pages.upwellness.com Open in urlscan Pro
172.64.153.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.welldaily.com/aff_c?offer_id=67&aff_id=199&aff_sub=AJK062424
Effective URL:
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_...
Submission: On June 22 via api (June 22nd 2024, 1:10:53 am UTC) from US — Scanned from DE

Summary HTTP 212 Redirects Behaviour Indicators

Summary

This website contacted 82 IPs in 10 countries across 60 domains to perform 212 HTTP transactions. The main IP is 172.64.153.235, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.210.234.44 52.210.234.44	16509 (AMAZON-02) (AMAZON-02)
4	172.64.153.235 172.64.153.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.28 13.224.189.28	16509 (AMAZON-02) (AMAZON-02)
1	104.18.39.181 104.18.39.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:275... 2600:9000:275d:9c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a04:4e42::644 2a04:4e42::644	54113 (FASTLY) (FASTLY)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	52.71.241.246 52.71.241.246	14618 (AMAZON-AES) (AMAZON-AES)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:f50... 2a02:26f0:f500:4a3::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	23.49.23.62 23.49.23.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.201.114.42 54.201.114.42	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.30 13.32.27.30	16509 (AMAZON-02) (AMAZON-02)
5	23.36.79.34 23.36.79.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
39	3.160.156.17 3.160.156.17	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:4ba7:5b34:86e8:a7d1	14618 (AMAZON-AES) (AMAZON-AES)
1	52.202.134.190 52.202.134.190	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.26.11 108.138.26.11	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
3	64.74.236.95 64.74.236.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.137.31 18.66.137.31	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.83.134.44 35.83.134.44	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	3.255.41.64 3.255.41.64	16509 (AMAZON-02) (AMAZON-02)
4	23.195.255.69 23.195.255.69	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
1 1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 7	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	13.32.99.41 13.32.99.41	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:211... 2600:9000:211e:f800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
13	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.60 13.32.27.60	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::19 2a02:2638:3::19	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.214.168.80 35.214.168.80	15169 (GOOGLE) (GOOGLE)
2 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:2240:f600:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	91.134.110.137 91.134.110.137	16276 (OVH) (OVH)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	54.171.118.212 54.171.118.212	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	34.252.94.32 34.252.94.32	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.195.254.55 23.195.254.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.28.199.32 52.28.199.32	16509 (AMAZON-02) (AMAZON-02)
1	100.22.10.94 100.22.10.94	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.196.133.194 18.196.133.194	16509 (AMAZON-02) (AMAZON-02)
1	23.195.255.234 23.195.255.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4216:ada6:3be7:f947:657b	14618 (AMAZON-AES) (AMAZON-AES)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	2.20.160.190 2.20.160.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.242.166.188 34.242.166.188	16509 (AMAZON-02) (AMAZON-02)
1	35.156.11.56 35.156.11.56	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
1	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	18.173.205.63 18.173.205.63	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	23.23.204.175 23.23.204.175	14618 (AMAZON-AES) (AMAZON-AES)
212	82

1 52.210.234.44 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-234-44.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.153.235 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-28.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.39.181 (None, )

ASN13335 (CLOUDFLARENET, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:9c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.241.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-241-246.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f500:4a3::1931 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.49.23.62 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-23-62.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.114.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-114-42.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-30.fra56.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.79.34 (Oslo, Norway)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-79-34.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 3.160.156.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-17.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4ba7:5b34:86e8:a7d1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.134.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-134-190.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-11.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-31.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.134.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-134-44.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.195.255.69 (Oslo, Norway)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-255-69.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-41.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211e:f800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-60.fra56.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2240:f600:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.110.137 (France)

ASN16276 (OVH, FR)
PTR: ip137.ip-91-134-110.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.118.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-118-212.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.94.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-94-32.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.254.55 (Oslo, Norway)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-254-55.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.199.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-199-32.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.22.10.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-22-10-94.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.133.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-133-194.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.255.234 (Oslo, Norway)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-255-234.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:ada6:3be7:f947:657b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.160.190 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-160-190.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.166.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-166-188.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.11.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-11-56.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.230 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-63.fra56.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.204.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com

www.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	cloudfront.net d9hhrg4mnvzow.cloudfront.net	2 MB
24	wistia.com fast.wistia.com — Cisco Umbrella Rank: 6775 embed-ssl.wistia.com — Cisco Umbrella Rank: 12593 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 10340 distillery.wistia.com — Cisco Umbrella Rank: 10149	3 MB
17	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844 psb.taboola.com — Cisco Umbrella Rank: 6802 trc.taboola.com — Cisco Umbrella Rank: 711 trc-events.taboola.com — Cisco Umbrella Rank: 2315 sync-t1.taboola.com — Cisco Umbrella Rank: 1768	27 KB
10	upwellness.com pages.upwellness.com live.upwellness.com store.upwellness.com www.upwellness.com	110 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 r.clarity.ms — Cisco Umbrella Rank: 7784 c.clarity.ms — Cisco Umbrella Rank: 1434	29 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	720 KB
7	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 361 c.bing.com — Cisco Umbrella Rank: 224	31 KB
7	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3735 gum.criteo.com — Cisco Umbrella Rank: 493 sslwidget.criteo.com — Cisco Umbrella Rank: 2141 widget.us.criteo.com — Cisco Umbrella Rank: 23254 measurement-api.criteo.com — Cisco Umbrella Rank: 1866 dis.criteo.com — Cisco Umbrella Rank: 728	27 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	6 KB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 29362	125 KB
6	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3581 tr.outbrain.com — Cisco Umbrella Rank: 3429 wave.outbrain.com — Cisco Umbrella Rank: 3472 sync.outbrain.com — Cisco Umbrella Rank: 831	11 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	143 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	4 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 274	1017 B
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 913	3 KB
4	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 4906 gtrace.mediago.io — Cisco Umbrella Rank: 3956	96 KB
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 650 cm.adform.net — Cisco Umbrella Rank: 1398	1 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 682 r.casalemedia.com — Cisco Umbrella Rank: 2019	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 707	8 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4229 rp.liadm.com — Cisco Umbrella Rank: 1242 rp4.liadm.com — Cisco Umbrella Rank: 5750	37 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 523	721 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 349	952 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	73 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	127 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	87 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1623	577 B
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 49724 business.newsbreak.com — Cisco Umbrella Rank: 16508	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6834 flask.nextdoor.com — Cisco Umbrella Rank: 6394	4 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1130	22 KB
2	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 84897	487 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 15937	52 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 29483 app.unbounce.com Failed	44 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 7058	2 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2136	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3126	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6314	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 46399	153 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 452	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2884	398 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3102	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 560	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 432	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 918	225 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1228	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1690	877 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 735	816 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 14084	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 772	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 570	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 812	342 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1321	378 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 729	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 394	235 B
1	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 124572
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	27 KB
1	welldaily.com 1 redirects go.welldaily.com	2 KB
0	unsplash.com Failed views.unsplash.com Failed
212	60

	Domain	Requested by
39	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
13	fast.wistia.com	pages.upwellness.com fast.wistia.com analytics.tiktok.com
12	trc-events.taboola.com	analytics.tiktok.com
8	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
6	embed-cloudfront.wistia.com	analytics.tiktok.com
6	www.facebook.com	pages.upwellness.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	bat.bing.com	pages.upwellness.com bat.bing.com analytics.tiktok.com
5	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
4	ib.adnxs.com	2 redirects pages.upwellness.com
4	r.clarity.ms	analytics.tiktok.com
4	ct.pinterest.com	s.pinimg.com
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
4	pages.upwellness.com	pages.upwellness.com
3	pipedream.wistia.com	analytics.tiktok.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
2	c1.adform.net	2 redirects
2	dpm.demdex.net	1 redirects
2	sync.1rx.io	2 redirects
2	c.clarity.ms	1 redirects
2	s.amazon-adsystem.com	1 redirects pages.upwellness.com
2	dsum-sec.casalemedia.com	1 redirects pages.upwellness.com
2	cm.g.doubleclick.net	pages.upwellness.com
2	gtrace.mediago.io	cdn.mediago.io
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	www.google.de	pages.upwellness.com
2	www.google.com	1 redirects pages.upwellness.com
2	sp.analytics.yahoo.com	pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	www.clarity.ms	pages.upwellness.com www.clarity.ms
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tr.outbrain.com	amplify.outbrain.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	cdn.mediago.io	pages.upwellness.com cdn.mediago.io
2	amplify.outbrain.com	pages.upwellness.com amplify.outbrain.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	builder-assets.unbounce.com	pages.upwellness.com
1	www.upwellness.com
1	js.sentry-cdn.com	fast.wistia.com
1	distillery.wistia.com	analytics.tiktok.com
1	cm.adform.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	r.casalemedia.com
1	visitor.omnitagjs.com
1	sync.targeting.unrulymedia.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	c.bing.com	1 redirects
1	measurement-api.criteo.com	analytics.tiktok.com
1	embed-ssl.wistia.com	pages.upwellness.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	1 redirects
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	flask.nextdoor.com	pages.upwellness.com
1	psb.taboola.com	cdn.taboola.com
1	business.newsbreak.com	static.newsbreak.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	www.googleadservices.com	www.googletagmanager.com
1	wave.outbrain.com	amplify.outbrain.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	cdnjs.cloudflare.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	go.welldaily.com	1 redirects
0	views.unsplash.com Failed	pages.upwellness.com
0	app.unbounce.com Failed	pages.upwellness.com
212	94

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2024-04-24` - `2024-07-23`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.js.ubembed.com E6	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
live.upwellness.com R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
store.upwellness.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
useproof.com GTS CA 1P5	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-05-30` - `2024-07-17`	2 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M02	`2024-05-25` - `2025-06-22`	a year	crt.sh
*.mediago.io Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.googleadservices.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M03	`2024-01-05` - `2025-02-03`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-31`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-08-07`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
casalemedia.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
upwellness.com R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Frame ID: C973F4A7DFE07ED8C850040646C31E6B
Requests: 176 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 4B8874B9F22F9B542637D96856C24BCA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: C6E0C671A27C7311AD8B3C1E910598FF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Frame ID: E1193694597848F97B172D34FE16D2DA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=164688367158510880&dcc=t
Frame ID: 93F98F9C7D12200BF493955666EFFD51
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 32549F4F7B852510128DD4759DD532A3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-8wwkr1_-Qt9qH3NrE-qH0ptcYAXugMkpye0CUg&google_cm&google_hm=ay04d3drcjFfLVF0OXFIM05yRS1xSDBwdGNZQVh1Z01rcHllMENVZw
Frame ID: DF109CB4516AD6898F3E259C6369CF11
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.welldaily.com/aff_c?offer_id=67&aff_id=199&aff_sub=AJK062424 HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFF... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

212
Requests

93 %
HTTPS

26 %
IPv6

60
Domains

94
Subdomains

82
IPs

10
Countries

7048 kB
Transfer

11224 kB
Size

99
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.welldaily.com/aff_c?offer_id=67&aff_id=199&aff_sub=AJK062424 HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://rp.liadm.com/j?dtstmp=1719018639392&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1719018639392&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true

Request Chain 68

https://sslwidget.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWhSJTJGajRyS0RkektheDIxWHdLaXVOak9MY3NxTGxpTkI5UndEb3psNFc5UUlJWktqVGRueERpVyUyQlJ6RHcyZ05MS0FLMlpDMGtNdjlTNkVUQW5pSE5kdTlaN0pwQmdrWjZsWDR5Y0FVVyUyQlVKTWN1NXhxS21tdVUwZmxJalI5Vzk4dnFjdU10N1pmcWtNYUY2TSUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026188de9b01a94896d1d0b83dabc%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D199_AJK062424&ceid=05e68c8b-4692-4d98-bc47-2f5d06b79aaa HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWhSJTJGajRyS0RkektheDIxWHdLaXVOak9MY3NxTGxpTkI5UndEb3psNFc5UUlJWktqVGRueERpVyUyQlJ6RHcyZ05MS0FLMlpDMGtNdjlTNkVUQW5pSE5kdTlaN0pwQmdrWjZsWDR5Y0FVVyUyQlVKTWN1NXhxS21tdVUwZmxJalI5Vzk4dnFjdU10N1pmcWtNYUY2TSUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026188de9b01a94896d1d0b83dabc%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D199_AJK062424&ceid=05e68c8b-4692-4d98-bc47-2f5d06b79aaa

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=1&pscdl=noapi&auid=1459351703.1719018640&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIheeyu4PuhgMV4YuDBx3f_g3sMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=1&pscdl=noapi&auid=1459351703.1719018640&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIheeyu4PuhgMV4YuDBx3f_g3sMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSGwDaQooLZXGzHBKoXJT-IuxDLsGaFQaUqHMKeg&random=315616578 HTTP 302
https://www.google.de/pagead/1p-conversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=1&pscdl=noapi&auid=1459351703.1719018640&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIheeyu4PuhgMV4YuDBx3f_g3sMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSGwDaQooLZXGzHBKoXJT-IuxDLsGaFQaUqHMKeg&random=315616578&ipr=y

Request Chain 155

https://ib.adnxs.com/setuid?entity=529&code=f1f6b29a0d016dee2xoqzp00lxpfbf02 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Df1f6b29a0d016dee2xoqzp00lxpfbf02

Request Chain 157

https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f1f6b29a0d016dee2xoqzp00lxpfbf02 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f1f6b29a0d016dee2xoqzp00lxpfbf02&C=1

Request Chain 162

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=164688367158510880 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=164688367158510880&dcc=t

Request Chain 164

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FD3B6271C64F42B9A51F55B3CFBD509C&RedC=c.clarity.ms&MXFR=1F6051F564C76B2E266F455360C765B3 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FD3B6271C64F42B9A51F55B3CFBD509C&MUID=05D5F0B93FD3601538E3E41F3E1361EC

Request Chain 169

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4894843279716763173

Request Chain 172

https://sync.1rx.io/usersync/criteodsp/k-lpeGz1_-Qt9qH3NrE-qH0ptcYAV8KZWnUByc5A HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-lpeGz1_-Qt9qH3NrE-qH0ptcYAV8KZWnUByc5A?zcc=1&cb=1719018645607 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003

Request Chain 175

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=xaxqzZDv1honDUl88kiffgl10qHOySLm HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xaxqzZDv1honDUl88kiffgl10qHOySLm

Request Chain 193

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ HTTP 302
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ&adform_v=1

212 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pages.upwellness.com/uc-grplus-fps/
Redirect Chain

https://go.welldaily.com/aff_c?offer_id=67&aff_id=199&aff_sub=AJK062424
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

306 KB
42 KB

241ms
138ms

Document
text/html

172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f25d70bdb618bba3b9ee06c7a5789861f392c47a7e3be0968eb343fc018069

