abc-lr-adobestock-189335797-1_10mb0ew0mb0c800002o01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d40f992c3a9723114d31324eb7473be7c81f2d50efe1c61f33c1538f735b437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: p.uVQaetH7jM5H0heEe3DCCu.G3g_hBc
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "af489889409c122999f7787a646fb24e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 60366
x-amz-cf-id: xbvmYs_1zDVQTWI1q0wXGXrb3qluu0r0w7d_D32OMNQigxkGPidFyg==

GET
H2 200 8052e46a-adobestock-199662534-1_10mb0fw0mb0ca00002y01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 31 KB
31 KB 33ms
27ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8052e46a-adobestock-199662534-1_10mb0fw0mb0ca00002y01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08fcbade4ecc96835d2b65a965f87a53cf9260eb46367a5cc50ccbae04b3f967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: m_ZtcCWwjN322yw6v6PDgizwIj6exWsS
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "a715c66cbdecef4ce0a07cd47fb1b3ff"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 31389
x-amz-cf-id: h4LeA4NNOTJB8Cykv6f6IsCPAp1LAYgY7_U3lSXKXBuSdyPlheffzg==

GET
H2 200 2a6fe355-lr-adobestock-163680576-1_10mb0ew0mb0cb00001901o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 42 KB
43 KB 38ms
32ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/2a6fe355-lr-adobestock-163680576-1_10mb0ew0mb0cb00001901o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ce6dd9a03c037ac1b11a56645ddc7e7dba0ef77446d2061e5ab632c7df85f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: DzIsMSMl30TPsLooBvZFkaLW4FvEUKom
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "e0dd2c87d2d184813b0a139b156bcf28"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 43085
x-amz-cf-id: 3_ZyVaVPk1yaB4iTxbOnWAohLEgqoudIf64ZU1S-QEJXgEjhlR_grA==

GET
H2 200 420da4b3-adobestock-287106953-1_10je08000000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 19 KB
19 KB 33ms
27ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/420da4b3-adobestock-287106953-1_10je08000000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72aaea64bf4db09c0579afa43cba0e0a2e69f6750603a7f47a26a55ff41dc1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: maJbxomYePD1uMyKm2fkTO4Ht5SVyqNG
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "068210d9065bd570c3e2acefd29022f1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 19502
x-amz-cf-id: 8OB355Gv0M-OKc-gZMWHiXdN5Ho1J646odCZP-1BkRqpDXD0jGx8ow==

GET
H2 200 27df1ace-lr-adobestock-34477989-1_10e40aj09s09q00e00e01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 22 KB
22 KB 37ms
31ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/27df1ace-lr-adobestock-34477989-1_10e40aj09s09q00e00e01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1275c580e9deba832cb41884032d45e1b97ec9f2c1ebdba44158bcdd2929bfeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: YbIjDFPQmb7WaBXLFo.3sYC57nRWBX32
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "799d07f9ba80ad20da67b879f9f57cfd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22502
x-amz-cf-id: lpP5NCsGn6QZs4-ReQuEG4brj5143dYjyq1R9QXyn8QznEyApuipdw==

GET
H2 200 771bb92a-lr-adobestock-205438022-2_10hi0bo06j0b805e00001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 20 KB
21 KB 36ms
30ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/771bb92a-lr-adobestock-205438022-2_10hi0bo06j0b805e00001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67f77710fbcb54a2614a1e3d50f4bb43221ba52ad0408873a668166346db4775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 14:11:26 GMT
x-amz-version-id: hhlHHwsCwo2GyLjoal7x0QuCzfg0358C
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 12:47:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12005792
etag: "d74ab3e5675b8b888e0efbf49f1e6f63"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 20901
x-amz-cf-id: mGz8Rzd2_dr2aWMwkWqMoOD67cb_q9UXeypzPyO4cnzz1_0nZ0KDCg==

GET
H2 200 0e88f9ef-v33-grplus-ps21-03162023-450x794_10m70cl0m70ci00000101o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 43 KB
44 KB 40ms
34ms Image
image/jpeg 52.222.250.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/0e88f9ef-v33-grplus-ps21-03162023-450x794_10m70cl0m70ci00000101o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0b4f2d8625ea9dab6286f70ad3aee7928cc6391360a3c885fbf40881d5ecfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:08:39 GMT
x-amz-version-id: 9stUJMTVFy0gq0uNNzFhrElSO2LNwEp3
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 10:29:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5137159
etag: "415e2f586eee1a7590096c89e2580e97"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 44140
x-amz-cf-id: CsBv1znEZO77x8nBvco9SvlB6crwHyfVlQtQUwnFhhW9wnBeIHNkYw==

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 430ms
105ms Image
image/gif 3.211.233.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1684760877359&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=ff8021cf-2f9f-40de-9c87-9ad4533adc6d&dtm=1684760877356&vp=1600x1200&ds=1600x14826&vid=1&sid=faa84c10-6474-4d14-b95f-91f92647c7ef&duid=bb41f6c3-33eb-46f0-bfd2-1120340682b5&uid=67a67f31-5b64-4d6f-aa42-8a597b4108a8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U4ZTBmM2EtOWMyMy00OWZjLWE4ZTktYTBjMmIyODg3MDlmIiwidmFyaWFudElkIjoieiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.233.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-233-231.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9EE4 15 KB
6 KB 49ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 13:07:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 459432
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
362 B 67ms
24ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:19:53 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1Y0Q5ME7P7DV8QAP
age: 2885
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: kG56mrLey+2T6Qg8alGvaymF46xBcL+bowHUXHQD7kgN4Wuls0jt3gyHFblk8f1mRs21wt7fufW7IyIY88JfloJac4BGZ8rC
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
694 B 66ms
24ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:19:53 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1Y0S4D7QJ0M6HKB6
age: 2885
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: 5D+MlGmnSOPuav5MY9zsM48nVAqMY6RdhZEoM5n3yT0rvxwyEfBpCQVGffNq+C8iz9+gvDa6/3UFTGGiw/3vok0T/b3c7bGI
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
768 B 59ms
36ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1684760877426&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pin-unauth: dWlkPVlUazNORGd3WXpZdFlUTTVOQzAwTW1aaExUa3hObUl0WVRaak9HSmxOak16Wm1SaA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Mon, 22 May 2023 13:07:57 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1837374524123477
content-length: 385
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 31ms
14ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1687935
x-amzn-requestid: a6bcac63-31f7-42a7-a795-a3c79ef7e030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcjQEruIAMFoLw=
content-length: 23041
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a7ae-3b8576e93a2a5a7b6e044029
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HSKh-tTSE-7qOylp7He2cpfrsaOlfxt-QTeO48eo1Q62-UvQgUldcg==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 26ms
9ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1688089
x-amzn-requestid: 4f676554-5a99-4f9a-9cda-d41b3fd5a3a1
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcLNGdcIAMFslw=
content-length: 22518
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a714-4646b3b76c5600fb1e3965d7
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: shcbNomvPXNlrnfaQDw6bXctQvIRoROltbquWHkHyaCpvoI9WKeGPw==

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 25 KB
26 KB 24ms
8ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 25372
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 15481823
x-amzn-requestid: 877691e5-3417-4b49-8163-f0c54f281c49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGQESGUNIAMFSjg=
content-length: 25400
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f2d4e-35b3abcf63b80835248cde86
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qe9LgoiSf_oLhisy6rfhbyX1Sy55MDAcr4QZGXjp4qc749KQuGfZow==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1684760877448&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445...
https://rp4.liadm.com/j?dtstmp=1684760877448&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D25544...

