pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/10045518/746255798/_bb42b4b0856b66ca1d1296c7da5443fef5bb9c8e/d501440adb6ea98e038ef8e...
Effective URL:
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&m...
Submission: On July 28 via api (July 28th 2023, 4:43:04 am UTC) from BE — Scanned from DE

Summary HTTP 125 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 38 domains to perform 125 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.210.234.44 52.210.234.44	16509 (AMAZON-02) (AMAZON-02)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
3	54.230.112.98 54.230.112.98	16509 (AMAZON-02) (AMAZON-02)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	52.203.160.179 52.203.160.179	14618 (AMAZON-AES) (AMAZON-AES)
1	52.92.177.209 52.92.177.209	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:600:b:3165:13c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:1600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:350... 2a02:26f0:3500:887::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.238.137.106 44.238.137.106	16509 (AMAZON-02) (AMAZON-02)
7	23.36.162.137 23.36.162.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.36.109 108.138.36.109	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.11 108.138.36.11	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.23.204.175 23.23.204.175	14618 (AMAZON-AES) (AMAZON-AES)
1	52.92.248.96 52.92.248.96	16509 (AMAZON-02) (AMAZON-02)
6	13.32.99.67 13.32.99.67	16509 (AMAZON-02) (AMAZON-02)
2	52.222.250.226 52.222.250.226	16509 (AMAZON-02) (AMAZON-02)
1	35.169.121.207 35.169.121.207	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	2600:1f18:730... 2600:1f18:730:b140:231f:659f:da19:e372	14618 (AMAZON-AES) (AMAZON-AES)
1	204.236.226.117 204.236.226.117	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.137.31 18.66.137.31	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:237... 2600:9000:237d:3600:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1	18.173.154.87 18.173.154.87	16509 (AMAZON-02) (AMAZON-02)
1	52.36.7.214 52.36.7.214	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.124 108.138.17.124	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::681a:8a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.146.248.82 54.146.248.82	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
125	53

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.234.44 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-234-44.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.112.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-112-98.mrs52.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.160.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-160-179.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.177.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

lq3-production01.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:600:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wbjksx0xxdn3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a96 (United States)

ASN13335 (CLOUDFLARENET, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:887::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.238.137.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-137-106.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.36.162.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-137.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-109.muc50.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-11.muc50.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.204.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com

www.thealternativedaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.248.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.250.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-226.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.121.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-121-207.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:231f:659f:da19:e372 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.236.226.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-204-236-226-117.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-31.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:3600:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-87.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.7.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-7-214.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-124.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:8a2 (United States)

ASN13335 (CLOUDFLARENET, US)

api.leadquizzes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.248.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-248-82.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	660 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 755	225 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 897 trc.taboola.com — Cisco Umbrella Rank: 637 trc-events.taboola.com — Cisco Umbrella Rank: 1903	22 KB
6	leadquizzes.com api.leadquizzes.com — Cisco Umbrella Rank: 197560	1 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5650	906 B
6	google.com www.google.com — Cisco Umbrella Rank: 3	906 B
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 114	8 KB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 26217	91 KB
6	upwellness.com pages.upwellness.com live.upwellness.com store.upwellness.com	52 KB
5	cloudfront.net d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net d2cli4kgl5uxre.cloudfront.net	58 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	278 B
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3189 tr.outbrain.com — Cisco Umbrella Rank: 2962 wave.outbrain.com — Cisco Umbrella Rank: 4228	8 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	156 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 66124 api.useproof.com — Cisco Umbrella Rank: 62422	601 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3669 gum.criteo.com — Cisco Umbrella Rank: 421 mug.criteo.com — Cisco Umbrella Rank: 2491	27 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 812	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1851	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 367	13 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 595	8 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3065 rp.liadm.com — Cisco Umbrella Rank: 1669 rp4.liadm.com — Cisco Umbrella Rank: 6773	17 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 20811	39 KB
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 229453	200 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1249	880 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 774 script.hotjar.com — Cisco Umbrella Rank: 961	60 KB
2	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 4203 trace.mediago.io — Cisco Umbrella Rank: 978	26 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 35475 business.newsbreak.com — Cisco Umbrella Rank: 12880	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6101 flask.nextdoor.com — Cisco Umbrella Rank: 5575	4 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 882	20 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 12688	51 KB
2	amazonaws.com lq3-production01.s3.amazonaws.com — Cisco Umbrella Rank: 253019 s3-us-west-2.amazonaws.com	34 KB
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 97908	711 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2794	258 B
1	gstatic.com www.gstatic.com	114 KB
1	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 109135
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 28948	282 B
1	thealternativedaily.com www.thealternativedaily.com — Cisco Umbrella Rank: 921329	6 KB
1	welldaily.com 1 redirects go.welldaily.com	2 KB
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 425290	728 B
125	38