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 89785c18bf5858de-TXL
content-encoding: gzip
content-length: 41898
content-location: https://pages.upwellness.com/uc-grplus-fps/
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 01:10:38 GMT
etag: "an:42d51acf1edb45fd884c50dc2d5dd81c"
link: <https://pages.upwellness.com/uc-grplus-fps/>; rel="canonical"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-unbounce-pageid: 6d2c7105-ebae-455a-91f2-47af4209ed5f
x-unbounce-variant: an
x-unbounce-visitorid: 42d51acf-1edb-45fd-884c-50dc2d5dd81c

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 22 Jun 2024 01:10:38 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 1026188de9b01a94896d1d0b83dabc
X-Request-Id: 04211923de89c062d75bf74cd54fa360

GET
H2 200 main-ebbfc5e.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 100ms
25ms Stylesheet
text/css 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.css

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-28.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:48:05 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-version-id: CL5jrjRaZdYGvQ_ktFxphZkwnhxYwadH
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C1
age: 1300954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2944
referrer-policy: no-referrer
last-modified: Thu, 06 Jun 2024 20:32:23 GMT
server: AmazonS3
etag: "3b1a7b38a3984241c2be683ce77b9a78"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kyKiaUV1WUUSDIc9nhSNf3cEnYO5ppBfyc9rV4iQ2Z6qY8Yr11PoEA==

GET
H2 404 rightarrow-hr.original.png
pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/ 47 B
47 B 59ms
59ms Image
text/html 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/rightarrow-hr.original.png?1615572696

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:38 GMT
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/html
cf-ray: 89785c1b0bc958de-TXL
content-length: 47

GET
H2 200 e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js Show response
pages.upwellness.com/_ub/static/ts/ 44 KB
15 KB 51ms
51ms Script
application/javascript 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.upwellness.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:38 GMT
content-encoding: br
via: 1.1 cb643617ee4bca09492409ac12401bfc.cloudfront.net (CloudFront)
x-amz-version-id: y0uC0xE0yu95rDa35ZEYf2K128n3gwGH
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: TXL50-P4
age: 3807841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 08 May 2024 22:13:34 GMT
server: cloudflare
etag: W/"a7eeb377929f3b60727095f859013d59"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89785c1bbd2258de-TXL
x-amz-cf-id: cQwQ3cUKHxGFG7W1y4t9O-3i-iAlOg94NwxYnlsImUUe364kcTdT2g==
expires: Sun, 22 Jun 2025 01:10:38 GMT

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 16 KB
3 KB 549ms
147ms Script
application/javascript 104.18.39.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d470e83686d770c884ff37aa8257edfbcfa0a3294ee3b753fc062033944e4c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"c139fc762d5bddd246cb6ffacad44b93ea4adb0c"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 89785c1e4ec23649-FRA

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 426ms
25ms Script
application/javascript 2600:9000:275d:9c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:9c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2ecefb5809e37a48cbbde3e05b7644e9e5ce8bf50cff86c9b8c8860566338203

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 08:00:42 GMT
content-encoding: gzip
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 61797
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: z2ujQYQ6ov3f3gwkaPcHgqHLv0D2eZEliioEGzZuOx0u8nNPGfNeuw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 436ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47b361adead27b77c208bb8b4197e31dfe54733c463ea5b1b19436ce9aea7b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84007
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
86 KB 460ms
60ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dde551df39ac4858745352bb6ba3b5e0fc3c80a76cce201dafe53639bd516c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87800
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
95 KB 487ms
88ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dac6c87bab7c5afb7ec64ca048346548349fe322e4aada6f9051778e0e4cee00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97217
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 48 KB
21 KB 455ms
56ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35f1dc3738bc589f6d6818d5f6babf4242cff97a51ed7f81360dfc41a7fd1192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
87 KB 219ms
127ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da55caf7472d1245408e8a37b1daec3c7288c19021520316cc7b7e832eb34f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88983
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
H2 200 e8xcaqkjm4.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 155ms
77ms Script
application/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2320dedcba47b72953ef6f5f81daa4f72bff68ec4caf27cd802cb0b6a5e08249

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 5e6930ff15cb9ece8bd1c3b20d8103c0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD61-P1
age: 47574
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 69
content-length: 1788
x-request-id: ad0d3d07-63bc-4115-964b-42d301d4243d
x-served-by: cache-iad-kiad7000020-IAD, cache-fra-etou8220062-FRA
x-runtime: 0.067624
x-browser-version: 126
server: envoy
x-timer: S1719018639.079039,VS0,VE1
etag: W/"2320dedcba47b72953ef6f5f81daa4f7"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 7gWGNOJiwmfpWYMaqZLsHqv9MeA-PugFjgyhg4mNBn9-tGhDxTAMuQ==
x-cache-hits: 62, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 790 KB
134 KB 77ms
20ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f1496033d8bd1f171d88c6ec05b0c699e366e6111fb2c7d654d3befc3a88b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 800
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 137006
x-served-by: cache-iad-kiad7000090-IAD, cache-fra-etou8220062-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018639.079207,VS0,VE0
etag: "d6b086d86026c50a1aedd1ebb89ab2ff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 5

GET
H2 200 swatch
fast.wistia.com/embed/medias/e8xcaqkjm4/ 5 KB
5 KB 406ms
25ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:38 GMT
access-control-request-method: *
via: 1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 20f0d9cf6610f77242f5c592d2ecfd1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 2050694
edge-cache-tag: 9c999aa0107b556d5cd5f59d9dd7e014
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 30
content-disposition: inline
content-length: 4891
x-served-by: cache-iad-kiad7000136-IAD, cache-fra-etou8220062-FRA
x-browser-version: 126
last-modified: Tue, 05 Oct 2021 16:24:56 UTC
server: envoy
x-timer: S1719018639.948444,VS0,VE2
etag: KTO7iHMFy31bRBoB_X8SLpxC2Uc=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0wrVlPwnkk3fXTNI-26ut2mvdemfU-j_35CcMBQHounksHkDm_3MIg==
x-cache-hits: 1334, 0

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 762ms
245ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
805 B 553ms
139ms Script
text/javascript 52.71.241.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.71.241.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-241-246.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 182ms
132ms Script
text/javascript 52.71.241.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.71.241.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-241-246.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 851

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 410ms
36ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 109284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27198
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8leiugRABSC5PS2fKrkkAqUQV0VlIjc46GHpBKg4XDnwgjuM%2BOGONjUYsuHcmOgKKAtyRptB%2FIzutDgRWJXz3TGRYkE0q%2Fg1Q%2BLI0eIW3S1G0g1OMqTH2Pe1Yh0pW81Ec40oaiik"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89785c1e09bca05b-FRA
expires: Thu, 12 Jun 2025 01:10:39 GMT

GET
H2 200 main.bundle-c84a6bf.z.js Show response
builder-assets.unbounce.com/published-js/ 137 KB
41 KB 28ms
28ms Script
application/javascript 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-js/main.bundle-c84a6bf.z.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-28.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c84a6bfc027c476c666c489c50c2611877eca16db056447023d200f5d40ab8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 14:39:02 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-version-id: q0pk6Wx3_XE8LIJazZc_N1cxAVucggoG
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C1
age: 729097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41267
referrer-policy: no-referrer
last-modified: Thu, 13 Jun 2024 14:35:51 GMT
server: AmazonS3
etag: "2dbaf0f2ae4414145bff75880fce23fc"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5e0aphPhx6o4QsBmaigqFjUOnrhLGTaQcXIqKv7KnIu2cH9UWPMomg==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 292ms
77ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7HKMS5TK94BJQBVM
age: 7872200
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: c2JH2qtM6MiCNVbOQKaBnEg6LeuclzjJ9Ah3uoQo9Sp0rCCzt5kHoBX4WxeicH0JYbmem5JgeLY=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOvoJDm80hbIaySm5marCRdWPKAgjJySbMaX65AVuBJwEJO27XFWSgLEQIx3x%2FG7NWcE1Nc7R9WKyxu424XnKGQm3dg9P2VdPH6n9DyCQTtKvuHdYQqBTaw3IdXt5jUpyitWPhFVvQDqru%2FNYf9e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 89785c1fda5f1ad7-FRA

GET c2c86836-85c4-4208-aa3a-de3102bacb01
https://app.unbounce.com/ 0
0

GET 64aa29ec-2429-4ae1-b84f-9c9a8d1af351
https://app.unbounce.com/ 0
0

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 303ms
99ms Script
application/javascript 2a02:26f0:f500:4a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:4a3::1931 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1878

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 167ms
48ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Sat, 22 Jun 2024 00:59:57 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: H69AM2C2K6KRVX3W
age: 643
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: GXjdltkjl8oj/ZkqXzDmysX5s9aiGEeq3lH++8djfdRKB2CKk3oo5+GPjS7Glllg6OPUpvcZCO0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 70 KB
22 KB 342ms
228ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b0baefd7b6508147642a0f5a571f4d2b842f481916d221efcfcaca162dc19b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wCbxgwS9x762Rh4bNHQfLecG_CTtyTB1
content-encoding: gzip
via: 1.1 varnish
date: Sat, 22 Jun 2024 01:10:39 GMT
x-amz-request-id: RFV6F9QXTW81NBKZ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21851
x-amz-id-2: 2J0fxmrDzP+Q5yRW8vOlLlL6BoE+OrSKzGawI+3V0x2ckgsQLn8ZrNmJ2BeFEc9/mmZ0jltzKNs=
x-served-by: cache-fra-etou8220107-FRA
last-modified: Sun, 16 Jun 2024 11:20:14 GMT
server: AmazonS3
x-timer: S1719018639.333736,VS0,VE199
etag: "16ee7b98e094819482ff34be80a62620"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 210ms
79ms Script
application/x-javascript 23.49.23.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.23.62 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-49-23-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 01:10:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 07:06:19 GMT
Server: AkamaiNetStorage
ETag: "f0a2b8e957b7536ea57179b045ad847a:1718955959.776503"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8611
Expires: Sat, 22 Jun 2024 01:30:39 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
4 KB 662ms
190ms Script
application/javascript 54.201.114.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.114.42 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-114-42.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

e358ac9219c2bfde08ebd2b62efe991cc0e27671ec64bdc5b6b15a5c195107de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 16:44:26 GMT
server: istio-envoy
etag: W/"6671b96a-1d56"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 277ms
44ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1719100800000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
date: Fri, 21 Jun 2024 11:18:41 GMT
x-amz-cf-pop: FRA60-P3
age: 49919
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: pKz9jSD3jDNo0VntGhGUmbAD192sfrUgtf8qKKHQqW0CmwfOBJzifw==

GET
H2 200 pixel.js Show response
cdn.mediago.io/js/ 94 KB
95 KB 272ms
39ms Script
text/javascript 13.32.27.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/pixel.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 874e13046ee321750c37e2d5380bc542c262d4e2e9bdf42a5f31ba4cace28239

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: drSHCbDyFDWp2nVi7CTUAHYKw0OM04fr
date: Fri, 21 Jun 2024 12:40:45 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2024 02:22:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 44995
x-amz-server-side-encryption: AES256
etag: "eac8cc87a138988c3108509efb895cdb"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 96375
x-amz-cf-id: N8nxX1XhSCMQlOZIfAA4ZQLlia2n-6VV62urfTEr4u1fPje0E8Yzcg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
99 KB 63ms
58ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77313e98e6af4853670ab8157db6f68bd2077b7c69027e284e20c34ae7d10aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101603
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 403ms
174ms Script
application/javascript 23.36.79.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.79.34 Oslo, Norway, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-79-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cc5312d22d2b77487914fcb75444bf364c48b1ba2fec6669cbbdb9a5b3463355

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 31dbbc7c.37702d08
date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406220110394BE881BED8FB5631BA4D-73CC7923C87EE270-00
x-cache: TCP_MISS from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 107,23.36.79.30
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=9, inner; dur=6
content-length: 2244
pragma: no-cache
server: nginx
x-tt-logid: 202406220110394BE881BED8FB5631BA4D
x-cache-remote: TCP_MISS from a184-51-101-61.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,184.51.101.61
x-tt-trace-host: 015d2718a00bc57e667372f5fc17447c7744f10d63f12af12af1b4da868624a9381d6bfa836f1542646653e5ae35e0ef460046402061807867eff46b71d25bc3bf7648c723f7da0a0d4fc7b1ee4bd94a31a3d39bc9be9aadbd6411bddc6e065a277bcc53a08e6afabb32601b5d156e8c15
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 42 KB
42 KB 349ms
27ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 12 Feb 2024 20:02:14 GMT
x-amz-version-id: 98W47xk19QS0Uat70_RzWPmtMAM7DpfJ
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11250506
etag: "e3753887ecf5fb15513cde566e26a803"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 43016
x-amz-cf-id: ccszdBifdSGx1q8pjdzIdKi9Nsj8YAY1icCEc6XwxXBqe56ViUnv3Q==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 121 KB
121 KB 55ms
53ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 17 Mar 2024 09:42:12 GMT
x-amz-version-id: c26C8835zn.pNzpX0imGwb81vCLnmqRO
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 8350108
etag: "8623460fd509c8bce7623df03b517ef6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 123673
x-amz-cf-id: 0VcawS9k4hlUzn-nS1_3PfIaAIBnjBImf8O57_tRa7dD0JeewvYyDg==

GET
H2 200 cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 34 KB
35 KB 81ms
79ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 09:06:02 GMT
x-amz-version-id: CvO4.VJzV9C5YJkBBwMqQJ_h37OtC5Kz
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 7661078
etag: "57ad6757695bd394d132dffc6cf3d1fd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 35034
x-amz-cf-id: 3WbW71Wiw4qKOoR3pBb-J1FaWxgTdm2aQqOxPi8HSaNWRbV99rUXlA==

GET
H2 200 a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 185 KB
186 KB 84ms
82ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 19:22:38 GMT
x-amz-version-id: .rakPSYP03xWXiu6jSd5diIZ4raUKwUY
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 8142482
etag: "ce5156cacf580d0e35ff189b67aacfbc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 189879
x-amz-cf-id: Sv0QZIneMO0DYJpk_dd-zZKjVpuKNTKkPeB4QqYaH5yGa8PK4xKKfw==

GET
H2 200 aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 167 KB
167 KB 111ms
109ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 17 Mar 2024 09:42:12 GMT
x-amz-version-id: BXs.qIu5D.Gq_IZFyzXC3pDrguhKy2DU
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 8350108
etag: "981ccd318264bd584234aaec828d43ce"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 170550
x-amz-cf-id: Yo8in0v0zuMJQ-VhuqJ9CPI3RBR5CZtdakmNs9j_2zNjGIEWXm98RA==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 91 KB
92 KB 104ms
102ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 19:22:38 GMT
x-amz-version-id: CArUlyVdj5w4T.VYQnZKDYb0NDiF0qSE
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 8142482
etag: "fc4db20401afee8c48e1ca79db0f0ec7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 93607
x-amz-cf-id: DJoNIWkC0TEXoFJ-p8hG1JK3zYV_GKU648gfjkzt5pbxvZ_A03e5dQ==

GET
H2 200 f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 393 KB
394 KB 215ms
213ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:03:52 GMT
x-amz-version-id: x0C_br9MoDVReL2hsG_qxYn8qXSpnQyq
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 7492008
etag: "056ca93a156b7b1ffad3e735ce3b7550"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 402177
x-amz-cf-id: U3fgbv3Hp2zaTN09bgzSUvVihcQXHwhgObQhPVTeNtR6iKP8Jqdo9g==

GET
H2 200 5065891f-manuka-background-orange-01-1_11yk0rq1hc0rq08l000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 138 KB
138 KB 233ms
231ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5065891f-manuka-background-orange-01-1_11yk0rq1hc0rq08l000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc0cca62892a59d1de77937749ec1556bcc87bdd12964f2ad28b1487fe501c8b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:40:01 GMT
x-amz-version-id: 7WgfAHjVsGMGUszfMaqqNNAXadznl5.V
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 286239
etag: "28adf469c1c4e62618729686384b8252"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 141031
x-amz-cf-id: P2rPv9jkcS0uCAAv1ypDAL6CM7zQLpADDq5NGIywVGA2m9wkZSMGdA==

POST
H2 200 i
pages.upwellness.com/_ub/ 2 B
262 B 460ms
459ms Ping
text/plain 172.64.153.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.upwellness.com/_ub/i

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pages.upwellness.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 89785c1cff7258de-TXL
content-length: 2

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1719018639392&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessio...
https://rp4.liadm.com/j?dtstmp=1719018639392&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessi...