13 B
553 B

412ms
100ms

XHR
application/json

52.70.19.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1684760877448&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMzoxYjIwOjY6ZjAxMTo6N2U%3D&n3pc=true

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Server

52.70.19.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-19-159.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
x-pixel-event-id: b5483a84-7784-4bd8-adea-434dd10d6f34
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: ebce04d2bf843618
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 22 May 2023 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1684760877448&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMzoxYjIwOjY6ZjAxMTo6N2U%3D&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: b5c800fdf84c9fba
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
1 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1684760877465&cv=11&fst=1684760877465&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&hn=www.googleadservices.com&frm=0&auid=863381683.1684760877&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed6ca015f5e946a9fd6a0b04837ca2ffa01a1053824f6adb747a8119e1e5a552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
92 B 34ms
33ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b68cecd9%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1684760877484
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1275298211211488
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
2 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1684760877506&cv=11&fst=1684760877506&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&hn=www.googleadservices.com&frm=0&auid=863381683.1684760877&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbfe5525dc2a4bd50e2b63c171b2ffb89ee4aca86ff364c689d0f0a73aeda95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.bd615e91f206bba6c106.js Show response
script.hotjar.com/ 265 KB
68 KB 30ms
8ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bd615e91f206bba6c106.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 262610
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69451
last-modified: Fri, 19 May 2023 12:10:27 GMT
etag: "9426a0fb3ec77e5ad24ce096383ab689"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2P93wfbI-x_n4JlOqqeIH7S4ooVcxqLJCleY7eJsS8UH0fB8nW4RKw==

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 865D 325 B
812 B 418ms
418ms Document
text/html 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7cb548fd8cae37e6-FRA
content-length: 325
content-type: text/html
date: Mon, 22 May 2023 13:07:58 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRZdkGnqAeU7LTFKZIZZO8vHPNIbZn2oNsoUwc3tQ1Vl6T7tg8nijLdSi9kJz5ro485V8DeCAWSshJneDar9MSQa0eRH721tES81sb3uuRGzIfmQizRQ7%2BVUdfunCAPEXrr7VPtJEtv2%2B%2BYxU2QV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: Ro9fRhfRnoOM9kMBzaT8YDwyIrx3FD36rpPpsFPdhTyixhbYKmH0xjTkRbM+EehRxZUwhffPI9I=
x-amz-request-id: SVF80JBCWC5417P0
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
135 B 110ms
110ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 22 May 2023 13:07:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF2C42F4FA8E4797B7C8184CF2B6C300 Ref B: FRAEDGE1214 Ref C: 2023-05-22T13:07:57Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=13ecf11d-9c24-470f-aee1-34b4ef5998c7&sid=abe9b900f8a111edbb78ddddbaad013e&vid=abe9e2c0f8a111ed9c619bccd45f51e7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&r=&lt=1662&evt=pageLoad&sv=1&rn=147492

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 13:07:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99661F459BBC4EDF9E75430A54A2F3D3 Ref B: FRAEDGE1214 Ref C: 2023-05-22T13:07:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 31ms
23ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1684760877627&data=%7B%22id%22%3A398%2C%22ii%22%3A%22%2Fuc-grplus-ps09-nat%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1684760877604%2C%22cv%22%3A%2220230520-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1684760877626%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22tos%22%3A19%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3890946d538c76ad6d23fe22a2d9b4a0cd70c5ce5e9d688e38fd6a377e77b9bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230036-FRA
server: nginx
x-timer: S1684760878.640430,VS0,VE16
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 123ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2022%20May%202023%2013%3A07%3A57%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 122ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.ub-assets.com/fonts/s/opensans/v35/ 47 KB
48 KB 8ms
8ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 48412
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1688320
x-amzn-requestid: 47a12b93-1e08-4c76-a4d4-39b8f1a20c61
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUbnIFoaIAMF50Q=
content-length: 48445
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a62d-0d83f3f16f57a55b34c17982
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ObHw5QJPk5IIGQEmSo5YiXoRMiTei4_tcyPm8QaZ2WBVwRaUWducNw==

GET
H2 200 main.MWI2MzlmMWJmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 10ms
10ms Script
application/javascript 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 36fd2533
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230510203301CDD88B3954031F410482
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017917249a0a29de065612024d68774df9461d782f266ebfa3117de0156a3fb387ffa6b6fecc8a84b4ed6d54ca8a2fe83ef9ed73a0ed5602d82b158de767ed9bb44370f823e96696717c16e7c8d3ceb3bbf9da9ce2b583c5804038d4959d5b8a3b
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 67483

GET
H2 200 main.MWI2MzlmMWJmMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 263 KB
69 KB 17ms
16ms Script
application/javascript 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 365bc498abb21b256de98382645b715d89e2947391f733393a61a7c7861fb69a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 36fd253c
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230510203317D680083EE042DF49D950
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c9f8c1e55e369ec653787af8067c12bdf2aab42fa73ef5d84fa4e0dd2127dee929d80b7cc3d443c081e2eb767a6d6a42079005e6f2b014cb3ce6ce0b804180a902e26816de7115d4ce51c198e0ae365e81
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 70480

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 302 KB
87 KB 36ms
35ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6dc4dbc29927e23aa640dfe5ccba0b8932e6f80fd7e41b2dd80e5707ef466ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 May 2023 13:07:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88877
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oZzr0jPT5+ev96/3pvBiHuAU5GIHsG4nrEqPGQrzWnT0TlNL3z8xlYh07nB5KZqdwv7JyVR3y10eyrgOH/qtHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1684760877715&cv=11&fst=1684760877715&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&hn=www.googleadservices.com&frm=0&auid=863381683.1684760877&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d8c55033061c9ff3c958c72c5be929b9452019e02f8d98664e5571751b79526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 137ms
44ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 13:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 177
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 22 May 2023 15:05:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a350c29135048bdd8cab4ddd7be43b42e7e0d3a77347596f5e4e09db44664108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53365
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:07:57 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 196 KB
197 KB 669ms
604ms Script
binary/octet-stream 18.66.137.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: q7mG7hlker5FRiUNkg8qVdDD2fjHsOUI
date: Mon, 22 May 2023 13:07:59 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 201018
last-modified: Mon, 20 Feb 2023 17:59:47 GMT
server: AmazonS3
etag: "cef37c380b37f6c7fbe85e3594e7f2d8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: HHuu6byegjqXUEiDuCEr9bdOR61xF9CiEBHQpihcBAMB6R9v-gapKA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9EE4
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=wO4iqHx4OW5jbTUyUi9xemoyeG1oNklLTHFxZXl6cm54anpqbWZ1VjYzVUdadEtrdFF5bTliV1RrbFp5MWttQ2JGZzFuSDk4MmorTmdsbytBRVNuV0lmT3hodGpmOVJiYUI3bEZkSDJzOWFrSWJNWkVHRXhZMnhrQWVsVG...