	Domain	Requested by
9	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
7	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
6	api.leadquizzes.com	lq3-production01.s3.amazonaws.com
6	www.google.de	pages.upwellness.com
6	www.google.com	pages.upwellness.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
5	googleads.g.doubleclick.net	www.googletagmanager.com
4	trc-events.taboola.com	cdn.taboola.com
4	www.facebook.com	pages.upwellness.com
4	connect.facebook.net	pages.upwellness.com connect.facebook.net
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
3	ct.pinterest.com	s.pinimg.com pages.upwellness.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
3	builder-assets.unbounce.com	pages.upwellness.com
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	sp.analytics.yahoo.com	pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tr.outbrain.com	amplify.outbrain.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	d1wbjksx0xxdn3.cloudfront.net	pages.upwellness.com d1wbjksx0xxdn3.cloudfront.net
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	flask.nextdoor.com	pages.upwellness.com
1	vc.hotjar.io	script.hotjar.com
1	www.gstatic.com	cdn.useproof.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	business.newsbreak.com	static.newsbreak.com
1	script.hotjar.com	static.hotjar.com
1	trace.mediago.io	pages.upwellness.com
1	d2cli4kgl5uxre.cloudfront.net	cdn.mediago.io
1	cdn.js.customerlabs.co	pages.upwellness.com
1	mug.criteo.com	pages.upwellness.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	wave.outbrain.com	amplify.outbrain.com
1	events.ub-analytics.com	pages.upwellness.com
1	s3-us-west-2.amazonaws.com	lq3-production01.s3.amazonaws.com
1	www.thealternativedaily.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	cdn.mediago.io	pages.upwellness.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	lq3-production01.s3.amazonaws.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	pages.upwellness.com
1	go.welldaily.com	1 redirects
1	links.paleohacks-mailing.com	1 redirects
125	59

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
live.upwellness.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
store.upwellness.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com E1	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
useproof.com GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-06-25` - `2024-07-23`	a year	crt.sh
*.mediago.io Amazon RSA 2048 M02	`2023-02-24` - `2023-10-05`	7 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
thealternativedaily.com R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
leadquizzes.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-14`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
proofapi.com GTS CA 1P5	`2023-07-05` - `2023-10-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Frame ID: C87BCE82F4846BBC00AF9E3B27A5895F
Requests: 112 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 8893A3C59C609AC35BDFBD99FDBEEC64
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 1D318BEC93B357E17E477F738C8B44BA
Requests: 6 HTTP requests in this frame

Frame: https://d2cli4kgl5uxre.cloudfront.net/js/h/val.html?postM=1
Frame ID: F3F0204E5F185241B278A5F653DCF942
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 7571DAFB91F45F4B346657ACD105F665
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/10045518/746255798/_bb42b4b0856b66ca1d1296c7da5443fef5bb9c8e/d50... HTTP 302
https://go.welldaily.com/aff_c?offer_id=77&aff_id=10&aff_sub=PH72623seg HTTP 302
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