13 B
347 B

645ms
119ms

XHR
application/json

52.202.134.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1719018639392&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Server: 52.202.134.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-134-190.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
x-pixel-event-id: 9bce91b4-4f25-4f0c-b034-6d5d9bd34cd5
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1719018639392&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
date: Sat, 22 Jun 2024 01:10:39 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.183.0/ 183 KB
49 KB 270ms
24ms Script
application/javascript 108.138.26.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-11.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:52:38 GMT
content-encoding: gzip
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 17:48:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2445483
etag: W/"ce1f9daa5bfa548f0417f378eb40974e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: fl_kjqJ9zb-1UE5icAF8CfC-zaJ7mQ6LwpN6jHGJXI9nLi84F57KsA==

GET
H2 200 syncframe
gum.criteo.com/ Frame 4B88 0
0 472ms
42ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 01:10:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 376475
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 215 B
1 KB 180ms
179ms Script
text/javascript 52.71.241.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-fps/%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.71.241.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-241-246.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f13cca074c4adfc4edebb44c55950668c654f82c00d55b093f651801c2f7af7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 143

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
87 KB 43ms
42ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

732e9c812e78ebeb5bc2defca1c70b7a33e35dbd83729acbe61cc53b4ad6ef30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89026
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:39 GMT

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
693 B 194ms
130ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:41 GMT
x-amz-version-id: AJ4Wt_bEeufDfLrogYR28TcKc9WwSak1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: C39N4FBPDFZ78944
age: 2
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: mpqjGbfgM7+FyDAlMfppqx+6R9QHepj1UXMhZIGbT85r3qsThSBnMvtEgSEQGK4oPB5Fd2na3buvMsrlOgzxPT8ylRKvTJVQ
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 28 Jul 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 22 Jun 2024 00:37:13 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
276 B 198ms
136ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:41 GMT
x-amz-version-id: KGSomQZWDyNsSMSa.c4ZzDEwC4Y8.wVr
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: C39R2455PR9ZGBS8
age: 2
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: V1oRkhGUbhOSwea2PfrJ7RQFlyqAVflyzecYpo3qk6zRDef4KNvZXZVIVtbwJBrkbP2MF7AfyNk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 28 Jul 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 22 Jun 2024 00:38:54 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 main.f74ed22b.js Show response
s.pinimg.com/ct/lib/ 70 KB
20 KB 43ms
42ms Script
application/javascript 2a02:26f0:f500:4a3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:4a3::1931 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-cdn: akamai
etag: "446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20114

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
520 B 665ms
141ms Ping
image/gif 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=039605687418182467&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, POST
Content-Type: image/gif;
Access-Control-Allow-Origin: https://pages.upwellness.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TraceId: 1a46d55def18769f0ba6f5881fc8d269
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 54

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 596ms
129ms Script
application/javascript 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 48ce9b76f47ea40771d92eba8fd93cc0
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 00e83052a71a1dff3bc62d5d40765808fc Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 522ms
83ms Script
text/html 23.49.23.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00e83052a71a1dff3bc62d5d40765808fc

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.49.23.62 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-49-23-62.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 22 Jun 2024 01:10:40 GMT
ob-sent-time: 1718964972254
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: a0c176859eaca997eabd30371d534503
Content-Length: 22
Expires: Sat, 22 Jun 2024 01:11:40 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 178ms
55ms Fetch
text/html 23.49.23.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.23.62 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-49-23-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 01:10:40 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Content-Length: 26
Expires: Sat, 22 Jun 2024 01:30:40 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/458254939/ 3 KB
2 KB 262ms
133ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/458254939/?random=1719018640162&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=1&pscdl=noapi&auid=1459351703.1719018640&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ca42d780056b0f9574379c78e677eaa52e200e5feab0fb4089680dfb4af5757f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1690
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 274ms
152ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c6135495c794218719321b784a025fdc62a9271cd4d31df19b1940e037f58740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jun 2024 01:10:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 311ms
26ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 00:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2493
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 22 Jun 2024 02:29:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 253ms
134ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ed2a9af3791670c5ade591edad02a436628e5661a8864823b8a02d5b64e88524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84014
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 01:10:40 GMT

GET
H2 403 cl4975ot4arrr6.js
cdn.js.customerlabs.co/ 0
0 909ms
628ms Script
application/xml 18.66.137.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P4
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header, Content-Length
content-type: application/xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vrZavyppDhYsTRFeo3ZtBkJvxWu_ieSsXczU6Y9_FVv2DOw8nWfTkg==

GET
H2 200 jz7ox0tvgu Show response
www.clarity.ms/tag/ 801 B
1 KB 441ms
162ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 65478324af6132cc0d48f2360bbde9a943d33f173df9095c9fc645797e5ccf49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sat, 22 Jun 2024 01:10:40 GMT
x-azure-ref: 20240622T011040Z-r1695cb74698grkt1hn8pxbq3w0000000440000000011pbq
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 801
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 744ms
222ms Ping
application/json 35.83.134.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-497xqfvs-lxpfbbxl&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&rl=&ts=1719018638657&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20126&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&tz=-120&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1719100800000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.83.134.44 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-134-44.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
284 B 356ms
26ms Fetch
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220042-FRA
date: Sat, 22 Jun 2024 01:10:40 GMT
via: 1.1 varnish
server: Varnish
observe-browsing-topics: ?1
x-timer: S1719018641.780656,VS0,VE0
x-cache: HIT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=2592000
accept-ranges: bytes
content-length: 65
retry-after: 0
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 124ms
60ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1719018640495&data=%7B%22id%22%3A133%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1719018640433%2C%22cv%22%3A%2220240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1719018640484%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22tos%22%3A42%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7763a06458f51a4647ddc0aa72304dac9d3bc9de670f32ca20ee65ba4237f164

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 19
date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.07375000000000001
x-fastly-to-nlb-rtt: 7337
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220107-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1719018641.579814,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.MTU0NDc1MDUxMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 346 KB
99 KB 128ms
67ms Script
application/javascript 23.36.79.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.79.34 Oslo, Norway, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-79-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3a12d32020ead1533d6ddc03b2815edb4c88001568c5ccc3a5535dec7f7709bc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 377037c1
date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240620184324CA88ACC7D2D5C29C8F31
x-tt-trace-id: 00-240620184324CA88ACC7D2D5C29C8F31-3DE77E24DD219274-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015d11360fcdb9a7161e67940910fcbc0cc1e448aa1e3677c751c37267443c61e6b21f3e869da6901d0fac0e0bab44ad40a77a9269ab194d2f871cc69cdfc3abbeb038e749c39781923904c6784c86d630efe00c75fc0b5b9483f7ab03a0db3020
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 100554

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 85 KB
23 KB 39ms
38ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3958a64f8d3b4eff9740972db23739dd969516f400522fff511a642c153f1ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 879
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 23352
x-served-by: cache-iad-kjyo7100175-IAD, cache-fra-etou8220062-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018641.593123,VS0,VE1
etag: "4f834bdc624ebb662de884ee6444852f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 1

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 99 KB
30 KB 105ms
15ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

af00d0fdcf585d3f2d709cfd4e9c78e92576b3d8637dd9c0452e9cfca8d82194

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 743
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 30552
x-served-by: cache-iad-kcgs7200178-IAD, cache-fra-etou8220062-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018641.773789,VS0,VE1
etag: "18b65b6c5bd36d4a47f856220a92d28f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
77 B 255ms
52ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2022%20Jun%202024%2001%3A10%3A40%20GMT&n=-2d&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:40 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 22 Jun 2024 01:10:40 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
500 B 251ms
51ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:40 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 22 Jun 2024 01:10:40 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 216ms
190ms Image
text/plain 54.201.114.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&vrs=8.3&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=2131e0db-5c53-42fe-9ba3-7a0ac7d9e09f&pageid=fb459c86-da93-44f7-b0f9-8e21b28a58ee&sessionid=d774f864-4540-40d5-9731-244dc6ac3dfb&cd=%7B%7D
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.114.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-114-42.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:40 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
context-id: 701fd302-e12e-444d-96e4-a6d780c4d7d3

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
726 B 363ms
107ms XHR
application/json 23.195.255.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1719018640964&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.255.69 Oslo, Norway, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-255-69.deploy.static.akamaitechnologies.com

Software

Resource Hash

e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ed4d2417.1719018641.c76f5ef
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=600
content-length: 186
x-pinterest-rid: 3953148510219988
pin-unauth: dWlkPU1qaGlNak15WW1NdE5tUTVZUzAwWlRVNUxUZzVOMlF0Tm1Oak5UVXpNalE0WlRVNA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWh...
https://widget.us.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWh...

10 KB
5 KB

1614ms
57ms

Script
application/x-javascript

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWhSJTJGajRyS0RkektheDIxWHdLaXVOak9MY3NxTGxpTkI5UndEb3psNFc5UUlJWktqVGRueERpVyUyQlJ6RHcyZ05MS0FLMlpDMGtNdjlTNkVUQW5pSE5kdTlaN0pwQmdrWjZsWDR5Y0FVVyUyQlVKTWN1NXhxS21tdVUwZmxJalI5Vzk4dnFjdU10N1pmcWtNYUY2TSUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026188de9b01a94896d1d0b83dabc%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D199_AJK062424&ceid=05e68c8b-4692-4d98-bc47-2f5d06b79aaa

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

59daf8f216d8fef55b83e09206ff69182b099767f65ed350bc49db194e17a2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8622431
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWhSJTJGajRyS0RkektheDIxWHdLaXVOak9MY3NxTGxpTkI5UndEb3psNFc5UUlJWktqVGRueERpVyUyQlJ6RHcyZ05MS0FLMlpDMGtNdjlTNkVUQW5pSE5kdTlaN0pwQmdrWjZsWDR5Y0FVVyUyQlVKTWN1NXhxS21tdVUwZmxJalI5Vzk4dnFjdU10N1pmcWtNYUY2TSUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026188de9b01a94896d1d0b83dabc%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D199_AJK062424&ceid=05e68c8b-4692-4d98-bc47-2f5d06b79aaa
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6345206
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/458254939/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sy...
https://www.google.com/pagead/1p-conversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&...
https://www.google.de/pagead/1p-conversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u...

42 B
64 B

1431ms
41ms

Image
image/gif

142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=1&pscdl=noapi&auid=1459351703.1719018640&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIheeyu4PuhgMV4YuDBx3f_g3sMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSGwDaQooLZXGzHBKoXJT-IuxDLsGaFQaUqHMKeg&random=315616578&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/458254939/?random=682946806&cv=11&fst=1719018640162&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9101108372za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=1&pscdl=noapi&auid=1459351703.1719018640&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyPW5hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIheeyu4PuhgMV4YuDBx3f_g3sMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSGwDaQooLZXGzHBKoXJT-IuxDLsGaFQaUqHMKeg&random=315616578&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 36ms
34ms XHR
text/plain 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1798249735&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=25781974&gjid=1163386678&cid=1497118249.1719018641&tid=UA-28307243-3&_gid=907140848.1719018641&_slc=1&gtm=45He46j0n81M3S986Pv79737984za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=167558060

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 175ms
41ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28307243-3&cid=1497118249.1719018641&jid=25781974&gjid=1163386678&_gid=907140848.1719018641&npa=1&_u=YGBAiEABBAAAAGAAI~&z=2097045103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jun 2024 01:10:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 286ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E56T163DF6&gtm=45je46j0v9126958639z879737984za200zb79737984&_p=1719018638656&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1497118249.1719018641&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719018641&sct=1&seg=0&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&dt=&en=page_view&_fv=1&_ss=1&tfd=3336&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 3 KB
1 KB 137ms
13ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1719018641297&data=%7B%22id%22%3A364%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1719018640433%2C%22cv%22%3A%2220240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1719018640498%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22tos%22%3A55%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 00eee560bb3a1ceb7e71b694fa510bbe92b2dd9281c73cfb4dd32bbb05ad5c68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 22
date: Sat, 22 Jun 2024 01:10:41 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.0875
x-fastly-to-nlb-rtt: 7406
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220107-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1719018641.420774,VS0,VE22
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 /
ct.pinterest.com/v3/ 35 B
0 192ms
156ms Fetch
image/gif 23.195.255.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1719018641403

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.195.255.69 Oslo, Norway, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-255-69.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

quic-version: 0x00000001
date: Sat, 22 Jun 2024 01:10:41 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.e64d2417.1719018641.6bfecfa
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 35
x-pinterest-rid: 1530685188157163
pragma: no-cache
referrer-policy: origin
content-type: image/gif
access-control-allow-origin: https://pages.upwellness.com
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 151ms
70ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:41 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240622T011041Z-r1695cb74698grkt1hn8pxbq3w0000000440000000011pdx
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 2dceb508-e01e-003c-0d28-c2071c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 415ms
0ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 01:10:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=15, mss=1297, tbw=2806, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: iD++kcDWSrzDVYMhum30MbEzHtRHgURbnXlQWfqpFSC+95qepoeOt+56YcOGUzUs9C15oaNtPZ+sYpV2WdRlFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 478ms
51ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 22 Jun 2024 01:10:40 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF8BA6351D5B4BF69DB11B225A2191C0 Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:41Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 132ms
0ms Script
application/javascript 23.36.79.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.79.34 Oslo, Norway, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-79-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 377040dd
date: Sat, 22 Jun 2024 01:10:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400002AA18FD95E24E8456B28
x-tt-trace-id: 00-2405211400002AA18FD95E24E8456B28-1A82EDFF9F82C13B-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c03dca97ba4b5a184c7409bd4e3d4c9fa4e881fcc57473be37f3726cbc735e819bd8a2713b52e868b81b4b5f5b2529a3d11e0da0afb58bf0d9aa3017b517947e15f17b3c76863854ef2e5b3c5e58589145c50678a531cc7aa37f4430c1fa2cf8
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 39823