433 B
657 B

83ms
21ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wO4iqHx4OW5jbTUyUi9xemoyeG1oNklLTHFxZXl6cm54anpqbWZ1VjYzVUdadEtrdFF5bTliV1RrbFp5MWttQ2JGZzFuSDk4MmorTmdsbytBRVNuV0lmT3hodGpmOVJiYUI3bEZkSDJzOWFrSWJNWkVHRXhZMnhrQWVsVGlnTnduUGhva00vRjBvaU5oSGk4akJUUk9LaWNla1lPMFREVzBQNGJFNnRSN3RLVGc2S1NWQ3JBNHZaWGVqdFAzMFZNV2h5Y2xVemY3dEZrbXp1OWkvdFBFdjJuOWhGQngxVWhmcng4OVF4QmFveW9Dd2F5UWttYy9yaWhLMUtFV3Y4T3gxd2xMQlYrQVo1amlLd3kvcmhIemhkQXk0UT09fA&cppv=2

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ef15d5eacf9aeea535a7d63cb2e7594d99624aaed7f7067e8e258a6a27d3b557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1527375
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wO4iqHx4OW5jbTUyUi9xemoyeG1oNklLTHFxZXl6cm54anpqbWZ1VjYzVUdadEtrdFF5bTliV1RrbFp5MWttQ2JGZzFuSDk4MmorTmdsbytBRVNuV0lmT3hodGpmOVJiYUI3bEZkSDJzOWFrSWJNWkVHRXhZMnhrQWVsVGlnTnduUGhva00vRjBvaU5oSGk4akJUUk9LaWNla1lPMFREVzBQNGJFNnRSN3RLVGc2S1NWQ3JBNHZaWGVqdFAzMFZNV2h5Y2xVemY3dEZrbXp1OWkvdFBFdjJuOWhGQngxVWhmcng4OVF4QmFveW9Dd2F5UWttYy9yaWhLMUtFV3Y4T3gxd2xMQlYrQVo1amlLd3kvcmhIemhkQXk0UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 374832
content-length: 0
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 151ms
56ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1684760877286&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=567771993&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 149ms
56ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1684760877286&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=567771993&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 148ms
55ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1684760877506&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3956170428&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 125ms
56ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1684760877506&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3956170428&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
455 B 123ms
55ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1684760877465&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3539756402&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
455 B 121ms
55ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1684760877465&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3539756402&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 3 KB
1 KB 26ms
25ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1684760877823&data=%7B%22id%22%3A827%2C%22ii%22%3A%22%2Fuc-grplus-ps09-nat%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1684760877604%2C%22cv%22%3A%2220230520-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1684760877629%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%22%2C%22tos%22%3A22%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dc7d0e1deb1796fa9b6c8c58ca3c7f9766892cd82a70bdda9c2a62aa119c2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230036-FRA
server: nginx
x-timer: S1684760878.876987,VS0,VE19
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
30 KB 19ms
18ms Script
application/javascript 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 36fd25ff
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305102033027B7E57F9D271A3440E0D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a2d8b12e65a8b892d6b1bc8a97add759db2bc6481d77fa754665085103b56575fda461952f90d2d3c843e869bad5964c08552f1d080d40d0c9de571ee7baa15afe7c3fb347e876a328bcc4ce07fe9f35644d83c67568adf532ab2a66c90f40c4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30614

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 138ms
138ms Ping
text/plain 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6ccee74d.36fd2664
date: Mon, 22 May 2023 13:07:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 114,23.38.99.108
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=33, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230522130757B4F84787581BA9B4C943
x-cache-remote: TCP_MISS from a23-48-215-165.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.48.215.165
x-tt-trace-host: 01caa2bfae2ae533ca073f765b198d7a65abb5ade29a2f13c9a5ff9d90125f712ea0510de541401c64687bc4c3f281fa3f26fa272d84f6582791231cef3fe08ebf217680a1810c0b0f7af6bc09f0c7d7973592c930532b01be06a00721c1492421167c0e3bd6c1d1494f6fe46274eadc68
expires: Mon, 22 May 2023 13:07:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 163ms
163ms Ping
text/plain 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6165686a.36fd2665
date: Mon, 22 May 2023 13:07:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 134,23.38.99.108
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=51, inner; dur=44
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230522130757165F5D8A36B07B10C117
x-cache-remote: TCP_MISS from a23-48-215-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.48.215.199
x-tt-trace-host: 01caa2bfae2ae533ca073f765b198d7a65abb5ade29a2f13c9a5ff9d90125f712e0a7ed025999dce6bb94dd8c066c6a8948428774ca2b6d034fe5ccbdb32bd4e1869cc707b77afe8b219a5b8df4435f5a5701984062f708ba1e85dbc74639c06e9a65d7e0f6d317e6fb939d6b7cdb5c01a
expires: Mon, 22 May 2023 13:07:58 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 155ms
155ms Ping
text/plain 23.38.98.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1ff28ac2.36fd2666
date: Mon, 22 May 2023 13:07:58 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-108.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 119,23.38.99.108
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=38, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202305221307575B6D7389ECFDA54611DE
x-cache-remote: TCP_MISS from a23-48-215-207.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.48.215.207
x-tt-trace-host: 01caa2bfae2ae533ca073f765b198d7a65abb5ade29a2f13c9a5ff9d90125f712eccf764e673e6c6651cea3d1a74489e9d896a0c246cd460ac4e8cce8ecfb93195d6b0932cf5d088369bca670f685ab48cb2ecafb8d494ce76a4353a1dc69966e4b99e3f3b0562ac269dc3a532a15cfbd5
expires: Mon, 22 May 2023 13:07:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&rl=&if=false&ts=1684760877927&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684760877922.659944753&it=1684760877684&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:07:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=AdvVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3D_removed_%26sid%3D89933538%26cnid%3D786%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1684760877930&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684760877922.659944753&it=1684760877684&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:07:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=AdvVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1684760877931&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.1.1684760877922.659944753&it=1684760877684&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:07:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1684760877953&cv=11&fst=1684760877953&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&hn=www.googleadservices.com&frm=0&auid=863381683.1684760877&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9370b45c0911351bba306da573a2f5853859b128e42656f09ea66d692992da59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 53ms
52ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1684760877715&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3910739193&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 48ms
48ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1684760877715&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3910739193&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
110 B 214ms
178ms Image
text/plain 44.239.188.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&ndclid=&rf=&sem=&tm=0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.188.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-188-145.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
context-id: 970916de-c94f-4ac2-addb-2f41c710acfa

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-28307243-3&cid=1890261816.1684760878&jid=311156291&gjid=366457271&_gid=1629616473.1684760878&_u=YGBAiEABBAAAAEAAI~&z=1826743767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 May 2023 13:07:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 38ms
37ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1560141978&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=311156291&gjid=366457271&cid=1890261816.1684760878&tid=UA-28307243-3&_gid=1629616473.1684760878&gtm=45He35h0n81M3S986P&z=789684114

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 01:32:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41723
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6T...
https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6T...