98 %
HTTPS

42 %
IPv6

38
Domains

59
Subdomains

53
IPs

7
Countries

2330 kB
Transfer

5650 kB
Size

44
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/10045518/746255798/_bb42b4b0856b66ca1d1296c7da5443fef5bb9c8e/d501440adb6ea98e038ef8ecbaa342cb4eaf90ab HTTP 302
https://go.welldaily.com/aff_c?offer_id=77&aff_id=10&aff_sub=PH72623seg HTTP 302
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://rp.liadm.com/j?dtstmp=1690519379380&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat&tna=v2.7.8&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1690519379380&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat&tna=v2.7.8&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOjRkY2M6YTI5YjpjZWZm&n3pc=true

Request Chain 56

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sZR3DHxpdEcrVXdJUzhIQkEvdTZkRG5vempuTzdzQVZJZ0k0OXYwTzVUQlNLQW9VVjV4UWpjYlk0UHZFUWltSU9IOW9POWlXL29pQVZIZWp2R1VhM2VzN01lSnpYNGJHSHZ3TDZYOU0xY0V6bnFMV1BFUWJZVW8xTW1WOXlPSlg2bkkzS1M5YkhvdDJxNlcxMDQzeXNreHNMRWpUdU90V0RuOU5lbFEzNDBvdGJzYUlUZVBHT1UvTEZJRHdxWUZob011Z3hsNUZ3NjN3cmloaU1EUXJTYmRMcW5Ha2VDNkhaQU54NE5HZTYzdTF0RlFKQitxVExNNnZqL3NKMitnTXo0anZ1UTlEazVuWkVrSzZtMUZyWFdZd1paYVRlelZUVGM4QXNKNFQ0OXlxV2xLYz18&cppv=2

125 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/inflammation-quiz/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/10045518/746255798/_bb42b4b0856b66ca1d1296c7da5443fef5bb9c8e/d501440adb6ea98e038ef8ecbaa342cb4eaf90ab
https://go.welldaily.com/aff_c?offer_id=77&aff_id=10&aff_sub=PH72623seg
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10

70 KB
17 KB

62ms
19ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ffba72759f855fee68eb688b30849a824b21451b43b13e8bd856a0d94d267561

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 16837
content-location: https://pages.upwellness.com/inflammation-quiz/
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 04:42:58 GMT
etag: "au:fb47005a60fd4e489e1df1b75b7ac5c8"
link: <https://pages.upwellness.com/inflammation-quiz/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: ce51cc0b-0e94-443c-a27a-24c78d18f232
x-unbounce-variant: au
x-unbounce-visitorid: fb47005a-60fd-4e48-9e1d-f1b75b7ac5c8

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 400
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 28 Jul 2023 04:42:58 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102fe8185b5e80eaeab04d1a2a160f
X-Request-Id: c2719cd4c2aa6fcc0b4ed82a0d8ee7fb
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 99ms
22ms Stylesheet
text/css 54.230.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.112.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-112-98.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 11:07:40 GMT
content-encoding: gzip
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
x-amz-version-id: fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop: MRS52-C1
age: 1186519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Tue, 11 Jul 2023 16:18:48 GMT
server: AmazonS3
etag: "99b89a3d5f7bab4f89aad694ef70a6d8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UBOjPFWODKGd9DsUOa18649yinhkK1HVzamM5udmrYKuzmJXyT9s2w==

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 466ms
192ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 101ms
24ms Script
application/javascript 54.230.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.112.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-112-98.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 22:41:01 GMT
content-encoding: gzip
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
x-amz-version-id: uI8w06J0UzcnXn9oTabYfaMp2H13iXKf
x-amz-cf-pop: MRS52-C1
age: 1490518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Mon, 10 Jul 2023 18:38:42 GMT
server: AmazonS3
etag: "09e354b7ed01f391bca5d5c3c8594df2"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HV4RtiZW3pZjjRL5d93PiVN0ZtycRzJfxAyVEVSeGeZel2xZPAF_Yw==