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 293ms
62ms Ping
text/plain 23.36.79.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.79.34 Oslo, Norway, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-79-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3bc9d1e8.377041c5
date: Sat, 22 Jun 2024 01:10:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240622011041EEE382F9DFC9C42FCD39-739716A29AA747E4-00
x-cache: TCP_MISS from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 129,23.36.79.30
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=31, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240622011041EEE382F9DFC9C42FCD39
x-cache-remote: TCP_MISS from a184-51-101-214.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,184.51.101.214
x-tt-trace-host: 015d2718a00bc57e667372f5fc17447c7744f10d63f12af12af1b4da868624a93834a923f4e06f2c668e38018f281871d14205a2af88dc9b28f4074e2a8f5c206781a3115341f9d85674e34d021b4e6f3f4b7a69e8258a58dc8cf89e54811a2c76b43796d08152560c74d0a994a5b03f6b
access-control-allow-headers: Authorization,*
expires: Sat, 22 Jun 2024 01:10:41 GMT

GET v
views.unsplash.com/ 0
0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 166ms
136ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28307243-3&cid=1497118249.1719018641&jid=25781974&npa=1&_u=YGBAiEABBAAAAGAAI~&z=1027194889

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 1425ms
40ms Image
image/gif 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28307243-3&cid=1497118249.1719018641&jid=25781974&npa=1&_u=YGBAiEABBAAAAGAAI~&z=1027194889

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
537 B 305ms
72ms Stylesheet
text/plain 52.71.241.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.6138496340724562&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.71.241.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-241-246.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:41 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
BLOB 200
OK 4cd79c68-58ba-4cb2-b15f-bf325cb7ea02
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/4cd79c68-58ba-4cb2-b15f-bf325cb7ea02
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-c84a6bf.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5427
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 6 KB
1 KB 1876ms
18ms Stylesheet
text/css 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-c84a6bf.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

8a0e7e3afee39fdf54ecfda43d23886e66d72453d9652166573b64389c61f26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 16:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 30448
x-amzn-requestid: 7cbadf84-26d1-465e-8354-1021969cbbab
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ZugRiEKZIAMEmSw=
content-length: 685
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-6675ada3-58e6891c6ba14dad6f487ad3
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: 152ceglv0i4vCQsp6Rn_4zrh9ydHV7wy78WM1xKaklK80W64KLoIrg==

GET
H2 200 2181c4f3-upwellness-logo_104201o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 4 KB
4 KB 179ms
7ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2181c4f3-upwellness-logo_104201o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 19:04:12 GMT
x-amz-version-id: _VYtCSZeCpGT05ziJCCuluddhybQs6Gy
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 8143590
etag: "7b6c725ae1e3af92af160df87ba31720"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3678
x-amz-cf-id: aXJ7mbo5uQ4ErzFybmDnAbz9P3knjr0kVIq0ZHrYO_XwdtQoFy2VtQ==

GET
H2 200 32f07f71-whitecheck_100p00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 542 B
963 B 178ms
5ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100p00w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 02:42:31 GMT
x-amz-version-id: LmxKFGYY2tVJiFKQ6RkMi8mxo6ufk.tK
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11744891
etag: "4825b4ea0d4c880b6307c2e7132ee9a6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 542
x-amz-cf-id: bd5wgr8vygkdPtNgwg_gBUXrDp_pwxKAL-HKlY6PzBomUMMpoO_jzA==

GET
H2 200 95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 181ms
9ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 11 Feb 2024 09:24:02 GMT
x-amz-version-id: 9NMCS_8IzTURRRZS9giD9aoOysDIloaI
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11375200
etag: "65bf040063564f89972c66052d155a51"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16499
x-amz-cf-id: 0gz8lwOyvdzpBPr2JALs_v-yFBiq7-Rm0e6kKkbyrUJnPwMJ16kj4w==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 3 KB
3 KB 180ms
8ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: iCkEDFUbAm8EBct9wRTrPXDLRl98v1Ev
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201126
etag: "88263fec2db483b6e115f831a65022a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2981
x-amz-cf-id: _R-T5wpJ6FVKvkItcT9hNhU4_e9Zv6pyGC37rcKGz3NLQn1tANoIug==

GET
H2 200 ac1a08cd-inflammation-1_108t09u08b09p009005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 44 KB
44 KB 183ms
18ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ac1a08cd-inflammation-1_108t09u08b09p009005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:51 GMT
x-amz-version-id: osFPyFCgPGu14s3dM4P8nTu8AAGvd4Hk
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715231
etag: "359ed3bb81729f290b18d9b109cf06a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 44857
x-amz-cf-id: 4qvpja6mrVQRQDLpmb9U8cqSnMsY9nH0Lq-epasQsfpvMutpi7JE2A==

GET
H2 200 4cac7528-white-215136347-1_10dm0c7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 175ms
10ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/4cac7528-white-215136347-1_10dm0c7000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: 9O4fILKo_WkuJQfin.hBuQyh.IdqMRUO
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201126
etag: "816661072aa7266a68ff0387b3c14c4e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27101
x-amz-cf-id: xlzH7BZFF7Dvwn3UF3WgZiFCs8gOBf11IbV10vMMdBorMFBUqw8wpw==

GET
H2 200 100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 23 KB
23 KB 188ms
23ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:13 GMT
x-amz-version-id: 6XP72pVzR14DRQx.9QJcpT3YPd5w7adW
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974849
etag: "9e943cd62e2bfe0bc4e138564aa93a3e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 23241
x-amz-cf-id: SOa4rnu9HWSmMN9XnEvh7uTTwVGYsczzUFiydUdYLtvOLb3fHyvd-Q==

GET
H2 200 55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 92 KB
93 KB 222ms
58ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:13 GMT
x-amz-version-id: a9fRVHOyHqGPCecFSEMueExbMqeRdOxx
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974849
etag: "49e2d3fbfeb102084be57d44c2246bb6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 94271
x-amz-cf-id: dYEjelIiRfLW2fmFo6gDVgdQot0Q3u3XtE3iAzB8QRC3Kv-iN04AzQ==

GET
H2 200 d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 22 KB
22 KB 230ms
67ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: kIP7glYSWV6cKOT8LxrL5yGzRdx5XDOX
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201126
etag: "4b457e95483072fff9080800977a4a8c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22266
x-amz-cf-id: AMZEU6TgDBUjTxEiMdW4eLZR4Lqp9FbVbAp1EUew4Qh-p_TuPuySzQ==

GET
H2 200 bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 73 KB
73 KB 236ms
73ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:13 GMT
x-amz-version-id: 37DKoMwr5JX.jU6Qsc7a1mj1vMy9gpq1
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974849
etag: "866a3982d7193270694f5153cacfd6f1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 74374
x-amz-cf-id: ytl_EMgsHG_bjva-jFRhh97tPxFLtDypWzajslUiDVnov5Bh74Iyew==

GET
H2 200 d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 17 KB
18 KB 239ms
76ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 21:45:50 GMT
x-amz-version-id: ZWZnPgjcgIofvWvSgLWeVLILlRmCNL_j
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 7356292
etag: "1ec345ee01c3de0754cc0a131de2cc90"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 17818
x-amz-cf-id: eUgGCeS-EYHQf16qnki3zqJ0oeumQiIyDKus-uB9uJtiKJiSl3QCzg==

GET
H2 200 a72f1bbb-lr-283136986-1_109o0en000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 51 KB
51 KB 243ms
80ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a72f1bbb-lr-283136986-1_109o0en000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:51 GMT
x-amz-version-id: j5KH1g63XBtZraZlbaFjkRd43732pV3R
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715231
etag: "6de55b9cb1893772e0b63bbbfd24d503"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 52060
x-amz-cf-id: wnnFgXuAPYCNWbYHC6CIXzGHpkV0Rf52aK0pGMDR15oeOGVNvcGZsA==

GET
H2 200 d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 248ms
86ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: zQoK.sjrJj3amdFBXtVv.tTePDuyPOZw
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201126
etag: "e0f67241c0cda7c8283f88e34e2a62b1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 26863
x-amz-cf-id: tRvp_4yD3nQJ0r2NvJt5-lzGyq-v_oM3UMBmhYa28Mn97WyNbvQaKA==

GET
H2 200 da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 45 KB
45 KB 250ms
89ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: F444VRF8vvRtXzo6kdun3je5gTT.ASdV
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201126
etag: "95c55c95d92c456dd43b16b64f4b3ff5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 45619
x-amz-cf-id: 2eamB7FHwWH15mH-C0AL6NHQrJZyl4p9zs_NVauE3BHGS37FXVcBfQ==

GET
H2 200 5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 266ms
105ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: qUcy8UlrjigKvCcVCGd138RmD7hgqQRM
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201126
etag: "6f566bf0ca15c5ac601a04d4b7fb5559"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1092
x-amz-cf-id: brsXRkGHtOkFJiiEkcwkFxKg5qG9OEbdyiWsvDJHVKUdZ-fqs6VN1w==

GET
H2 200 50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 926 B
1 KB 273ms
111ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:13 GMT
x-amz-version-id: w00hjJYvlzvBScNwIjCbd3339exw4_Kz
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974849
etag: "c4dea36dfe1ed65d42e45c3b855c61e3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 926
x-amz-cf-id: fNcxGH_be_ZusrGPY2KRp5ymKvr8jBBngGoHlXNGsHXUM1AGpbMEgg==

GET
H2 200 0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 67 KB
67 KB 273ms
112ms Image
image/jpeg 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:53 GMT
x-amz-version-id: RgCRyzFnKzK.Hsa60.zE9T9uZVg9f0HX
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715229
etag: "8a35e1ec124590183b3b65717bbdf858"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 68470
x-amz-cf-id: kZmh3BrWZa8XihKk7lTkNe6_bG18hboZiYBBCcwrNx5IPqj8aUwDKQ==

GET
H2 200 52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 308 B
729 B 288ms
128ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 12 Feb 2024 13:10:33 GMT
x-amz-version-id: jVXHMRq0Fc2hKH8V8H7PNFruNkialGF.
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11275209
etag: "664e0b74b02a5184054577ac4e266e5d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 308
x-amz-cf-id: 4Voow0GZqLUGJF-C6hIu_fcWzlXQ4mLOkMHuqV1YYsDVIPH5mDiYXg==

GET
H2 200 7f01bac7-five-stars-original_103m012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 778 B
1 KB 334ms
174ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/7f01bac7-five-stars-original_103m012000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 12 Feb 2024 13:10:33 GMT
x-amz-version-id: 85Ss9H5LZWro6KHfZ64KVcOa4XQTk.5A
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11275209
etag: "918ec8903473fef53c9ba0b9cf21cd8b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 778
x-amz-cf-id: rraostQTlXpNoXZcJpmoXMHTzzeps80lSuh8k4Y52AesqdTOzQLnkw==

GET
H2 200 8c77d1de-rightarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1009 B
1 KB 336ms
176ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8c77d1de-rightarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:14 GMT
x-amz-version-id: FjYrM7OuEc0JdL86yyX2sQ9INa6xVRTA
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974848
etag: "6eeccde26d2dc7f37f4370ec5f7bdef3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1009
x-amz-cf-id: a2mRj9L7VoEOs-AgcWMgjH9tIvYpx0TZbh7gE2qcnK7L2U0R0x9uvw==

GET
H2 200 382a6532-leftarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 282ms
133ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:54 GMT
x-amz-version-id: JhHNdrM5uSpVQTVYVLSum1ltGs_xvupT
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715228
etag: "38636c9904e9e46c854a0c55d99255c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1060
x-amz-cf-id: 3IXDviA3NqVUwFxTaGWQD5UNDhYIQOFBx-IrpQalW82k_ysf-UXIRw==

GET
H2 200 382a6532-leftarrow-angle_1046045000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 2 KB
2 KB 326ms
177ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_1046045000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:54 GMT
x-amz-version-id: N.RN0IV.jlTlnSg1RBhwbY_vz.0Ye7Fa
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715228
etag: "c1a8b03787621838c3a03591dad5f219"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1875
x-amz-cf-id: N2ckda7QyXjOe5j8hc8_4EnT9zCShDWeSUFeApzDYqngfG0oMjPW_w==

GET
H2 200 0a4cf109-rightarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1020 B
1 KB 285ms
137ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0a4cf109-rightarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:14 GMT
x-amz-version-id: tmVwt52LOyQzrvAirmNwgNsIz5z0RmhM
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974848
etag: "efe6e12ca3ee76495ec9ae8ee9198ca5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1020
x-amz-cf-id: R-54RqgW6rxwNR-I52kApBGzX6JXn8uBexnR05PWtvUmKzKavYHAsQ==

GET
H2 200 29f0369a-lefftarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
2 KB 331ms
183ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/29f0369a-lefftarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 20 Feb 2024 18:32:29 GMT
x-amz-version-id: .QXR6vP8XzuzbUqgoO1DsU6pOvI6FbUy
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10564693
etag: "032c54654550e68afaa8897a89466d3b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1155
x-amz-cf-id: qdUvFqImRGGrSiMF3carjvCrCx2G8bPunsT9tCE2gWC5V5PHDLkKOg==

GET
H2 200 32f07f71-whitecheck_100m00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 464 B
885 B 284ms
138ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100m00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Jan 2024 20:21:04 GMT
x-amz-version-id: VPRK5Cpm2pkPjBGKZIbG5KRmZ7kok409
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 13495778
etag: "a04ce831c57d2ab68e6238b18207182b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 464
x-amz-cf-id: gXoS97r-K3FUkozXX--Qz2L71uldehEFVpJrNarhfKdldPlAs31XDw==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 11 KB
12 KB 329ms
184ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:55 GMT
x-amz-version-id: F74NTPaoePpknLx8Of29Nyo2MmM0jcjt
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715227
etag: "5cb3c3f5b3507c11c9caac73d0935f02"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 11539
x-amz-cf-id: 6ofBo2Blp9QHXuhgZmGlSKZ8UJK0fvZSFaXpUnaqlRADH5sSJ5u_nw==

GET
H2 200 8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 56 KB
56 KB 290ms
146ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:14 GMT
x-amz-version-id: eA.W3h7iapDExVkVArHfuQM0P5IvOR60
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974848
etag: "b1ac86144722d6bb5139c086266e3a29"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 57139
x-amz-cf-id: E-oLwc3aHE9ecWyCfGowvyWjHbihutjArO7bQ-s0v6J2JzdQhiH_NA==

GET
H2 200 2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 62 KB
63 KB 309ms
166ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 24 Feb 2024 23:31:56 GMT
x-amz-version-id: Gc_Vanq8tBP_zmtlJmk13jjj5NXNIzsn
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 10201125
etag: "c20ef03d9c4142b86e99acdee2bda368"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63662
x-amz-cf-id: 7Mf4nHgu1g-vkbcStpMu_qZnyg0_o40dhtBIlW4nAGydaxnzWKKdQg==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 41 KB
41 KB 314ms
172ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 27 Feb 2024 14:23:14 GMT
x-amz-version-id: Apw7waHNbTFe6Wun77Yfd8sKXswYwczC
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 9974848
etag: "3a2b95d01cb23a2899f17b0099a335ca"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 41717
x-amz-cf-id: UbMqk0wxCCuVlRhZeESfOxp3uswTC2qlNJvcJWRW6Vn9WXxQPySrQA==