8 KB
4 KB

302ms
106ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6TndkazVNTUQlMkZicVpOWU1NTGx5WXNsNTlCY05YZ2wwUHRDemlUZE1MbyUyRjdPVDV2OTBjUG5ZRFR5czE1dHlaQTFkcXprVkhCUHglMkJVT1JmYTFVSGpVdmZBWW00cVZZdDloNWtJVTlnY0NaUmtVc2JwRU4xcjNtUmtBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2526sid%253D89933538%2526cnid%253D786&ceid=953b78de-2ff0-46b5-880d-4a768bdb74df&dtycbr=58403

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

43bcc9b6e4670a44059e1b402921b1578976fe3eb07026f9a17ee55f6b342b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11694508
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6TndkazVNTUQlMkZicVpOWU1NTGx5WXNsNTlCY05YZ2wwUHRDemlUZE1MbyUyRjdPVDV2OTBjUG5ZRFR5czE1dHlaQTFkcXprVkhCUHglMkJVT1JmYTFVSGpVdmZBWW00cVZZdDloNWtJVTlnY0NaUmtVc2JwRU4xcjNtUmtBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2526sid%253D89933538%2526cnid%253D786&ceid=953b78de-2ff0-46b5-880d-4a768bdb74df&dtycbr=58403
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9228218
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-28307243-3&cid=1890261816.1684760878&jid=311156291&_u=YGBAiEABBAAAAEAAI~&z=1047448974

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-28307243-3&cid=1890261816.1684760878&jid=311156291&_u=YGBAiEABBAAAAEAAI~&z=1047448974

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1684760877953&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3090525516&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1684760877953&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3090525516&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 865D 389 KB
390 KB 115ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:16:30 GMT
x-content-type-options: nosniff
age: 157888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398319
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 17:16:30 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 865D 112 KB
112 KB 24ms
24ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CV1196H4T32Y3AQ8
age: 2157913
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: TXex00lNh+1fO9yZP13gWPaow0buSpvumptqiCAHrgG7A9RJb7Ol+7RrnvfWaE3AddxPJ2m8Y6Y=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItD1O1ASauKVaQBafJiahhN0DlF%2BJiTtSMu7E9J833G3IgxipyjCjRhI7zssXpVTz4VhKP6O3woR4M8jUszQ9wK64si14j%2BaUYoygpWRD8w2R0XmuYA6K%2B5EZmxA1SAgw4Y3fqyYEfWpHOL0Tl8d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7cb54900386e37e6-FRA

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 865D 178 B
1 KB 456ms
414ms XHR
application/json 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 178
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 46c69560-1306-493c-b516-956d43c5920a
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: FU1fVH6-IAMF7Bg=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W0Fsue43Zj%2BuNkYFVBiNKcoHBI6PGQDZt18mBl%2FYqp6KBwu4bk1KMWhVHrP9qt6mudGFDr9qWmzqRaXc1crlagrQj6pAoOM%2FZMhtwlUQQDFLkRpZEqnvIgEoDZfnVwoZiS1dZ76DjD3CCD9ILNF"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7cb54902587618fb-FRA
x-amzn-remapped-date: Mon, 22 May 2023 13:07:58 GMT
x-amz-cf-id: QzYKfSkOoGSmsXRtPlHlHaouTpj9t9ytPpYWjp_iPOTuqPTDWhL_OQ==
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 7ms
6ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&rl=&if=false&ts=1684760878429&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=3&o=30&fbp=fb.1.1684760877922.659944753&it=1684760877684&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods&sid=89933538&cnid=786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:07:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame A65A 565 B
426 B 36ms
36ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 22 May 2023 13:07:58 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1679728842251697

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 1AE2
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30

43 B
345 B

9ms
9ms

Image
image/gif

3.69.189.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30
Protocol: H2
Server: 3.69.189.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-189-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-jdriouVUYfYHKt9vUIlAXpbwhkL1ixJLid9ZOQ&expires=30
date: Mon, 22 May 2023 13:07:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1AE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-joq-O-VUYfYHKt9vUIlAXpbwhkLVuoGN-qDC7Q&google_cm&google_hm=ay1qb3EtTy1WVVlmWUhLdDl2VUlsQVhwYndoa0xWdW9HT...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-joq-O-VUYfYHKt9vUIlAXpbwhkLVuoGN-qDC7Q&google_gid=CAESEG5V3OirwcrjdaH_r1J-NZY&google_cver=1&google_ula=913071,0

43 B
369 B

16ms
15ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-joq-O-VUYfYHKt9vUIlAXpbwhkLVuoGN-qDC7Q&google_gid=CAESEG5V3OirwcrjdaH_r1J-NZY&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 833428
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-joq-O-VUYfYHKt9vUIlAXpbwhkLVuoGN-qDC7Q&google_gid=CAESEG5V3OirwcrjdaH_r1J-NZY&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1AE2
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1690752577519948877

43 B
371 B

53ms
16ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1690752577519948877

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1185086
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 22 May 2023 13:07:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.190; 185.213.155.190; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 61e1cd8c-fc83-42d1-8fcb-3dfc291cb33f
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1690752577519948877
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 1AE2
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-PI9JUeVUYfYHKt9vUIlAXpbwhkINcTTV0da6EA
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-PI9JUeVUYfYHKt9vUIlAXpbwhkINcTTV0da6EA

43 B
1 KB

38ms
38ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-PI9JUeVUYfYHKt9vUIlAXpbwhkINcTTV0da6EA

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:07:58 GMT
AN-X-Request-Uuid: 91b01ac1-d7ef-4500-b9bb-f0be3166a8ba
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.190; 185.213.155.190; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:07:58 GMT
AN-X-Request-Uuid: 2650da86-dd5d-4e92-94b2-9181eeee1e33
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-PI9JUeVUYfYHKt9vUIlAXpbwhkINcTTV0da6EA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.190; 185.213.155.190; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 1AE2 61 B
804 B 62ms
38ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-tGR9quVUYfYHKt9vUIlAXpbwhkKGj8xmHwn8Lw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 13:07:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 22 May 2023 13:07:58 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 1AE2 0
239 B 63ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-2ygM6eVUYfYHKt9vUIlAXpbwhkKbVGDuQ5T32g&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 1AE2 0
357 B 47ms
8ms Image
text/plain 3.71.253.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k--d6a2eVUYfYHKt9vUIlAXpbwhkLMi01OWqOVzw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.253.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-253-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1AE2 43 B
163 B 111ms
17ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-qIL02eVUYfYHKt9vUIlAXpbwhkLfDCrEANTuFQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1AE2 0
99 B 112ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-NSXtpeVUYfYHKt9vUIlAXpbwhkJ9EKh8INXtEg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13487

GET
H2 200 um
criteo-sync.teads.tv/ Frame 1AE2 23 B
163 B 72ms
33ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-J1OjLuVUYfYHKt9vUIlAXpbwhkLi68qCq2hesw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Mon, 22 May 2023 13:07:58 GMT
pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 1AE2 37 B
140 B 39ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-gmWCEuVUYfYHKt9vUIlAXpbwhkKDzPabL0dyqg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 1AE2 0
399 B 72ms
14ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-fBGgweVUYfYHKt9vUIlAXpbwhkIhG9ArVUYWrA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 1AE2 43 B
163 B 79ms
20ms Image
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-SNamDOVUYfYHKt9vUIlAXpbwhkJCNna-k4Zkxw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
last-modified: Thu, 11 Apr 2019 06:08:57 GMT
server: nginx
accept-ranges: bytes
etag: "5caed9f9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 1AE2 49 B
236 B 139ms
95ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-1M2SROVUYfYHKt9vUIlAXpbwhkJdyNAzoZ8oVA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:58 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 77
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 1AE2
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iXGFIuVUYfYHKt9vUIlAXpbwhkIkGtH5SvkvJQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iXGFIuVUYfYHKt9vUIlAXpbwhkIkGtH5SvkvJQ&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iXGFIuVUYfYHKt9vUIlAXpbwhkIkGtH5SvkvJQ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:07:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:07:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-iXGFIuVUYfYHKt9vUIlAXpbwhkIkGtH5SvkvJQ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1AE2
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=t3iyhfAGfGTxIoD2Si40duOxY85dAjES
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=t3iyhfAGfGTxIoD2Si40duOxY85dAjES