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
804 B 390ms
108ms Script
text/javascript 52.203.160.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.160.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-160-179.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 109ms
109ms Script
text/javascript 52.203.160.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.160.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-160-179.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 851

GET
H/1.1 200
OK yauvnbjuvs5jog.js Show response
lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/ 28 KB
29 KB 566ms
194ms Script
text/javascript 52.92.177.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.177.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ced5b747fe92122e8fb38c867ac67b80ffba333bd3d42285cdecbff43073a6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 04:42:59 GMT
x-amz-version-id: hjCZun1v9BnPFkxqCgFAEUqn2KnRYokY
Last-Modified: Tue, 17 Jan 2023 11:02:39 GMT
Server: AmazonS3
x-amz-request-id: 0FF6QJE53A39KN4J
ETag: "5239a9f634a4d1ebed837869f45fb3cb-1"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Cache-Control: no-cache
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 29033
x-amz-id-2: wRlTPvbx+movG4tLcOH+NY+eeNbWXztMRFl2vXxMAqDkDp9FWfRGO+pT9tVEG+PrC8SNYqNNwp4=
Expires: 0

GET
H2 200 ub.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 5 KB
2 KB 81ms
21ms Script
application/javascript 2600:9000:21f3:600:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:600:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:24:21 GMT
content-encoding: gzip
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-version-id: DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop: FRA2-C2
age: 2719119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1864
last-modified: Mon, 26 Jun 2023 16:59:10 GMT
server: AmazonS3
etag: "118cee1e64f6b283233c55aee7da10da"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3LmHL9HdzlqtLWl18WPeMgcTeD8IgJzb6UzbRs9qTUOHI0S7zaqcsg==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 222ms
176ms Script
application/javascript 2606:4700::6812:a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9b8bd32739cf2c8bae28e0e7d122fc8ea56a588931a6071ff79bc1966c8777f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"c1a25e1d6816d6d62e7914c952b1818c-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 7eda75673bc72bee-FRA

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 45 KB
15 KB 51ms
11ms Script
application/javascript 2600:9000:225e:1600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4fd685de2e746658201c54a2ac810b327fa3aba727fa7f787d8eee00ccec0267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:18:44 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 5055
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 6KMQi3kujxfyC5uRSgki76zyKVOccAYi5UsMqAS4txYhWRTNd1uepQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
66 KB 52ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f77d46b52dc81fc9bc9295133402e15e7b27bde1e0c8be1c78a5554c0a45acd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67794
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 59ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85c6e11094ea33a2ca02a14e96eb0fc927d1b8f1a0735a317ab34a82277e31b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72394
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
79 KB 60ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f70bfa6c4d4c151c6e6bf0b1d26c1093e8f05ad38231708a8d34fff5cf167a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81085
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
19 KB 51ms
16ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c67226c4f4029abbab42bff4669f1b2f45918c814466caa74f2f55eeb5b5ba8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1ade42fcd41956dfa10ce86bb5f61c95a4f20c1ca951789a04a69443d895e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73375
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 main.bundle-85a7477.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 26ms
24ms Script
application/javascript 54.230.112.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.112.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-112-98.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 11:07:40 GMT
content-encoding: gzip
via: 1.1 d8ba22a2a925887b5431a679476593d8.cloudfront.net (CloudFront)
x-amz-version-id: TsqXEulHpCIWQfLEsYTo7.zRFGF4af5e
x-amz-cf-pop: MRS52-C1
age: 1186520
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33747
last-modified: Mon, 10 Jul 2023 18:38:42 GMT
server: AmazonS3
etag: "6ce35e88e5299f623189adcaf266b9b3"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sRC2GiVYKb89snymsbE1EonLYUV1R98AzPe9BJxM05eOj_8WETzRPA==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 80ms
26ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H6WQCW6APBRBRCJ9
age: 15290824
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: vM+BMECrCORW9FJ+rHMQf57UtypTW4x/blOCBNGkW80f7RL4qXXnsbQ/1PrS2xXuBPa/piNmWbg=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv%2BBx1vZcqa4McP4ioWeIimb9Z2FGMpEafw5emaY21MJsAK3tgIAVw1Aqybi4cBKKJC0rF9hyCeLb63tcmv6VcMx42mOnotnjfzPzT7O9wnkU4Hjr66wcFORXI5i%2FlgqSRQd%2FX4m3I6VKgCFe9u8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7eda75675ae93624-FRA