GET
H2 200 56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
16 KB 309ms
167ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 07 Feb 2024 10:56:52 GMT
x-amz-version-id: hUhujezScQ_WNQSvh8aOgV9eI3I_I5Jp
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:52:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 11715230
etag: "8ca90ce9d5610ced95d378903074b5dd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16228
x-amz-cf-id: ogG-FKPT1USzvZ-5XB2OYpWaBKgVFluM8FEgFYq3J7uKD94uRuyVsQ==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_107x0f0000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 39 KB
39 KB 325ms
185ms Image
image/png 3.160.156.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_107x0f0000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a821d04787f7c819c15c225d04602efb044b94c22562c4c2766e9945829f058c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:40:01 GMT
x-amz-version-id: xyfFUf.27t6lyttXhdHi.MT5FdMvnCTA
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 286241
etag: "12b37f28c0f70c09ae391e1c28872d07"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 39620
x-amz-cf-id: KNT74d4PNmcE2tW6MCVcOAL4Y04YFX-bHQLTgeaRaXQoPtjFOgsJeQ==

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame C6E0 0
0 433ms
337ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 89785c35daf49ba0-FRA
content-length: 325
content-type: text/html
date: Sat, 22 Jun 2024 01:10:43 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvgbV2W5CUINNcnTZ%2Bf%2FauPc7LdSSLRcWHtfXdpHuX85JswDMB%2BujW0yZIMGedslrd%2BUyfb%2BtjozFUqfDRFK3IIxPnZ88fsYsqnHdip9IiYP9w%2FAtarM9DHMyjJgjm7XGbd5rYCc%2B%2FHY0XHbfU0m"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: Wuru4abLJEMwbIS1+ChFKudw+ZdVYQVymXM0mwYIqlJs/I9ptOuDt9iGd82mVP5PqSLoneblUCU/F3GXEX7jhGDiDV42v1Fy
x-amz-request-id: E1MEDRW28HSJSQVB
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 510 KB
125 KB 176ms
25ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/videoThumbnail.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ec1cbbed320229e91a69623cd83f43b8e78f341cbc45a573dd93a3ab895592bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:42 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 804
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 127780
x-served-by: cache-iad-kcgs7200027-IAD, cache-fra-etou8220067-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018642.334767,VS0,VE0
etag: "6dcccc04e0ed00f5872fee7adce29f96"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 6

GET
H2 200 0b76a8eda7c331eb805ad8af326f611e.png
embed-ssl.wistia.com/deliveries/ 96 KB
96 KB 1379ms
14ms Image
image/png 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/0b76a8eda7c331eb805ad8af326f611e.png?image_crop_resized=1920x1080
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:16 GMT
access-control-request-method: *
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323667
edge-cache-tag: 0b76a8eda7c331eb805ad8af326f611e
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 304
content-disposition: inline
surrogate-key: 0b76a8eda7c331eb805ad8af326f611e thumbnail-delivery
last-modified: Thu, 23 Sep 2021 14:58:31 UTC
server: envoy
etag: MCRQ8DYfj2ieeWrQGMrwuPDRHns=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: Qs_248ao4v4AjIujQKYWQwB598uEcQAKm8NcyD-ky1DSwPqcVjyvzQ==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
841 B 267ms
186ms Ping
text/plain 23.36.79.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.79.34 Oslo, Norway, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-79-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3bc9d280.377047ec
date: Sat, 22 Jun 2024 01:10:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406220110426A5F68E8A9A24A2F67A7-29C1B49E82B6DD92-00
x-cache: TCP_MISS from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 128,23.36.79.30
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=31, inner; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202406220110426A5F68E8A9A24A2F67A7
x-cache-remote: TCP_MISS from a184-51-101-214.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,184.51.101.214
x-tt-trace-host: 015d2718a00bc57e667372f5fc17447c7744f10d63f12af12af1b4da868624a93834a923f4e06f2c668e38018f281871d1d314d15c9f4448d3d410334b7f51de69ad4aacf493b9d60e8bc3b0f9417e6c4a55b3ac074e0131496a246dc5992654a0fb57417397c430fb9918aae773d203ac
access-control-allow-headers: Authorization,*
expires: Sat, 22 Jun 2024 01:10:42 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 169ms
24ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1825&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1719018642268&vi=1719018640433&ri=0c9f1bb810c9c785521dd49e9a3b84ba&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 169ms
24ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1955&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1719018642270&vi=1719018640433&ri=11ea483108839230dc0f057281944691&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 64 KB
14 KB 118ms
117ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.158&r=stable&domain=pages.upwellness.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59fd70665da8fad56ca3594cf9b28922483aaa68561f49b0c34ffa8565b2e276

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 01:10:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=52, mss=1297, tbw=63587, tp=-1, tpl=-1, uplat=93, ullat=0
pragma: public
x-fb-debug: IwgofDVD9NSTLYrpYQdAh03V7Gd0NrPnsO0xOtCs/mN//GpK0nn6zEvy6iCurjufp+QdMkKUXkjlfHqamPjeSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27015508.js Show response
bat.bing.com/p/action/ 1 KB
839 B 57ms
54ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8d10991f6da2bcf90c90fbac7d48552546749b319d44c03050c1287fb781416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 22 Jun 2024 01:10:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39126A2B3304466A888F4919634843C1 Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:42Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 55ms
52ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=c5666a04-7993-4cda-9be8-636cbd02b616&sid=3f039860303411ef9f5a5f2bc36b9966&vid=3f092ec0303411ef89151360b73958a1&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&r=&lt=4375&evt=pageLoad&sv=1&rn=738487

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jun 2024 01:10:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16A90A666A464EB5A12E68C6DA79EA5A Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
284 B 1085ms
144ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sat, 22 Jun 2024 01:10:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 val.html
cdn.mediago.io/js/h/ Frame E119 0
0 100ms
31ms Document
text/html 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 65402
content-length: 9619
content-type: text/html
date: Fri, 21 Jun 2024 07:00:42 GMT
etag: "b19d57b1d930ffeb6ce750fad83fe7fe"
last-modified: Wed, 19 Jun 2024 07:00:32 GMT
server: AmazonS3
vary: Origin
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-id: zrk4qGaMQkC9RmxU2QvPk9jyXxM8iVmOsifJAhehJ9hXbTM1FzsIvg==
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: Oaanq82uoPsdCaYCvkBaR3PJCyZ8RQO_
x-cache: Hit from cloudfront

OPTIONS
H2 200 unip
trc-events.taboola.com/1225872/log/3/ Frame 0
0 1295ms
27ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1825&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1719018642268&vi=1719018640433&ri=0c9f1bb810c9c785521dd49e9a3b84ba&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 22 Jun 2024 01:10:43 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1523626/log/3/ Frame 0
0 1169ms
29ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1955&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1719018642270&vi=1719018640433&ri=11ea483108839230dc0f057281944691&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 22 Jun 2024 01:10:43 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 663ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&rl=&if=false&ts=1719018642996&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719018642984.11719601364082871&ler=empty&cdl=API_unavailable&it=1719018642498&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2885, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 01:10:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 823ms
201ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&rl=&if=false&ts=1719018642996&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719018642984.11719601364082871&ler=empty&cdl=API_unavailable&it=1719018642498&coo=false&rqm=FGET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf88107fa5c8a93eb","source_keys":["1","2"]},{"key_piece":"0x3439c6a3e88abce8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 01:10:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383128854827806374", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=16, mss=1297, tbw=6561, tp=-1, tpl=-1, uplat=180, ullat=0
pragma: no-cache
x-fb-debug: DM3GX6KPQRUw62A44l5X0pMnpEyCszu++3xPiBOTKzJ4LdB8mHxljQaIOQrCRAQgJZ/q+Odb3CgHv7NjF7qLCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383128854827806374"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 663ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&rl=&if=false&ts=1719018642999&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1719018642984.11719601364082871&ler=empty&cdl=API_unavailable&it=1719018642498&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=3195, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 01:10:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 851ms
229ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424&rl=&if=false&ts=1719018642999&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.1.1719018642984.11719601364082871&ler=empty&cdl=API_unavailable&it=1719018642498&coo=false&rqm=FGET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x88ed74d0ec714a70","source_keys":["1","2"]},{"key_piece":"0xd1f4f0a0b431e984","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 01:10:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383128854893622297", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=16, mss=1297, tbw=7805, tp=-1, tpl=-1, uplat=193, ullat=0
pragma: no-cache
x-fb-debug: oFRS9Ra9IJhZtoSLT1a6J6Cd6qHoTiQbpFYY95B+z5p4r+S7LGbEHdWLAsY65acos9Aq/F3T4Ejzazx1khm34w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383128854893622297"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 662ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_&rl=&if=false&ts=1719018643018&sw=1600&sh=1200&v=2.9.158&r=stable&ec=2&o=4126&fbp=fb.1.1719018642984.11719601364082871&ler=empty&cdl=API_unavailable&it=1719018642498&coo=false&rp_url=e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2885, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 01:10:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 821ms
199ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_&rl=&if=false&ts=1719018643018&sw=1600&sh=1200&v=2.9.158&r=stable&ec=2&o=4126&fbp=fb.1.1719018642984.11719601364082871&ler=empty&cdl=API_unavailable&it=1719018642498&coo=false&rp_url=e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289&rqm=FGET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x293bd0550b11f5a7","source_keys":["1","2"]},{"key_piece":"0x95a4cef8df18d4e1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 01:10:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383128854034356767", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=16, mss=1297, tbw=3360, tp=-1, tpl=-1, uplat=180, ullat=0
pragma: no-cache
x-fb-debug: F8LDvCt0Hq7BFvZtdFJ4PmLkRNJ0U+qPrGRyaUjaBBfNysWK3BYjaBBDupxFoKMILJ9Du7B+PWb35t97t7GgKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383128854034356767"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27015508 Show response
bat.bing.com/p/insights/t/ 711 B
1011 B 141ms
133ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/27015508

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/27015508.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2250a7d098e465546eac83bd6f16ac4497a8318442ceca5dd8ccd6e5b7a0652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 22 Jun 2024 01:10:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D386F1ADB07044A5A1EB5BE888D71F05 Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:43Z
vary: Accept-Encoding
x-azure-ref: 20240622T011043Z-165bb76fc5b95w29wtrh3v0nm800000000k0000000008gkg
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 603
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 44ms
32ms Image
image/gif 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:43 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2394
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-fra-etou8220067-FRA
x-browser-version: 126
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1719018643.283846,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4048899, 12

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 27ms
25ms XHR
application/x-mpegurl 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:43 GMT
via: 1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 58488
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 34
content-length: 935
x-request-id: 6d0bc960-72f3-4895-bb38-f2943e3f9500
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-etou8220067-FRA
x-runtime: 0.033278
x-browser-version: 126
server: envoy
x-timer: S1719018643.299542,VS0,VE1
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jpDT7yb8nx_1l7gI20ATOIgSxRsKH0K6MBPkHYgMi44kMHBQMu_F1g==
x-cache-hits: 14672, 0

GET
H2 200 a18adcb3fe4d694342677106235399fede11a10f.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 168ms
32ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:16 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323667
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 447
content-length: 13708
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xZ8hy_yk5Wv2VD329-ucrp5qTmtiOIQpErY_PaCiHRxgR-0l5p903g==
expires: Wed, 18 Jun 2025 07:16:16 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 69ms
33ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

343e195b43bec5eb57d8b9475f0789dd34e8279eab95cc503fe9f6b628bb42f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:43 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 864
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18352
x-served-by: cache-iad-kcgs7200173-IAD, cache-fra-etou8220067-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018644.554238,VS0,VE0
etag: "a11f23804133ec25d4f1937fffc932da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 4

GET
H2 200 0.7.32 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 97ms
46ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.32

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/27015508

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 22 Jun 2024 01:10:42 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 14999
last-modified: Fri, 10 May 2024 17:30:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7A293D9A62246219B6023A2C628EB04 Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:43Z
etag: W/"0x8DC7116E7C400CE"
vary: Accept-Encoding
x-azure-ref: 20240622T011043Z-165bb76fc5b7b5dsw2zycwyzqn0000000090000000007mm2
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: cc2288af-101e-0065-76e8-c3809f000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 506ms
44ms Fetch 2a02:2638:3::19
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=102531&uid=e3cd301e-bafd-4cf5-be7d-8d68a737d3fa&event_name=ItemPageView&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=05e68c8b-4692-4d98-bc47-2f5d06b79aaa

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:43 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"10925560499955151234","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 204ms
70ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 00:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 4842208
x-amzn-requestid: 2aaa3368-a7a4-4c9a-945a-902b5636d0f4
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: W280DFqAIAMEjwQ=
content-length: 22518
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-662c41b3-21a719137d76755d25b35b13
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: StkbTjrzrricYCnzUN21pYP7QUKjuGX1_htwyAaroNUC4ljrIMV44Q==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
24 KB 232ms
99ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 04:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2060210
x-amzn-requestid: 5be7f9c6-a94e-4d25-9488-830443976713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: YhEzNF7IoAMEN9g=
content-length: 23578
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6656b4e1-353d1cea3fb712505887cd7c
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: y5ISmwfLUkGGfdXoBA6ClQecNysRGoUhNh_Lo_cIzKq-B_xslNhWPQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 228ms
95ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 04:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 850694
x-amzn-requestid: e4877e07-7bdd-4e47-ae63-2941ee9e6bb0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ZPNuKFJcoAMEh4A=
content-length: 23041
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6669298d-693732526709d0181dfd4961
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BZH2I2K63RFAzaMaAks3E7cYOHwiBU2m2Bm3mXs45UgFORSD_GAl4w==

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 24 KB
25 KB 231ms
98ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Sep 2023 07:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 24448
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 23563941
x-amzn-requestid: 97ebe96c-ea3d-4a44-8236-ecdff3139ed6
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: LsxdNE1XIAMEZ9Q=
content-length: 24405
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:30:00 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-650e95ed-064949da39a17ac126be5b5e
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7-vR6jkq_lBg2GuM9h65G-SR35S1DeLfD5JUKZ5NEhxjcyH5kSIyPg==

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v53/ 28 KB
29 KB 158ms
25ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 01 Oct 2023 11:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 28512
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 22858114
x-amzn-requestid: 30f12bb6-f986-46b2-8fa9-417118b38ccb
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: MHsqrGbUoAMEc1g=
content-length: 28534
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65195b10-490613176a31144640f1b801
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0RD8nXxrIhL551i8NY-fg0nGcz1nuSYq1jzXspBuDv-3tr3xzebQIA==