42 B
942 B

30ms
30ms

Image
image/gif

52.212.178.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=t3iyhfAGfGTxIoD2Si40duOxY85dAjES

Protocol

HTTP/1.1

Server

52.212.178.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-178-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-06c261c56.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IlhnwKSNTRg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0258e02a1.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: budnH9ELTBY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=t3iyhfAGfGTxIoD2Si40duOxY85dAjES
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 1AE2 43 B
1 KB 34ms
7ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-wm6ajuVUYfYHKt9vUIlAXpbwhkL7nqMqdUixwg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 22 May 2023 13:07:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 1AE2
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-yoZ6U-VUYfYHKt9vUIlAXpbwhkLu9GUe5a3Yrw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-yoZ6U-VUYfYHKt9vUIlAXpbwhkLu9GUe5a3Yrw

43 B
448 B

32ms
31ms

Image
image/gif

99.80.252.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-yoZ6U-VUYfYHKt9vUIlAXpbwhkLu9GUe5a3Yrw
Protocol: H2
Server: 99.80.252.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-252-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 May 2023 13:07:58 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-yoZ6U-VUYfYHKt9vUIlAXpbwhkLu9GUe5a3Yrw
access-control-allow-origin: *
date: Mon, 22 May 2023 13:07:58 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 1AE2 42 B
274 B 62ms
23ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-AU1RheVUYfYHKt9vUIlAXpbwhkKYkCeoxyr-qw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:57 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 1AE2 0
881 B 34ms
9ms Image
text/html 3.70.151.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-NWqhueVUYfYHKt9vUIlAXpbwhkI6XWWB587Zng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.151.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-151-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 1AE2 0
145 B 388ms
92ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--bBLReVUYfYHKt9vUIlAXpbwhkKjechVQxWRhQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:07:58 GMT
Cache-Control: no-cache
X-TraceId: c87da7d2540215e07669253f17b97046
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 1AE2 42 B
583 B 69ms
15ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-xa2KoeVUYfYHKt9vUIlAXpbwhkIzHNfhEwr6Ww
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 22 May 2023 13:07:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 1AE2 43 B
400 B 329ms
104ms Image
image/gif 2600:1f18:612b:4216:4eaf:fc79:e33b:d580
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Yd3X3-VUYfYHKt9vUIlAXpbwhkJJ7GUGoXRXUw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:4eaf:fc79:e33b:d580 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 22 May 2023 13:07:58 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 1AE2 43 B
153 B 76ms
25ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-lmoTQeVUYfYHKt9vUIlAXpbwhkKpSb_yES6H7w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 May 2023 13:07:58 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 1AE2 0
400 B 46ms
21ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-_KgChOVUYfYHKt9vUIlAXpbwhkJ7_V2wbU3bnA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:07:58 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 21 May 2023 13:07:58 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 1AE2 0
38 B 155ms
29ms Image
text/plain 54.76.13.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-k39q8OVUYfYHKt9vUIlAXpbwhkJ-5KrJB-nO8g&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.13.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-13-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:58 GMT
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 1AE2
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dpoBCuJHo2I7edfLp3XRETHz7Xp9uRKE

0
338 B

122ms
30ms

Image
text/plain

52.209.157.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dpoBCuJHo2I7edfLp3XRETHz7Xp9uRKE
Protocol: H2
Server: 52.209.157.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-157-144.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Mon, 22 May 2023 13:07:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1684760878
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dpoBCuJHo2I7edfLp3XRETHz7Xp9uRKE
date: Mon, 22 May 2023 13:07:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1121276
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 1AE2
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=GfLvGJe-UvwbOXAomF6jLH6U8K3M4HV1

35 B
268 B

370ms
117ms

Image
image/gif

3.140.128.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=GfLvGJe-UvwbOXAomF6jLH6U8K3M4HV1
Protocol: H2
Server: 3.140.128.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-128-226.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:07:59 GMT
x-bt-requestid: acdc8670-f8a1-11ed-a7ac-0000ac170005
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=GfLvGJe-UvwbOXAomF6jLH6U8K3M4HV1
date: Mon, 22 May 2023 13:07:58 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 788182
content-length: 0

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 440ms
105ms Preflight 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-248-82.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Mon, 22 May 2023 13:07:59 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 865D 0
200 B 107ms
106ms XHR
text/plain 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-248-82.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Mon, 22 May 2023 13:07:59 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 865D 71 B
725 B 182ms
134ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25225caeadc4-23b4-4c41-99a5-1af7562375f0%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2526sid%253D89933538%2526cnid%253D786%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-ps09-nat%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2526sid%253D89933538%2526cnid%253D786%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7a7256a27f6ddb666696446434aacd497b5e6da72c772163188b7998cbdfe593

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:07:59 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"47-/DIEE2RmCNSlT0hgCd3T9vcic4Q"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yM1PIIA4oxwQuqVr4g26PXoTQ3AYQB%2BTRF2nMADJjFsZxPUCU5QheN%2FMZV09lcHvbEWvH%2Fu8Y1iupT9p8xNT0oKIFqm25HAJe2n4CATcd6mG%2BGmVmj7PNyd6XxlkRzosNV%2B2BugdxDLcRr%2FGSDEqo1S8mb95"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7cb5490558359bca-FRA
access-control-allow-headers: X-Requested-With,content-type

GET

/
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448
https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