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 215 B
1 KB 163ms
162ms Script
text/javascript 52.203.160.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/inflammation-quiz/%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.203.160.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-160-179.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c94bb17fbc1da1c48cbc77934044dd68941572c180ae6df4f1afff92ff798550

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 144

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 174 KB
47 KB 38ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80d28a0a340093ea7e8b629615f9319284068b2054fb932c0239e6ac8cb94058

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jul 2023 04:42:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47506
x-xss-protection: 0
pragma: public
x-fb-debug: p37f61TYWvW/7ZYH0UydyR1B3uv19+PoWtr7MpT/dXgXEPbjg6q1Vo/sMiDkTtk2/92u5JkB6cxZ9ow98Gc4fA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 92ms
28ms Script
application/javascript 2a02:26f0:3500:887::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "b890a703adcb559f5e5d300aa7e4294f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1466

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 79ms
17ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:41:48 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NQGR6SXKRYG4THF8
age: 72
x-amz-server-side-encryption: AES256
x-amz-id-2: kb+h3NHm1w9U5yiWj2g4+i31MMPn5YutWhrI+gK8vZcKs4zS7BJAFoRw1J9bkdVIATLISNm7a4o=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 177ms
112ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de3a3f753ac18fd87c4630e324ad3ed97f7cb1fb41d35ed4d5d3c84c187e281d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: IPTrDVmiCw3lAlBbX2m75jcpHKJA1BVT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 28 Jul 2023 04:42:59 GMT
x-amz-request-id: Z9TDBY77BJBHK2WQ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18354
x-amz-id-2: 4V2XUB45fPn8zEu050uU5wig2Br2aZEsTCZh9/ye8ZjYxW5I7yfJrOPxD34dCxoY9vLhtu5UyG4=
x-served-by: cache-fra-eddf8230095-FRA
last-modified: Sun, 09 Jul 2023 11:14:15 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690519379.159063,VS0,VE106
etag: "b2b05481a7d5435837a854a45977a392"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 50ms
7ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0844c9a128728f4e84141e98d0fa5db90fa06cf757183718264ac3496d002e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 04:42:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jul 2023 08:40:38 GMT
Server: AkamaiNetStorage
ETag: "701f08190563f6a4fa49df65f3431bb4:1690366448.397601"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7062
Expires: Fri, 28 Jul 2023 05:02:59 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
3 KB 586ms
182ms Script
application/javascript 44.238.137.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.137.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-137-106.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

a42263d2056f54920618e06d5019d6a25a9b058021054cc8b3dd08255925fe6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 19:06:32 GMT
server: istio-envoy
etag: W/"64becbb8-1c02"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 172ms
113ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e4554ecf492a5cf1681be4d982ade8d8827fcd979cde5438af4684fdb98ed463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id: c421fb51
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length: 1414
pragma: no-cache
server: nginx
x-tt-logid: 202307280442592053883A593E5096F563
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.160.137
x-tt-trace-host: 017dc06d77903ca0ba5871c5dd190e1c9a5d403ab26401bc44f9da2ee733fa8955bda5489227a651738efb0e6f8fbb8300fadf468a1c3adefe475cd38e33975bc5d88ec3515785221996efb1371ad831525699beeeae9101570a2838687a48990c
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 101ms
16ms Script
application/javascript 108.138.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1690588800000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-109.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
date: Fri, 28 Jul 2023 00:31:37 GMT
x-amz-cf-pop: MUC50-P2
age: 15346
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: O3OBzxD6uy0P5Dz0SQFSumX4x6La2IVkUHjnC2rN8JtC1DoSnxpIWw==