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/ 2 MB
2 MB 66ms
33ms XHR
video/mp2t 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/seg-1-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:16 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323666
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 277
content-length: 1690872
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: a5AalMwrVdxbtOZDXmEoR_-uQaBh54ZuiO71y7JjzDney-W0mWWDLA==
expires: Wed, 18 Jun 2025 07:16:16 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ffd838d73e88fd6f4e77ef73ec03f4499b938eb378e15880535d6396dedba3d

Request headers

Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Inter-Extended.woff
fast.wistia.com/assets/external/fonts/ 21 KB
21 KB 54ms
21ms Font
font/woff 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/fonts/Inter-Extended.woff

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c11543a28fe6614b141106cf0375c62af8c8f65dbdb4b49a92c88b40bbabd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:44 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1216
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21400
x-served-by: cache-iad-kcgs7200020-IAD, cache-fra-etou8220067-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:47 GMT
server: AmazonS3
x-timer: S1719018644.316075,VS0,VE0
etag: "eb57772375a66db232881cc122a7d145"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 2

POST
H2 200 pageview
gtrace.mediago.io/api/bidder/track/pixel/ 0
114 B 289ms
7ms Ping
text/plain 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrace.mediago.io/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=bbcfe880a1ae47dca22e5511277e9a00&ptd=&tkd=&acd=&cpid=&v=161449716
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 eplist Show response
gtrace.mediago.io/ju/cs/ 346 B
819 B 148ms
10ms Script
application/javascript 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrace.mediago.io/ju/cs/eplist?acid=&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fpages.upwellness.com&mcb=mmgg_1719018644219_143
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: f07c1e81c02df91633bd7c4ecfdbb7646b07a01e4417c436d5da21694c837841

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:44 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https%3A%2F%2Fpages.upwellness.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 r Show response
bat.bing.com/p/insights/c/ 0
212 B 185ms
122ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/r

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-webinsights-gzip
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jun 2024 01:10:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E8251B9A99144972AFA391B0C4D32E15 Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:44Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=529&code=f1f6b29a0d016dee2xoqzp00lxpfbf02
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Df1f6b29a0d016dee2xoqzp00lxpfbf02

43 B
1 KB

46ms
44ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Df1f6b29a0d016dee2xoqzp00lxpfbf02

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
an-x-request-uuid: 11d5d53b-bba4-459e-8147-82280bf893d1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.22; 217.114.218.22; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:44 GMT
an-x-request-uuid: c476f8f4-517f-4e0c-a3a8-7f8324402f58
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Df1f6b29a0d016dee2xoqzp00lxpfbf02
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 507ms
40ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=f1f6b29a0d016dee2xoqzp00lxpfbf02

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f1f6b29a0d016dee2xoqzp00lxpfbf02
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f1f6b29a0d016dee2xoqzp00lxpfbf02&C=1

43 B
567 B

61ms
60ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f1f6b29a0d016dee2xoqzp00lxpfbf02&C=1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EdIFaoKUy18Po8HiCbj8h6%2FoL5qlj6XYnNE8%2FCA%2FCyU4KuRZEPvmycZn%2Bf%2Fp1lFWVi6M8SLuroVvPvbWPRq0EL1pFxL61ff2PXvqDW93OMk%2FIG5opNvTsJJthw6%2FQvQi72%2B5FWaInEaTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 89785c4389d16a74-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUTfRmVqMjo8EKhEXZT7Z81KFwbDZdO0EPJFngDlzFpq2PyH4vH2sZsh3ZNB1dNsJm1uOx6Z0B42Fn3L92LSK%2BYWqfyWNHS9YDU88vH5Ic%2F68zPXQmqOP6Lh14xVONJuWMVimfR8VWi0ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /crum?cm_dsp_id=215&external_user_id=f1f6b29a0d016dee2xoqzp00lxpfbf02&C=1
cache-control: no-cache
cf-ray: 89785c42d8996a74-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 35ms
30ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:17 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323667
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 151
content-length: 13708
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OEMAKo8bHqtOUdI5gpGtCiz79OgZwpgBuJAG8cbhpp9dxuBB1mMiXg==
expires: Wed, 18 Jun 2025 07:16:17 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 268 KB
269 KB 30ms
28ms XHR
video/mp2t 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-2-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:17 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323667
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 73
content-length: 274104
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7iFvy0Pq6MGwduGxQ7zX1jF3hdYyA1WZReCrBuXpAK80lFtjYt09Mg==
expires: Wed, 18 Jun 2025 07:16:17 GMT

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 265 KB
266 KB 38ms
36ms XHR
video/mp2t 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-3-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:18 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323667
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 101
content-length: 271096
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UH1s9zivaicErKLeAhemdCj9m9YSwnFYfRXrvwaN6oKqiF1kwnZ9qA==
expires: Wed, 18 Jun 2025 07:16:18 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 81 KB
21 KB 251ms
248ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0453c72ff2db6a473f2ba0d91ef41f48dd2e320bd43ff1f8fb9e04314519264

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 805
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21782
x-served-by: cache-iad-kcgs7200108-IAD, cache-fra-etou8220067-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018645.119536,VS0,VE0
etag: "b4a321b999f46e57b1176981b8ac6d42"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34, 8

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 93F9
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...

0
0

158ms
152ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=164688367158510880&dcc=t

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1864
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 22 Jun 2024 01:10:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TDMER900AYKTV0D4D6M5

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 22 Jun 2024 01:10:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=164688367158510880&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZY2XDHXTEVFWHWNMMDG3

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
329 B 582ms
117ms Fetch
text/plain 2600:9000:2240:f600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 0
content-length: 2
x-amz-cf-id: CsdVNWcumE5IDbxh3vIPT3pjhleKUvJYgJlRvsE3VOmqKh9WMoWErA==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FD3B6271C64F42B9A51F55B3CFBD509C&RedC=c.clarity.ms&MXFR=1F6051F564C76B2E266F455360C765B3
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FD3B6271C64F42B9A51F55B3CFBD509C&MUID=05D5F0B93FD3601538E3E41F3E1361EC

42 B
443 B

66ms
57ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FD3B6271C64F42B9A51F55B3CFBD509C&MUID=05D5F0B93FD3601538E3E41F3E1361EC
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
last-modified: Wed, 19 Jun 2024 18:40:50 GMT
server: Microsoft-IIS/10.0
etag: "2c9f213578c2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AA79590A11649A2B1BE6F3722C8D08C Ref B: DUS30EDGE0407 Ref C: 2024-06-22T01:10:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FD3B6271C64F42B9A51F55B3CFBD509C&MUID=05D5F0B93FD3601538E3E41F3E1361EC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 415ms
397ms Script
application/javascript 23.195.255.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.195.255.69 Oslo, Norway, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-255-69.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.e64d2417.1719018645.6bfef02
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
alt-svc: h3=":443"; ma=600
content-length: 2108
quic-version: 0x00000001

GET
H2 200 ct.html
ct.pinterest.com/ Frame 3254 0
0 526ms
100ms Document
text/html 23.195.255.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.255.69 Oslo, Norway, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-255-69.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

akamai-grn: 0.ed4d2417.1719018645.c76f81a
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 01:10:45 GMT
pinterest-version: ea7c913d1adcbb6fa3baa49abbfb88c249c35ad2
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1189768544874189

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame DF10 170 B
232 B 121ms
120ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-8wwkr1_-Qt9qH3NrE-qH0ptcYAXugMkpye0CUg&google_cm&google_hm=ay04d3drcjFfLVF0OXFIM05yRS1xSDBwdGNZQVh1Z01rcHllMENVZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame DF10 43 B
235 B 358ms
31ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-yCzkeF_-Qt9qH3NrE-qH0ptcYAXfjdAT-S0yyA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 01:10:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame DF10
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4894843279716763173

43 B
370 B

50ms
34ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4894843279716763173

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1024954
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
an-x-request-uuid: 07c2d981-bc7b-46a3-aa56-06bc221d2932
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4894843279716763173
x-proxy-origin: 217.114.218.22; 217.114.218.22; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame DF10 43 B
163 B 350ms
32ms Image
image/gif 91.134.110.137
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-zcOtf1_-Qt9qH3NrE-qH0ptcYAXnoWiMryIVUA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.110.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-91-134-110.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame DF10 0
98 B 109ms
81ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-4lqfel_-Qt9qH3NrE-qH0ptcYAWhaVzRhpJPWw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33165

GET
H2

200

RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003
sync.targeting.unrulymedia.com/csync/ Frame DF10
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-lpeGz1_-Qt9qH3NrE-qH0ptcYAV8KZWnUByc5A
https://sync.1rx.io/usersync/criteodsp/k-lpeGz1_-Qt9qH3NrE-qH0ptcYAV8KZWnUByc5A?zcc=1&cb=1719018645607
https://sync.targeting.unrulymedia.com/csync/RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003

43 B
378 B

119ms
30ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame DF10 49 B
342 B 361ms
37ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-z33481_-Qt9qH3NrE-qH0ptcYAXfBmqNyk3a5w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2 200 rum
r.casalemedia.com/ Frame DF10 43 B
312 B 157ms
140ms Image
image/gif 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-chMOll_-Qt9qH3NrE-qH0ptcYAUplN4CYAjbLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RwRFRfP1d7ADNdUXaQhSFieISoF%2FtLDQiDFQmfiCykDDJ3Dii3tDfdGevjWJrL72JsY9SWdihEqGF8TSui2KuwKsSesIc35VCeFGPpJPBH0pwjqzELUYKfprPJcf5S%2FxFxt"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 89785c456d136a74-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame DF10
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=xaxqzZDv1honDUl88kiffgl10qHOySLm
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xaxqzZDv1honDUl88kiffgl10qHOySLm

42 B
718 B

53ms
52ms

Image
image/gif

54.171.118.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xaxqzZDv1honDUl88kiffgl10qHOySLm

Protocol

Server

54.171.118.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-118-212.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v061-0eb52e419.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: bMl6vFvfQ+g=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v061-08b7c0de8.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 28WtbRmFStw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xaxqzZDv1honDUl88kiffgl10qHOySLm
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame DF10 43 B
1 KB 344ms
22ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-3iHa1F_-Qt9qH3NrE-qH0ptcYAWqft5W5XJT8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 22 Jun 2024 01:10:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame DF10 43 B
199 B 365ms
45ms Image
image/gif 34.252.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-qkG4c1_-Qt9qH3NrE-qH0ptcYAXheC4e_cyTaA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.252.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-94-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 01:10:45 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame DF10 42 B
274 B 166ms
38ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-PkMi31_-Qt9qH3NrE-qH0ptcYAXkN7VtnTLMAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:44 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame DF10 60 B
816 B 278ms
118ms Image
image/gif 23.195.254.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Dm958F_-Qt9qH3NrE-qH0ptcYAWTnSjRBKKj0w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.254.55 Oslo, Norway, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-254-55.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 22 Jun 2024 01:10:45 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 60
x-mnet-hl2: E
expires: Sat, 22 Jun 2024 01:10:45 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame DF10 0
877 B 125ms
25ms Image
text/html 52.28.199.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-cSiPel_-Qt9qH3NrE-qH0ptcYAU7etkVPePaiw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.199.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-199-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame DF10 43 B
423 B 769ms
200ms Image
image/gif 100.22.10.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-tEMl2l_-Qt9qH3NrE-qH0ptcYAWHNjNrniB6cg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.22.10.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-22-10-94.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:46 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame DF10 0
218 B 707ms
195ms Image
text/plain 64.74.236.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-sffFrF_-Qt9qH3NrE-qH0ptcYAVO7tGvG6fZhQ&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 01:10:46 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 6119ba91924bfde33b7158331fbe25ab
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame DF10 0
225 B 200ms
36ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YRhFBl_-Qt9qH3NrE-qH0ptcYAUh4NNTBpRE5w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 01:10:45 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame DF10 0
239 B 131ms
27ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-h3PVt1_-Qt9qH3NrE-qH0ptcYAV1D4-o9nKOQQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame DF10 0
35 B 137ms
24ms Image
text/plain 18.196.133.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-rT3Lvl_-Qt9qH3NrE-qH0ptcYAUu1z-dBIkGvg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.133.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-133-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame DF10 23 B
163 B 585ms
190ms Image
image/gif 23.195.255.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-0_UDnl_-Qt9qH3NrE-qH0ptcYAUSEJFGtvE4fg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.255.234 Oslo, Norway, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-255-234.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 22 Jun 2024 01:10:46 GMT
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:46 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame DF10 43 B
398 B 563ms
139ms Image
image/gif 2600:1f18:612b:4216:ada6:3be7:f947:657b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-oYNN71_-Qt9qH3NrE-qH0ptcYAWKd7AP5sjFpw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:ada6:3be7:f947:657b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 22 Jun 2024 01:10:46 GMT
server: nginx
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame DF10 37 B
140 B 356ms
30ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-6hGr_V_-Qt9qH3NrE-qH0ptcYAWuuFMR3OZMOQ&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame DF10 43 B
153 B 361ms
42ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-ugDO1l_-Qt9qH3NrE-qH0ptcYAVrUeaM-Pxkpw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 01:10:46 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame DF10 0
235 B 459ms
153ms Image
text/plain 2.20.160.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Mj27eV_-Qt9qH3NrE-qH0ptcYAUUulEQmjh88g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.160.190 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-160-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 22 Jun 2024 01:10:46 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 21 Jun 2024 01:10:46 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame DF10 0
38 B 354ms
47ms Image
text/plain 34.242.166.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-kBQwrV_-Qt9qH3NrE-qH0ptcYAUddppxHjJv-A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.166.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-166-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:46 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame DF10 0
44 B 313ms
25ms Image
text/plain 35.156.11.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-wnZvZ1_-Qt9qH3NrE-qH0ptcYAVcdaz3uSvPYg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.11.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-11-56.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:46 GMT
server: awselb/2.0

GET
H2

200

pixel
cm.adform.net/ Frame DF10
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ
https://c1.adform.net/serving/cookie/match?CC=1&party=10015&cid=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ&adform_v=1

43 B
163 B

485ms
79ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ&adform_v=1
Protocol: H2
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 22 Jun 2024 01:10:46 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-v5Wfe1_-Qt9qH3NrE-qH0ptcYAUCRH8ecgIumQ&adform_v=1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

POST
H2 204 x
distillery.wistia.com/ 0
0 426ms
126ms Fetch 18.173.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-63.fra56.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
via: 1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: 2gIGU_WHrB1YdqKnbnPTd6xyB7JKEVI4wqplGWSGj87B49e-FrYODA==

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
169 B 134ms
50ms XHR
application/x-mpegurl 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:45 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 2
x-amz-cf-pop: IAD89-C3
x-cache: HIT
x-envoy-upstream-service-time: 34
content-length: 935
x-request-id: 6d0bc960-72f3-4895-bb38-f2943e3f9500
x-served-by: cache-fra-etou8220067-FRA
x-runtime: 0.033278
x-browser-version: 126
server: envoy
x-timer: S1719018646.604786,VS0,VE1
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jpDT7yb8nx_1l7gI20ATOIgSxRsKH0K6MBPkHYgMi44kMHBQMu_F1g==
x-cache-hits: 1