0
0

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 426ms
160ms Image
application/json 3.228.29.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448&id=cl4975ot4arrr6&uid=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.29.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-29-235.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 95ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1647&scd=0&ssd=1&est=1684760877606&ver=36&isls=true&src=i&invt=1500&msa=13626&rv=1&tim=1684760879254&vi=1684760877604&ri=f0904a01cb6ae138dd827727f8c054c4&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:07:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 94ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1649&scd=0&ssd=1&est=1684760877606&ver=36&isls=true&src=i&invt=1500&msa=13626&rv=1&tim=1684760879256&vi=1684760877604&ri=f22b40e41884b96f5add8a2834360aa5&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:07:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 cl
io.v2.customerlabs.co/ 0
206 B 115ms
114ms Ping
text/plain 3.228.29.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.29.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-29-235.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 May 2023 13:07:59 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 firstVisit
io.v2.customerlabs.co/cl/ 0
206 B 156ms
155ms Ping
text/plain 3.228.29.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.29.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-29-235.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 May 2023 13:07:59 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 cl
io.v2.customerlabs.co/ 0
206 B 115ms
114ms Ping
text/plain 3.228.29.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.29.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-29-235.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 May 2023 13:07:59 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&rl=&if=false&ts=1684760879461&sw=1600&sh=1200&v=2.9.104&r=stable&ec=4&o=30&fbp=fb.1.1684760877922.659944753&it=1684760877684&coo=false&eid=cl4975ot4arrr6510463ee-1453-4d24-b6b7-d6b02656388e&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:07:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786&rl=&if=false&ts=1684760879472&cd[start_time]=2023-05-22T13%3A07%3A59.462Z&cd[customerlabs_user_id]=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448&sw=1600&sh=1200&v=2.9.104&r=stable&ec=5&o=30&fbp=fb.1.1684760877922.659944753&it=1684760877684&coo=false&eid=cl4975ot4arrr6336f56e5-7615-4da1-8bbd-421303953610&tm=2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:07:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 185ms
185ms Image
application/json 3.228.29.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1684760877922.659944753&customerlabs_user_id=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448&id=cl4975ot4arrr6&uid=cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448&t=0&sc=1600%20x%201200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.29.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-29-235.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4651&scd=0&ssd=1&est=1684760877606&ver=36&isls=true&src=i&invt=3000&msa=13626&rv=1&tim=1684760882258&vi=1684760877604&ri=f0904a01cb6ae138dd827727f8c054c4&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:08:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4651&scd=0&ssd=1&est=1684760877606&ver=36&isls=true&src=i&invt=3000&msa=13626&rv=1&tim=1684760882258&vi=1684760877604&ri=f22b40e41884b96f5add8a2834360aa5&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26sid%3D89933538%26cnid%3D786
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:08:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a.clickcertain.com
URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-ps09-nat/	1970-01-20 16:24:18	Name: ubpv Value: z%2Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f
.ptv.gophercentral.com/	1969-12-31 23:59:59	Name: sid Value: dJ54XTt3/HDDFBrLIB8gYymXnWrWSZt5+2ei7Ury9MP7IEZK5tMYzg==
.ptv.gophercentral.com/	1970-01-20 21:35:20	Name: trk Value: RrAHjXVP9ODDFBrLIB8gYymXnWrWSZt5+2ei7Ury9MP7IEZK5tMYzg==
.ptv.gophercentral.com/	1970-01-20 12:00:47	Name: c2 Value: dJ54XTt3/HB8FwVu30Je9iLTBpYa+JyplgJ6TT2iUzaui9FBpiL/8g==
pages.upwellness.com/	1970-01-20 16:18:32	Name: ubvs Value: 67a67f31-5b64-4d6f-aa42-8a597b4108a8
.upwellness.com/	1970-01-20 12:03:40	Name: ubvt Value: v2%7C67a67f31-5b64-4d6f-aa42-8a597b4108a8%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Az%3Asingle
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 21:35:20	Name: _lc2_fpi Value: f0f26c15fa8f--01h11s5p6v9zmk7czgjjvs7n6j
.upwellness.com/	1970-01-20 14:08:56	Name: _gcl_au Value: 1.1.863381683.1684760877
.upwellness.com/	1970-01-20 21:35:20	Name: __nbpix_uid Value: 1-yi7n6zhn-lhyv4kqm
store.upwellness.com/	1970-01-20 12:09:25	Name: AWSALB Value: TceKWx/1ojSDzRuxDYFGoHhmYGZnggq1HmULCrB87g9UWg9Kna+OhsNCa6a7VALTRnK6ZbUpBEThVV2OctfGBWkYgvHTCp3Qu84mhmi1BnwNFFPOFtR/8KkYjRcE
store.upwellness.com/	1970-01-20 12:09:25	Name: AWSALBCORS Value: TceKWx/1ojSDzRuxDYFGoHhmYGZnggq1HmULCrB87g9UWg9Kna+OhsNCa6a7VALTRnK6ZbUpBEThVV2OctfGBWkYgvHTCp3Qu84mhmi1BnwNFFPOFtR/8KkYjRcE
.tiktok.com/	1970-01-20 21:20:56	Name: _ttp Value: 2Q9LVw1UzD1UXy8wB8ifay9L0qs
.criteo.com/	1970-01-20 21:20:56	Name: uid Value: 7f4ea276-4573-469f-8f67-f65c4baf8257
.upwellness.com/	1970-01-20 12:00:47	Name: _uetsid Value: abe9b900f8a111edbb78ddddbaad013e
.upwellness.com/	1970-01-20 21:20:56	Name: _uetvid Value: abe9e2c0f8a111ed9c619bccd45f51e7
.doubleclick.net/	1970-01-20 21:20:56	Name: IDE Value: AHWqTUmNHLUHMhvV3HM0vY47AiZvROBAbFhz91iugdjVJ9LWe7HV5p79JMo1LxNi