GET
H2 200 pixel.js Show response
cdn.mediago.io/js/ 26 KB
26 KB 61ms
15ms Script
application/javascript 108.138.36.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/pixel.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-11.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37b976ac6a9338da3b8c6cdd8906ddd14add06bbea122629c956ca331f653cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: XYrTzTbqsDS8y_SYq5q0XpfTigYsvOFo
date: Fri, 28 Jul 2023 02:34:18 GMT
via: 1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 06:12:11 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 7763
x-amz-server-side-encryption: AES256
etag: "461a220676b1f0c3982b65bffda90f2e"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 26184
x-amz-cf-id: sMcIUsUgGu121FTvDzgqEGVmhUdZ3jM9NoR37YO_iafcR25k3NcieA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
68 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36211f7227a549b27cc5e4abe5ad6c72dd87c63294d1714ad97f79bf3b87827a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69330
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 129ms
118ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 584323a2420393638791f47389addf0e8acb772847846eb19b2a9274db1b5945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id: c421fb59
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
content-length: 1829
pragma: no-cache
server: nginx
x-tt-logid: 20230728044259FE8BE4AC46F38991C5B9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.36.160.137
x-tt-trace-host: 017dc06d77903ca0ba5871c5dd190e1c9a5d403ab26401bc44f9da2ee733fa8955e719449406824d1aac7e19cf9225df5858f7a73868f31e72b6d4b3c81ef3f9746715e91f4ce19624e7c17e3af29045112c89fbcb30c5feb6cc5275b8aaf748ef
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 10 KB
4 KB 68ms
40ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

586ad1f5ccb3041bd9778e18d183819056d2bd3f52598dce216e353643bf298f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 04:42:59 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/2709829b56af5b6e5a2eaf476aae40bf
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5t6XyMrknEqRHQcWZsoq1zZWmI96tG8xEskNPDBQPtIlEzNc9U0J_Q==

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 68ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 28 Jul 2023 04:42:58 GMT
last-modified: Mon, 17 Jul 2023 22:20:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B43969BC7AE847C38831F1FE7B0902F7 Ref B: FRAEDGE1412 Ref C: 2023-07-28T04:42:59Z
etag: "060e2effcb8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12438

GET
H2 200 getmyscorebtn.jpg
www.thealternativedaily.com/wp-content/uploads/2016/07/ 6 KB
6 KB 341ms
97ms Image
image/jpeg 23.23.204.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thealternativedaily.com/wp-content/uploads/2016/07/getmyscorebtn.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.23.204.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-204-175.compute-1.amazonaws.com
Software: Pagely-ARES/1.10.28 /
Resource Hash: 008a49b472b118119bb608c77a2548e473338a1ebcba56942253a6c056b8c1aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Sat, 12 Aug 2023 05:52:14 GMT
x-gateway-request-id: 0be119ecc4fd0d2d0e549c0477e476fb
date: Fri, 28 Jul 2023 04:42:59 GMT
last-modified: Fri, 23 Sep 2022 21:18:49 GMT
server: Pagely-ARES/1.10.28
etag: "632e22b9-1741"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 0||https|www.thealternativedaily.com|||/wp-content/uploads/2016/07/getmyscorebtn.jpg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5953
x-gateway-cache-status: HIT

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp-2.14.0.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 98 KB
30 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:600:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by: Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:600:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:20:26 GMT
content-encoding: gzip
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-version-id: 0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop: FRA2-C2
age: 2719354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30399
last-modified: Mon, 26 Jun 2023 16:59:50 GMT
server: AmazonS3
etag: "73de733c308b8b5e44d2a6242dc4bd99"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hlN3XJxRsptdfzrVenvHDzwaacLzs04I4D1kNHWV5_AnnlcPIQmNZQ==