GET
H2 200 a3591ba5e949a37083cc6f5a4191e903.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 706ms
0ms Script
text/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca8c45e76cb8b6fe8ebfc708d87a777b61f30bb9b0e561a4411df49e01e1289b

Security Headers

Name	Value
Content-Security-Policy	media-src ; default-src 'none'; img-src blob: data:; base-uri 'none'; worker-src blob:; object-src 'none'; frame-ancestors 'self' .sentry.io; style-src 'unsafe-inline'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=9a0119989f23cfd302a3c53b85a0aaf861f709b9
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: media-src *; default-src 'none'; img-src * blob: data:; base-uri 'none'; worker-src blob:; object-src 'none'; frame-ancestors 'self' *.sentry.io; style-src * 'unsafe-inline'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=9a0119989f23cfd302a3c53b85a0aaf861f709b9
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 01:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 7
x-envoy-upstream-service-time: 20
content-length: 1279
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-94b79c7d6-jllzs, cache-chi-klot8100079-CHI, cache-fra-etou8220043-FRA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 63ms
31ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=5059&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1719018645502&vi=1719018640433&ri=0c9f1bb810c9c785521dd49e9a3b84ba&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 71ms
40ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=5060&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1719018645503&vi=1719018640433&ri=11ea483108839230dc0f057281944691&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1225872/log/3/ Frame 0
0 105ms
22ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=5059&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1719018645502&vi=1719018640433&ri=0c9f1bb810c9c785521dd49e9a3b84ba&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 22 Jun 2024 01:10:45 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1523626/log/3/ Frame 0
0 105ms
22ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=5060&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1719018645503&vi=1719018640433&ri=11ea483108839230dc0f057281944691&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 22 Jun 2024 01:10:45 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 setuid
ib.adnxs.com/ Frame DF10 43 B
1 KB 30ms
30ms Image
image/gif 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-kpIkP1_-Qt9qH3NrE-qH0ptcYAU-GgZ8KfVvnA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 01:10:45 GMT
an-x-request-uuid: 28c81886-86be-4a6f-a09c-0568979f45cb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 48 KB
12 KB 30ms
25ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a205a917503b34b47bbea593b34b03f3fa5f5ada21894e90c36507eac825a4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://pages.upwellness.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:10:46 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 918
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12252
x-served-by: cache-iad-kcgs7200065-IAD, cache-fra-etou8220067-FRA
x-browser-version: 126
last-modified: Fri, 21 Jun 2024 15:56:43 GMT
server: AmazonS3
x-timer: S1719018646.170708,VS0,VE0
etag: "d217cf921e49d5ce764cec30959f36aa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 9cc58ba11e7c9a8dc763a3666c28c5aa981ef160
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17, 5

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
327 B 223ms
59ms Fetch
text/plain 2600:9000:2240:f600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Jun 2024 01:10:46 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: 6qCe98VlHgkLKO0Kr-9nwoF9FsKxc5R_VZZ1f0zYnELus27MQ-JzFA==

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
284 B 194ms
165ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sat, 22 Jun 2024 01:10:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 seg-4-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 276 KB
277 KB 209ms
0ms XHR
video/mp2t 2600:9000:211e:f800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-4-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 07:16:20 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 323666
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 108
content-length: 283128
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5pIElY0kK80HlkHr7JFSXA8NkU506D4Wv7eQRmOtxYNLxOmhUIGfOQ==
expires: Wed, 18 Jun 2025 07:16:20 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
284 B 681ms
341ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sat, 22 Jun 2024 01:10:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
327 B 346ms
318ms Fetch
text/plain 2600:9000:2240:f600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Jun 2024 01:10:47 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: lePgujTuZJV9snvTP1AW25OwIxiF-OzLuWJQDcwq5SoKn1Tdr4Kz9w==

GET
H2 200 favicon-152.png
www.upwellness.com/wp-content/uploads/2015/10/ 18 KB
18 KB 747ms
269ms Other
image/png 23.23.204.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.23.204.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-204-175.compute-1.amazonaws.com
Software: Pagely-ARES/1.20.1 /
Resource Hash: c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 13 Jul 2024 08:12:06 GMT
x-gateway-request-id: b5e2bc8bf2ed1e619496bf31e7e22aac
date: Sat, 22 Jun 2024 01:10:49 GMT
last-modified: Fri, 23 Sep 2022 23:00:59 GMT
server: Pagely-ARES/1.20.1
etag: "4700-5e96026b3c0c0"
x-gateway-skip-cache: 0
content-type: image/png
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18176
x-gateway-cache-status: HIT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
284 B 252ms
250ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sat, 22 Jun 2024 01:10:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 38ms
34ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=11061&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=6000&msa=15353&rv=1&tim=1719018651504&vi=1719018640433&ri=0c9f1bb810c9c785521dd49e9a3b84ba&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 39ms
35ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=11062&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=6000&msa=15353&rv=1&tim=1719018651505&vi=1719018640433&ri=11ea483108839230dc0f057281944691&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU0NDc1MDUxMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Sat, 22 Jun 2024 01:10:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1225872/log/3/ Frame 0
0 1361ms
1360ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=11061&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=6000&msa=15353&rv=1&tim=1719018651504&vi=1719018640433&ri=0c9f1bb810c9c785521dd49e9a3b84ba&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 22 Jun 2024 01:10:52 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1523626/log/3/ Frame 0
0 1361ms
1361ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=11062&scd=0&ssd=1&est=1719018640440&ver=36&isls=true&src=i&invt=6000&msa=15353&rv=1&tim=1719018651505&vi=1719018640433&ri=11ea483108839230dc0f057281944691&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D1026188de9b01a94896d1d0b83dabc%26n%3Dtune%26AFFID%3D477232%26subid%3D199_AJK062424
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sat, 22 Jun 2024 01:10:52 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.unbounce.com
URL: blob:https://app.unbounce.com/c2c86836-85c4-4208-aa3a-de3102bacb01

Domain: app.unbounce.com
URL: blob:https://app.unbounce.com/64aa29ec-2429-4ae1-b84f-9c9a8d1af351

Domain: views.unsplash.com
URL: https://views.unsplash.com/v?app_id=27955&photo_id=0tgmnmiyq9y,0tgmnmiyq9y,0tgmnmiyq9y

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-fps/	1970-01-21 01:55:16	Name: ubpv Value: an%2C6d2c7105-ebae-455a-91f2-47af4209ed5f
.liadm.com/j	1970-01-21 07:06:18	Name: lidid Value: ca5d8d40-f2d8-4d73-a439-3279f5e27a4c
go.welldaily.com/	1970-01-20 21:40:23	Name: enc_aff_session_67 Value: ENC0307037b82a12b11fbc2a9b055c5757b946f92106a3f6ca68ae59aa0f1853718b2d3bf22bfffcd587d957ca4621faaeacf2a9bd330038d6c5c4d4f3545caf8d078333ef75585553c1a40c9feb36f20257275714c62a0e6374d90561a6038ae14656742a39fee9c922d21a9a5968270ad02f05e7be18ce335aeaace151886281e39172e30e5
go.welldaily.com/	1970-01-21 07:06:18	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
pages.upwellness.com/	1970-01-21 01:49:30	Name: ubvs Value: 42d51acf-1edb-45fd-884c-50dc2d5dd81c
.upwellness.com/	1970-01-20 21:34:37	Name: ubvt Value: v2%7C42d51acf-1edb-45fd-884c-50dc2d5dd81c%7C6d2c7105-ebae-455a-91f2-47af4209ed5f%3Aan%3Aweighted%3Aweighted
.pages.upwellness.com/	1970-01-20 21:30:20	Name: __cf_bm Value: 90dYme8jnQZH4Uy53_xdyObhWWqhUTQuRXWqBmHDDpA-1719018638-1.0.1.1-2k141Kq4a3FRefA_S8dKZG7_IAgJwK4OtKDg6t9.UC5LYoYHx.opA9FxqiSM7otK6l_FKZCLB2_gWZIoDBUDeQ
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-21 07:06:18	Name: _lc2_fpi Value: f0f26c15fa8f--01j0yqxksnt6y1fge06ywm2rpn
.upwellness.com/	1970-01-21 07:06:18	Name: _lc2_fpi_meta Value: {%22w%22:1719018639157}
.js.ubembed.com/	1970-01-20 21:30:20	Name: __cf_bm Value: Up6l.sbGv2J48GN0Bp9TYjKCUQ1P0g1Yz1XrZoOCjIA-1719018639-1.0.1.1-ranmoR6WWWtlKyQ2Wc1Gu9HB.AB34ixvnKyxZa3vrEpe4Ip0jW4BwyKxqtukTmPwfe3Lpfujm4RF5XgTE7DfzQ
.tiktok.com/	1970-01-21 06:51:54	Name: _ttp Value: 2iDIII47CaUFfazPehsQ53JrWIE
.liadm.com/	1970-01-21 07:06:18	Name: lidid Value: ca5d8d40-f2d8-4d73-a439-3279f5e27a4c
.upwellness.com/	1970-01-20 23:39:54	Name: _gcl_au Value: 1.1.1459351703.1719018640
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: 4D1C65F950BFDA01903D7ED2471FA800
.upwellness.com/	1970-01-21 07:06:18	Name: ucacid Value: 1832882456.876220
.store.upwellness.com/	1970-01-21 07:06:18	Name: ucacid Value: 1832882456.876220
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcTAZ__wtwyJZGCwrnn2
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcTAZ__wtwyJZGCwrnn2.n377
.upwellness.com/	1970-01-21 07:06:18	Name: __nbpix_uid Value: 1-497xqfvs-lxpfbbxl
.criteo.com/	1970-01-21 06:51:54	Name: uid Value: e3cd301e-bafd-4cf5-be7d-8d68a737d3fa
.criteo.com/	1970-01-21 06:51:54	Name: receive-cookie-deprecation Value: 1
www.clarity.ms/	1970-01-21 06:15:54	Name: CLID Value: 678b695d80eb42a5872eec05c1a6a5fa.20240622.20250622
.upwellness.com/	1970-01-20 22:13:30	Name: ndp_session_id Value: d774f864-4540-40d5-9731-244dc6ac3dfb
.upwellness.com/	1970-01-21 06:59:42	Name: cto_bundle Value: YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWhSJTJGajRyS0RkektheDIxWHdLaXVOak9MY3NxTGxpTkI5UndEb3psNFc5UUlJWktqVGRueERpVyUyQlJ6RHcyZ05MS0FLMlpDMGtNdjlTNkVUQW5pSE5kdTlaN0pwQmdrWjZsWDR5Y0FVVyUyQlVKTWN1NXhxS21tdVUwZmxJalI5Vzk4dnFjdU10N1pmcWtNYUY2TSUzRA
pages.upwellness.com/	1970-01-20 21:30:18	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1719018641023%7D
.upwellness.com/	1970-01-20 21:31:45	Name: _gid Value: GA1.2.907140848.1719018641
.upwellness.com/	1970-01-20 21:30:18	Name: _dc_gtm_UA-28307243-3 Value: 1
.upwellness.com/	1970-01-21 07:06:18	Name: _ga_E56T163DF6 Value: GS1.1.1719018641.1.0.1719018641.0.0.0
.upwellness.com/	1970-01-21 07:06:18	Name: _ga Value: GA1.1.1497118249.1719018641
.upwellness.com/	1970-01-21 06:51:54	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-21 06:51:54	Name: _ttp Value: 5-Rr4rwihMzMRu5dh5bv2VoPQle
.pages.upwellness.com/	1970-01-21 06:15:54	Name: _pin_unauth Value: dWlkPU1qaGlNak15WW1NdE5tUTVZUzAwWlRVNUxUZzVOMlF0Tm1Oak5UVXpNalE0WlRVNA
.pinterest.com/	1970-01-21 06:15:54	Name: ar_debug Value: 1
store.upwellness.com/	1970-01-20 21:40:23	Name: AWSALB Value: cExW4LqIzk6Jvo9lqcKn5b0v1CLjzCm0YG7UKXcTMu7JliiEQt1W2iSkKpifHF+7NgB68+IqqoOJsTU8aEVadnHjvTJW0qNe3zZ5Y2knoxwqmrt9iRMvUoVtZOhr
store.upwellness.com/	1970-01-20 21:40:23	Name: AWSALBCORS Value: cExW4LqIzk6Jvo9lqcKn5b0v1CLjzCm0YG7UKXcTMu7JliiEQt1W2iSkKpifHF+7NgB68+IqqoOJsTU8aEVadnHjvTJW0qNe3zZ5Y2knoxwqmrt9iRMvUoVtZOhr
.store.upwellness.com/	1970-01-21 06:15:54	Name: UPWEL-ANP Value: 6141
.upwellness.com/	1970-01-21 06:15:54	Name: _clck Value: h1j0cc%7C2%7Cfmu%7C0%7C1634
.bing.com/	1970-01-21 06:51:54	Name: MUID Value: 05D5F0B93FD3601538E3E41F3E1361EC
.upwellness.com/	1970-01-21 06:15:54	Name: _mg_ckp Value: eyJja1RrZERGIjoiIn0=
.upwellness.com/	1970-01-20 23:39:54	Name: _fbp Value: fb.1.1719018642984.11719601364082871
.bat.bing.com/	1970-01-21 06:51:54	Name: MSPTC Value: QEdZOuSs7xpGtIxffV6cZQtJMGw81Egco4YEIBZbTYQ
.unsplash.com/	1970-01-21 06:15:54	Name: ugid Value: 05a4c4f68389c153ce24738849e81ebe5730062
.upwellness.com/	1970-01-20 21:31:45	Name: _clsk Value: yimxu2%7C1719018643857%7C1%7C1%7Cr.clarity.ms%2Fcollect
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.upwellness.com/	1970-01-21 06:15:54	Name: __mguid_ Value: bd9dbdc6fd9a4cb5a1935f999a4d567b
.upwellness.com/	1970-01-20 21:31:45	Name: _uetsid Value: 3f039860303411ef9f5a5f2bc36b9966\|jqblgl\|2\|fmu\|0\|1634
.mediago.io/	1970-01-21 06:15:54	Name: __mguid_ Value: f1f6b29a0d016dee2xoqzp00lxpfbf02
gtrace.mediago.io/	1970-01-21 06:15:54	Name: cst_44 Value: ts=1719018644
gtrace.mediago.io/	1970-01-21 06:15:54	Name: cst_70 Value: ts=1719018644
gtrace.mediago.io/	1970-01-21 06:15:54	Name: cst_78 Value: ts=1719018644
.upwellness.com/	1970-01-21 06:51:54	Name: _uetvid Value: 3f092ec0303411ef89151360b73958a1\|1sl0wwo\|1719018644792\|1\|1\|bat.bing.com/p/insights/c/r
.adnxs.com/	1970-01-20 23:39:54	Name: XANDR_PANID Value: PP3QAfxM7KmXaBzQHXioB92ocpIQOgcH5o-hCkanFJo7YAVUIXyAfUbabpWo60tBEX8GHJcss96Q0U4QV_sgy-dl6VBOvCopOo_bswcLFOY.
.adnxs.com/	1970-01-21 07:06:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:39:54	Name: uuid2 Value: 4894843279716763173
.casalemedia.com/	1970-01-21 06:15:54	Name: CMID Value: ZnYklLmqPZAAABuzAiYUmQAA
.casalemedia.com/	1970-01-20 23:39:54	Name: CMPS Value: 3243
.casalemedia.com/	1970-01-20 23:39:54	Name: CMPRO Value: 3243
.1rx.io/	1970-01-21 06:15:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003%22%7D
.omnitagjs.com/	1970-01-20 22:13:30	Name: ayl_visitor Value: 2779d4c2def202409fe8785c28d97cbf
.criteo.com/	1970-01-21 06:51:54	Name: cto_bundle Value: le8BRF9hSGw1NkhYdjhJJTJCNGJueFo1OEZ5b0pJQ1NGRGJYdThvOFFoNjZnOE5nZ0NIbzluZlpEOW11Y2hBWWNBbTFLdXo
exchange.mediavine.com/	1970-01-20 21:50:28	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2240ecad20-3034-11ef-9732-93e928c18abd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:50:28	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2240ecad20-3034-11ef-9732-93e928c18abd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:50:28	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2240ecad20-3034-11ef-9732-93e928c18abd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:50:28	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2240ecad20-3034-11ef-9732-93e928c18abd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:50:28	Name: criteo Value: %7B%22id%22%3A%22k-cSiPel_-Qt9qH3NrE-qH0ptcYAU7etkVPePaiw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 23:39:54	Name: anj Value: dTM7k!M41$E:2jUF']wIg2GU#ie4L7!]tbPl1MzM(ZqWiUY:0PVX^k=E^QNNN^C7AG<y0#MYU90NS-'#9!D3XN[`fyT?gH.<QJ<:IJdX]IK<yPEk$b$<pNL$-wD/L8UQtaexwZdn5`:qqGnaz2(%Kh0:ao_46Q#^eAz)N[UD!!+P81?2ab
.c.bing.com/	1970-01-20 21:40:23	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:51:54	Name: SRM_B Value: 05D5F0B93FD3601538E3E41F3E1361EC
.targeting.unrulymedia.com/	1970-01-21 06:15:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a96058f2-b2ce-4095-831f-604e7b8d5bde-003%22%7D
.media.net/	1970-01-21 06:15:54	Name: visitor-id Value: 3620202458280657000V10
.media.net/	1970-01-20 22:13:30	Name: data-c-ts Value: 1719018645
.media.net/	1970-01-20 22:13:30	Name: data-c Value: k-Dm958F_-Qt9qH3NrE-qH0ptcYAWTnSjRBKKj0w~~3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:51:54	Name: MUID Value: 05D5F0B93FD3601538E3E41F3E1361EC
.c.clarity.ms/	1970-01-20 21:40:23	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:30:19	Name: ANONCHK Value: 0
.amazon-adsystem.com/	1970-01-21 02:08:13	Name: ad-id Value: A9hcj0phwkeolwhqVQHuN-Q
.amazon-adsystem.com/	1970-01-21 07:06:18	Name: ad-privacy Value: 0
.demdex.net/	1970-01-21 01:49:30	Name: demdex Value: 51994383891608574944199441193192244149
.dpm.demdex.net/	1970-01-21 01:49:30	Name: dpm Value: 51994383891608574944199441193192244149
.adform.net/	1970-01-20 22:13:30	Name: C Value: 1
.tremorhub.com/	1970-01-21 06:16:15	Name: tvid Value: b0ab2ecdc8b643a3a28769b2dadb93b5
.tremorhub.com/	1970-01-20 22:13:30	Name: tv_UICR Value: k-oYNN71_-Qt9qH3NrE-qH0ptcYAWKd7AP5sjFpw
.postrelease.com/	1970-01-21 06:15:54	Name: opt_out Value: 1
ads.samba.tv/	1970-01-21 06:59:06	Name: sambapxid Value: 133c995a1194c82ef
.adform.net/	1970-01-20 22:56:42	Name: uid Value: 4573187264447462560
.csync.loopme.me/	1970-01-20 23:42:47	Name: viewer_token Value: db9b8e3f-a5a0-4c72-9a57-f39420f79404
.kargo.com/	1970-01-21 06:15:54	Name: ktcid Value: 6e0bf7c1-92b9-01f5-5d72-02dfdeb5075d
.doubleclick.net/	1970-01-21 06:51:54	Name: IDE Value: AHWqTUm-YdlEkkIgPki1T5-tYvLIVU99xIIJ1PH5kVJPY_FG-gfTg9G5WsSyBxfQOHo
.bidswitch.net/	1970-01-21 06:15:54	Name: tuuid Value: 7bd804fb-6429-4c6c-bf9c-42618af02391
.bidswitch.net/	1970-01-21 06:15:54	Name: c Value: 1719018647
.bidswitch.net/	1970-01-21 06:15:54	Name: tuuid_lu Value: 1719018647
.agkn.com/	1970-01-21 06:15:54	Name: ab Value: 0001%3Axev9EIEsbQk7lxGPmeS1BMi5QaTFl9sh
.ninthdecimal.com/	1970-01-21 06:15:54	Name: ndat Value: CppEQGZ2JJgWJgAWN67lAg==
.bluekai.com/	1970-01-21 01:53:49	Name: bku Value: b/X99JQA5ZRRNHW5
.bluekai.com/	1970-01-21 01:53:49	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.ispot.tv/	1970-01-21 07:06:18	Name: pt Value: v2:c81282fcf34bb120ced002c9c5fe6637bb3f664cf48b93e7ce0ec10cb032e89f\|aae16830931a9227cd8166cfdc9c43ef5ece383952a0faec6cae57f2f38e55cc
.semasio.net/	1970-01-21 06:15:54	Name: SEUNCY Value: 12EF39F2744DE21E