.bing.com/	1970-01-20 21:20:56	Name: MUID Value: 1D2C44D23560618D2E3E57CB34B260AA
.pages.upwellness.com/	1970-01-20 20:44:56	Name: _pin_unauth Value: dWlkPVlUazNORGd3WXpZdFlUTTVOQzAwTW1aaExUa3hObUl0WVRaak9HSmxOak16Wm1SaA
pages.upwellness.com/	1970-01-20 11:59:21	Name: outbrain_cid_fetch Value: true
.yahoo.com/	1970-01-20 20:45:18	Name: A3 Value: d=AQABBC1pa2QCEMSmNcMWrFc9PMSI8ruR5V4FEgEBAQG6bGR1ZOANyiMA_eMAAA&S=AQAAAp_xaBzzD7swQ2VqYdkSOFA
.upwellness.com/	1970-01-20 20:44:56	Name: _hjSessionUser_795540 Value: eyJpZCI6ImRiYjAxYjY1LTNhYTgtNThjZS1hYzcyLTUxYTViYjc1OGE1YiIsImNyZWF0ZWQiOjE2ODQ3NjA4Nzc4MDksImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 11:59:22	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 11:59:20	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 11:59:22	Name: _hjSession_795540 Value: eyJpZCI6ImRmY2RjNzI2LWY2NzQtNDAwYS1hODFlLThlYTVlMDA4YzcxMiIsImNyZWF0ZWQiOjE2ODQ3NjA4Nzc4MjAsImluU2FtcGxlIjp0cnVlfQ==
.upwellness.com/	1970-01-20 11:59:22	Name: _hjAbsoluteSessionInProgress Value: 0
.liadm.com/	1970-01-20 21:35:20	Name: lidid Value: 58ddf285-9bae-41f2-be59-af3f79123b42
.upwellness.com/	1970-01-20 21:20:56	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-20 21:20:56	Name: _ttp Value: iT8q0XhrtdT5NMlFmQz5hi3j8vM
.upwellness.com/	1970-01-20 14:08:56	Name: _fbp Value: fb.1.1684760877922.659944753
.upwellness.com/	1970-01-20 21:35:20	Name: _ga Value: GA1.2.1890261816.1684760878
.upwellness.com/	1970-01-20 12:00:47	Name: _gid Value: GA1.2.1629616473.1684760878
.upwellness.com/	1970-01-20 11:59:20	Name: _dc_gtm_UA-28307243-3 Value: 1
.upwellness.com/	1970-01-20 21:28:44	Name: cto_bundle Value: wgrT1F9PdUJ3OE9wazNqR2ZoYUJyRCUyQmN6T2poWHZHZ2ElMkZ6TndkazVNTUQlMkZicVpOWU1NTGx5WXNsNTlCY05YZ2wwUHRDemlUZE1MbyUyRjdPVDV2OTBjUG5ZRFR5czE1dHlaQTFkcXprVkhCUHglMkJVT1JmYTFVSGpVdmZBWW00cVZZdDloNWtJVTlnY0NaUmtVc2JwRU4xcjNtUmtBJTNEJTNE
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: Direct
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1684760878438
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr62da71923-d175-4d32-b94a-fc32aca3d448
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_sid Value: CL-04c37f63-fc4e-4479-b3e5
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr640137aca-a65d-43bd-913a-7428cd6bcb1b
.adnxs.com/	1970-01-20 14:08:56	Name: uuid2 Value: 1690752577519948877
.bidswitch.net/	1970-01-20 20:44:56	Name: tuuid Value: af961cd8-8a3d-4946-bfad-10e667c95cc8
.bidswitch.net/	1970-01-20 20:44:56	Name: c Value: 1684760878
.bidswitch.net/	1970-01-20 20:44:56	Name: tuuid_lu Value: 1684760878
match.sharethrough.com/	1970-01-20 12:09:25	Name: AWSALBCORS Value: LEJ37xYRlm0phWyctgQlVWCr4QJtN2JCS0bhtm8mrFoAdXfOLsYSQceJThnwjiVSRMJn25onu1XNApxO6hpytMuK1K0p8RofNN7ZP4SSC42wLtDTq2iIswguvxmE
.media.net/	1970-01-20 20:44:56	Name: visitor-id Value: 3277624788399821000V10
.media.net/	1970-01-20 12:42:32	Name: data-c-ts Value: 1684760878
.media.net/	1970-01-20 12:42:32	Name: data-c Value: k-tGR9quVUYfYHKt9vUIlAXpbwhkKGj8xmHwn8Lw~~3
.adnxs.com/	1970-01-20 14:08:56	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>7frIW$!]tbPl@/D!9hy6]/Cr.Fj)bf)5YVB2cmTOe6PwH4[Q8I.O:MNl]Dk=/YGWZ013wj?127Z`B[bebpRzqF1`bc*2+]VQ+
.id5-sync.com/	1970-01-20 11:59:21	Name: cf Value:
.id5-sync.com/	1970-01-20 11:59:21	Name: cip Value:
.id5-sync.com/	1970-01-20 11:59:21	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:59:21	Name: car Value:
.id5-sync.com/	1970-01-20 11:59:21	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:59:21	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 20:44:56	Name: IDSYNC Value: 18zh~2bsd
exchange.mediavine.com/	1970-01-20 12:19:30	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ac8a20b0-f8a1-11ed-a8fa-13c8e7f383a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ac8a20b0-f8a1-11ed-a8fa-13c8e7f383a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ac8a20b0-f8a1-11ed-a8fa-13c8e7f383a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ac8a20b0-f8a1-11ed-a8fa-13c8e7f383a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: criteo Value: %7B%22id%22%3A%22k-NWqhueVUYfYHKt9vUIlAXpbwhkI6XWWB587Zng%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 20:44:56	Name: CMID Value: ZGtpLpqqMkdVsnhDnq4tWwAA
.casalemedia.com/	1970-01-20 14:08:56	Name: CMPS Value: 2214
.casalemedia.com/	1970-01-20 14:08:56	Name: CMPRO Value: 2214
.demdex.net/	1970-01-20 16:18:32	Name: demdex Value: 30092989089788910014065931817535172287
.pubmatic.com/	1970-01-20 12:42:32	Name: KRTBCOOKIE_97 Value: 3385-uid:k-xa2KoeVUYfYHKt9vUIlAXpbwhkIzHNfhEwr6Ww&KRTB&23144-uid:k-xa2KoeVUYfYHKt9vUIlAXpbwhkIzHNfhEwr6Ww&KRTB&23286-uid:k-xa2KoeVUYfYHKt9vUIlAXpbwhkIzHNfhEwr6Ww&KRTB&23287-uid:k-xa2KoeVUYfYHKt9vUIlAXpbwhkIzHNfhEwr6Ww
.pubmatic.com/	1970-01-20 12:42:32	Name: PugT Value: 1684760877
.dpm.demdex.net/	1970-01-20 16:18:32	Name: dpm Value: 30092989089788910014065931817535172287
.360yield.com/	1970-01-20 14:08:56	Name: tuuid Value: 0c2ea096-268c-4200-a751-514312cf21e1
.360yield.com/	1970-01-20 14:08:56	Name: tuuid_lu Value: 1684760878
.360yield.com/	1970-01-20 14:08:56	Name: um Value: !38,.ZuVLzZ0ZJ.Lu1HBco8adVpDWc1MyTsnxdq7RJgYPFi4l.w6RjaAvzTwZJzsT599UUkxkApR,1692536878
.360yield.com/	1970-01-20 14:08:56	Name: umeh Value: !38,0,1746968878,-1
.krxd.net/	1970-01-20 16:18:32	Name: _kuid_ Value: PkdU5NuP
.tremorhub.com/	1970-01-20 20:45:17	Name: tvid Value: c267cc5750e641f19208800c78606504
.tremorhub.com/	1970-01-20 12:42:32	Name: tv_UICR Value: k-Yd3X3-VUYfYHKt9vUIlAXpbwhkJJ7GUGoXRXUw
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1684762679466
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_eidsTracked Value: true
a.clickcertain.com/	1970-01-20 20:44:56	Name: _ccpx_u Value: 0497395a%2d4b8f%2d48b9%2dad30%2d00d3b624ea75