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/rightarrow-hr.original.png?1615572696 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424(Line 9) Message: Not allowed to load local resource: blob:https://app.unbounce.com/c2c86836-85c4-4208-aa3a-de3102bacb01
javascript	error	URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424(Line 9) Message: Not allowed to load local resource: blob:https://app.unbounce.com/64aa29ec-2429-4ae1-b84f-9c9a8d1af351
network	error	URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://sslwidget.criteo.com/event?a=102531&v=5.25.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YDkttl8lMkJUU2VWeEY3ek1iNkQxMDBlcndNN3d5TEFDbWhSJTJGajRyS0RkektheDIxWHdLaXVOak9MY3NxTGxpTkI5UndEb3psNFc5UUlJWktqVGRueERpVyUyQlJ6RHcyZ05MS0FLMlpDMGtNdjlTNkVUQW5pSE5kdTlaN0pwQmdrWjZsWDR5Y0FVVyUyQlVKTWN1NXhxS21tdVUwZmxJalI5Vzk4dnFjdU10N1pmcWtNYUY2TSUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D1026188de9b01a94896d1d0b83dabc%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D199_AJK062424&ceid=05e68c8b-4692-4d98-bc47-2f5d06b79aaa Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=1026188de9b01a94896d1d0b83dabc&n=tune&AFFID=477232&subid=199_AJK062424 Message: The resource https://pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/rightarrow-hr.original.png?1615572696 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
ads.nextdoor.com
amplify.outbrain.com
analytics.tiktok.com
app.unbounce.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
business.newsbreak.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.js.customerlabs.co
cdn.mediago.io
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
exchange.mediavine.com
fast.wistia.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
js.sentry-cdn.com
live.upwellness.com
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
pages.upwellness.com
pipedream.wistia.com
pixel.rubiconproject.com
psb.taboola.com
r.casalemedia.com
r.clarity.ms
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
s.yimg.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
views.unsplash.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.upwellness.com
x.bidswitch.net
app.unbounce.com
views.unsplash.com
100.22.10.94
104.17.25.14
104.18.39.181
108.138.26.11
13.224.189.28
13.32.27.30
13.32.27.60
13.32.99.41
13.32.99.8
141.226.228.48
142.250.184.226
142.250.184.227
142.250.185.72
142.250.186.130
142.250.186.36
151.101.129.44
151.101.193.44
162.19.138.119
172.217.16.194
172.64.151.101
172.64.153.235
178.250.1.9
18.173.205.63
18.196.133.194
18.66.137.31
185.255.84.153
198.47.127.205
2.20.160.190
20.119.174.243
2001:4860:4802:32::36
23.195.254.55
23.195.255.234
23.195.255.69
23.23.204.175
23.36.79.34
23.49.23.62
2600:1f18:612b:4216:ada6:3be7:f947:657b
2600:1f18:730:b130:4ba7:5b34:86e8:a7d1
2600:9000:211e:f800:1e:c86:4140:93a1
2600:9000:2240:f600:3:471f:5240:93a1
2600:9000:275d:9c00:8:8845:1500:93a1
2606:4700:3034::ac43:a9b0
2606:4700:3035::6815:2f0c
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:80e::2008
2a00:1450:4001:81d::200e
2a00:1450:400c:c06::9b
2a02:2638:3::19
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:f500:4a3::1931
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::729
2a04:4e42::644
3.160.156.17
3.255.41.64
3.93.168.254
34.117.157.22
34.242.166.188
34.252.94.32
35.156.11.56
35.214.149.91
35.214.168.80
35.83.134.44
37.157.2.230
37.157.6.254
37.252.171.149
46.228.174.117
52.202.134.190
52.210.234.44
52.28.199.32
52.46.143.56
52.71.241.246
54.171.118.212
54.201.114.42
64.74.236.95
68.219.88.97
69.173.144.165
74.119.117.16
76.223.111.18
85.215.5.31
91.134.110.137
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
00eee560bb3a1ceb7e71b694fa510bbe92b2dd9281c73cfb4dd32bbb05ad5c68
016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3
0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea
1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67
1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df
1c11543a28fe6614b141106cf0375c62af8c8f65dbdb4b49a92c88b40bbabd64
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062
2320dedcba47b72953ef6f5f81daa4f72bff68ec4caf27cd802cb0b6a5e08249
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09
2b0baefd7b6508147642a0f5a571f4d2b842f481916d221efcfcaca162dc19b3
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
2ecefb5809e37a48cbbde3e05b7644e9e5ce8bf50cff86c9b8c8860566338203
2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4
30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
343e195b43bec5eb57d8b9475f0789dd34e8279eab95cc503fe9f6b628bb42f8
35f1dc3738bc589f6d6818d5f6babf4242cff97a51ed7f81360dfc41a7fd1192
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
3958a64f8d3b4eff9740972db23739dd969516f400522fff511a642c153f1ea6
3a12d32020ead1533d6ddc03b2815edb4c88001568c5ccc3a5535dec7f7709bc
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b
3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265
44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883
47b361adead27b77c208bb8b4197e31dfe54733c463ea5b1b19436ce9aea7b79
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3
59daf8f216d8fef55b83e09206ff69182b099767f65ed350bc49db194e17a2b7
59fd70665da8fad56ca3594cf9b28922483aaa68561f49b0c34ffa8565b2e276
5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5f1496033d8bd1f171d88c6ec05b0c699e366e6111fb2c7d654d3befc3a88b80
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2
65478324af6132cc0d48f2360bbde9a943d33f173df9095c9fc645797e5ccf49
6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
732e9c812e78ebeb5bc2defca1c70b7a33e35dbd83729acbe61cc53b4ad6ef30
75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae
77313e98e6af4853670ab8157db6f68bd2077b7c69027e284e20c34ae7d10aac
7763a06458f51a4647ddc0aa72304dac9d3bc9de670f32ca20ee65ba4237f164
77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d470e83686d770c884ff37aa8257edfbcfa0a3294ee3b753fc062033944e4c
874e13046ee321750c37e2d5380bc542c262d4e2e9bdf42a5f31ba4cace28239
89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0e7e3afee39fdf54ecfda43d23886e66d72453d9652166573b64389c61f26d
8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2
9ffd838d73e88fd6f4e77ef73ec03f4499b938eb378e15880535d6396dedba3d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67
a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5
a205a917503b34b47bbea593b34b03f3fa5f5ada21894e90c36507eac825a4c7
a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a821d04787f7c819c15c225d04602efb044b94c22562c4c2766e9945829f058c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268
af00d0fdcf585d3f2d709cfd4e9c78e92576b3d8637dd9c0452e9cfca8d82194
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8d10991f6da2bcf90c90fbac7d48552546749b319d44c03050c1287fb781416
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8
bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928
c6135495c794218719321b784a025fdc62a9271cd4d31df19b1940e037f58740
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
c84a6bfc027c476c666c489c50c2611877eca16db056447023d200f5d40ab8bf
ca42d780056b0f9574379c78e677eaa52e200e5feab0fb4089680dfb4af5757f
ca8c45e76cb8b6fe8ebfc708d87a777b61f30bb9b0e561a4411df49e01e1289b
cc5312d22d2b77487914fcb75444bf364c48b1ba2fec6669cbbdb9a5b3463355
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
d0453c72ff2db6a473f2ba0d91ef41f48dd2e320bd43ff1f8fb9e04314519264
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650
d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
da55caf7472d1245408e8a37b1daec3c7288c19021520316cc7b7e832eb34f07
dac6c87bab7c5afb7ec64ca048346548349fe322e4aada6f9051778e0e4cee00
dc0cca62892a59d1de77937749ec1556bcc87bdd12964f2ad28b1487fe501c8b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde551df39ac4858745352bb6ba3b5e0fc3c80a76cce201dafe53639bd516c70
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e
e358ac9219c2bfde08ebd2b62efe991cc0e27671ec64bdc5b6b15a5c195107de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e7f25d70bdb618bba3b9ee06c7a5789861f392c47a7e3be0968eb343fc018069
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389
ec1cbbed320229e91a69623cd83f43b8e78f341cbc45a573dd93a3ab895592bf
ed2a9af3791670c5ade591edad02a436628e5661a8864823b8a02d5b64e88524
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f07c1e81c02df91633bd7c4ecfdbb7646b07a01e4417c436d5da21694c837841
f13cca074c4adfc4edebb44c55950668c654f82c00d55b093f651801c2f7af7b
f2250a7d098e465546eac83bd6f16ac4497a8318442ceca5dd8ccd6e5b7a0652
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

pages.upwellness.com Open in urlscan Pro 172.64.153.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

212 Requests

93 %HTTPS

26 %IPv6

60 Domains

94 Subdomains

82 IPs

10 Countries

7048 kBTransfer

11224 kBSize

99 Cookies

0 Outgoing links

Page URL History

Redirected requests

212 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
172.64.153.235 Public Scan

Screenshot
Live screenshot

Full Image

212
Requests

93 %
HTTPS

26 %
IPv6

60
Domains

94
Subdomains

82
IPs

10
Countries

7048 kB
Transfer

11224 kB
Size

99
Cookies

212 HTTP transactions
3 data transactions