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://store.upwellness.com/cgi-bin/UCAffiliateId?merchantId=UPWEL Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?merchantId=UPWEL&ThemeCode=SF680 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
ads.nextdoor.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
builder-assets.unbounce.com
business.newsbreak.com
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
events.ub-analytics.com
exchange.mediavine.com
flask.nextdoor.com
fonts.ub-assets.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
io.v2.customerlabs.co
live-visitor-counts.herokuapp.com
live.upwellness.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pages.upwellness.com
pixel.rubiconproject.com
ptv.gophercentral.com
ptv.pulsetv.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.pinimg.com
s.thebrighttag.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
upwellness.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
a.clickcertain.com
104.102.35.84
108.138.17.124
13.224.189.14
13.248.245.213
13.32.99.21
13.32.99.67
141.226.228.48
141.95.98.64
142.250.186.98
151.101.0.84
151.101.1.44
151.101.129.131
178.250.1.11
178.250.1.9
178.250.7.11
18.66.137.31
18.66.97.53
185.255.84.153
185.64.189.110
185.80.39.216
185.86.138.155
2.18.235.93
208.96.162.14
212.82.100.181
23.215.16.120
23.23.204.175
23.32.185.60
23.38.98.44
2600:1f18:612b:4216:4eaf:fc79:e33b:d580
2600:1f18:730:b130:f139:5754:c04e:532b
2600:9000:2250:800:1d:11cf:5800:93a1
2600:9000:225e:b600:8:8845:1500:93a1
2606:4700:3034::ac43:a9b0
2606:4700:3035::6815:2f0c
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0b::9c
2a02:2638:3::c
2a02:2638:d::10
2a02:26f0:480:59e::1931
2a03:2880:f028:16:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
3.126.202.50
3.140.128.226
3.211.233.231
3.228.29.235
3.69.189.225
3.70.151.165
3.71.253.33
3.75.62.37
3.93.168.254
34.117.157.22
34.213.130.140
37.157.6.241
37.252.171.84
37.252.172.123
44.210.2.193
44.239.188.145
52.209.157.144
52.212.178.201
52.222.236.63
52.222.250.57
52.70.19.159
54.146.248.82
54.197.164.167
54.76.13.171
69.173.144.139
70.42.32.31
74.119.119.150
85.215.5.31
99.80.252.1
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08f900d04e68f8fb42f835a013978dbb28f86a28c2b23e2dd28052b84f2a97b6
08fcbade4ecc96835d2b65a965f87a53cf9260eb46367a5cc50ccbae04b3f967
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f367e5fe45efe7405ca02cfe8e804e76bdbd239331d2b998a7a868756acfe02
1275c580e9deba832cb41884032d45e1b97ec9f2c1ebdba44158bcdd2929bfeb
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1a1db3ceea6844ec094760009b1b13034ab7ea7b7f977c60c8abfe880f878c04
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d8c55033061c9ff3c958c72c5be929b9452019e02f8d98664e5571751b79526
21426b8b0badcd043a67deb91f069fe369e6657156266422357fd549b18fc676
2a601c6b748d06f6cab3c94fad23dab0ebf31329185b8dc75972d45facad0bee
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fc2e72b47d8a300fa8eb5408697ec2f90c6f7d330644e3abef0ff9de96e849
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
365bc498abb21b256de98382645b715d89e2947391f733393a61a7c7861fb69a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3890946d538c76ad6d23fe22a2d9b4a0cd70c5ce5e9d688e38fd6a377e77b9bd
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
43bcc9b6e4670a44059e1b402921b1578976fe3eb07026f9a17ee55f6b342b6d
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
521d21df73c01496a2bfadcaaf127a2813306001227e0ccfdac86f1af8735ce0
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
67f77710fbcb54a2614a1e3d50f4bb43221ba52ad0408873a668166346db4775
69170ba89d801c5fd5fb33705c5060fc6b8fb78773b4986cecffd8d170ec98e3
6995a036a583b6404c78610fe86cddfe3b66d1b25292ff5cb1817077cd44d53b
6a39a58a4003924afe156a6c95e3ada700fb690494e9c5102324505093411577
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6df9870582e5a92eed652d1815e328b48a9f5a44c00e5a513d11b031d4f015e0
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
72aaea64bf4db09c0579afa43cba0e0a2e69f6750603a7f47a26a55ff41dc1cd
75acd02f58ac9ece5d30075664b789ddc392d72e8b2ec8d3bb38e446a3142031
776d687f7c6169f8c44bc73bdfd92eedb28f1e138c1acde42e014b1c84808813
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f
7a7256a27f6ddb666696446434aacd497b5e6da72c772163188b7998cbdfe593
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843fbb3b58dcc35b48b97aa9c436416aeb7925da6f710563cda7947567a6f167
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
86530ab602bc8bb7b5c44567ebcdbb2a8dbd77054654b0f4ff9354dd5645845d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ce6dd9a03c037ac1b11a56645ddc7e7dba0ef77446d2061e5ab632c7df85f73
8dc7d0e1deb1796fa9b6c8c58ca3c7f9766892cd82a70bdda9c2a62aa119c2e4
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
913da565b9955bdc2f199388ba94797a66f2226c510738419d2d3073eda6c56c
91f29bea5b43a0dfe1c5e79aa0ebb5b29185ee673903e5064425bcee4d3fd443
9370b45c0911351bba306da573a2f5853859b128e42656f09ea66d692992da59
95a6a09a708909ab28e44dba5416f7e45f63e205d6f97faecaa3343bf1a2e117
96dc75e5730fe42ab1d2b5a130fc0b9c9efd43293ea6d8dcf6d3368f13d04607
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9d40f992c3a9723114d31324eb7473be7c81f2d50efe1c61f33c1538f735b437
9dac8a8622ac059ca232804102f2ce04c438ad92f8f0d514fe226fee01dcec2e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19a1a49cc23ca2f833cc3660a939f9ce657f9df83ce9211853806158798bed7
a350c29135048bdd8cab4ddd7be43b42e7e0d3a77347596f5e4e09db44664108
a603139b3b85a956beb096a23eb80bad0a19c119df91b618122779fe16bbff91
a62387c9826311dd23b686c73af32a3922cbbb087222698947a74301414b87ba
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f5dc653c50337b2771b4aa4409ace646dddffb80485f9eb69d5bfe1d51e035
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
b6dc4dbc29927e23aa640dfe5ccba0b8932e6f80fd7e41b2dd80e5707ef466ab
b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc41e44715b29eade3653057f6ab83c86e04ff10e7ef848238858df7c5b39cbd
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c0a0f3914bd343453815dd20475084c71bfa20f48f3a85dc72f3c2b95f5732b2
c0b4f2d8625ea9dab6286f70ad3aee7928cc6391360a3c885fbf40881d5ecfcf
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4818e463cf3948a51fbcce0c955b9b6e9da598d9d7cb55d4ef7909da5722119
c8db9f4fb597c1bd63fb88470f891722aa1d06439a47bac047ad6c819e2b6b25
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caccc7da5ccb8d0650d8305a5d36e124d4516ec51d248cd4d7c8f6f1ce2009ef
cbfe5525dc2a4bd50e2b63c171b2ffb89ee4aca86ff364c689d0f0a73aeda95c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
db03ddc46040d664c0531d8bc6d2cd0c7fce100b5975a95f8832f8364674f82b
e1b8858b70870f6e718d735b1a4ab819353de7e2c55a859f96252245a5c81223
e2f3c8ed4c196a53974d846d262966b179f23137e92679d5fd5ea015b675cfb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63176bb96e5f6e117ae553f3a86ee7190458c7e517f3f8a39e4f053c2705689
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ed6ca015f5e946a9fd6a0b04837ca2ffa01a1053824f6adb747a8119e1e5a552
ef15d5eacf9aeea535a7d63cb2e7594d99624aaed7f7067e8e258a6a27d3b557
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0edc1b0d3583e816fa8ff3d7337d0775fcbf0a4ddc15e9f88392d304a9a7a35
f2e7d404750f9c20d3eaf3f20ca19f0ea44f97ab2bbc7b6a0b6306af14e98ade
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f79f390cafd7bd238b274f05977bf5935c168e37c5501a1388f75bf72f757eb8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f809211eab38c5a90ec5a3b203bdda302b8b762745ad3769cb01cec798376429
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fedd75c375cca8b4c4d62b6b9cba3c14b6b90d43a21dc9bea115a980bcd3250d

pages.upwellness.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

91 %HTTPS

27 %IPv6

57 Domains

83 Subdomains

72 IPs

10 Countries

3179 kBTransfer

5968 kBSize

78 Cookies

0 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

91 %
HTTPS

27 %
IPv6

57
Domains

83
Subdomains

72
IPs

10
Countries

3179 kB
Transfer

5968 kB
Size

78
Cookies

168 HTTP transactions
1 data transactions