GET
H/1.1 200
OK global-tracking.css
s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/ 5 KB
5 KB 569ms
198ms Stylesheet
text/css 52.92.248.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.248.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 189d627cc048280c5d155a07a318138f662df0d1ffced3eb687024f5345175a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 04:43:00 GMT
x-amz-version-id: .zZcEAkgY2IsHf8uyG3CwBul3v9vUK1V
Last-Modified: Mon, 11 Apr 2022 15:45:24 GMT
Server: AmazonS3
x-amz-request-id: KVFCG00ZZMW7N356
ETag: "3ef6a357ce69dfdbd0fc95cd908b7211"
Content-Type: text/css
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 4781
x-amz-id-2: mB8BjcVrVbRAkeLH1mI68mmrX1O3n9JMm/h5peINtgbTfmEPf1UWyFk4MARGXwwqET4Fn6MLxKE=
Expires: 1970-01-01T00:00:00.000Z

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
537 B 117ms
116ms Stylesheet
text/plain 52.203.160.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.8425244670161491&r=&u=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.203.160.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-160-179.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
BLOB 200
OK 839a9e88-16fc-41ae-8368-0c30570d863c
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/839a9e88-16fc-41ae-8368-0c30570d863c
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 8 KB
1 KB 408ms
345ms Stylesheet
text/css 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

7caff6ec921ac5193a702bf43b93ab4f1446c2d95cd6feb1637d7690272e5bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 63ad2535-9c3f-4962-af0e-b1b05eab5500
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: IwgVEHeGIAMFkqw=
content-length: 876
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-64c34753-5981d9427cbc8ddf63c9fed3
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: WwEZOPF-54wMiLc06or26CcHEVD2e1361eINOmED-8eA8coR5QFnMA==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 3 KB
3 KB 44ms
8ms Image
image/png 52.222.250.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-226.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 18 May 2023 19:11:52 GMT
x-amz-version-id: d10zZDO1jLLF8r9s77WkrHiVCLjRZliJ
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Fri, 05 May 2023 15:29:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6082267
etag: "88263fec2db483b6e115f831a65022a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2981
x-amz-cf-id: -ceL48hY1dz2cMU94W_3vGbDG8oe_zvlK8zLR_SiWPS2Ea_UF_XSEQ==

GET
H2 200 a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 7 KB
8 KB 35ms
8ms Image
image/jpeg 52.222.250.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-226.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cddbd04fb6a2bc681de9bd4558b7062169322c73e095466a592152ea9e6fad8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:34:49 GMT
x-amz-version-id: tTiRn0cWmt8FCcq8iYNxVydurx3yu0HI
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 10:47:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22514891
etag: "e3f1dbb540892e17d5db8c78f7d25dac"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 7563
x-amz-cf-id: wCMHB31xJakYjoIBpG1Veudrlitot5lYBa2T0bnB4cADd4mhVKktcg==

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 315ms
98ms Image
image/gif 35.169.121.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1690519379102&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=0346e89b-ebc6-4250-9dc6-934af21a5aad&dtm=1690519379100&vp=1600x1200&ds=1600x2908&vid=1&sid=c6e986be-b04a-4f96-87ff-687960a9a831&duid=7109a513-7188-415e-a7c5-ae0c4a07d3d7&uid=fb47005a-60fd-4e48-9e1d-f1b75b7ac5c8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYXUiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.121.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-121-207.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 146844809012010 Show response
connect.facebook.net/signals/config/ 378 KB
109 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146844809012010?v=next&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6ef27a85d1dc06c15bda35f9cccf37d8c64559068414a5cb326bd1b7c2efc8f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Jul 2023 04:42:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: nJcwxX4DpK/sfhmBHEa/fbPQC+S+cEX1Mk463rmrVNBCGJfSwyGlittZ7x4xOZceHZM00lpLy4q43eSNsPGz9Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8893 15 KB
6 KB 54ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 04:42:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 265976
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

806e15a79c3ffd13bd4b526bcc77d9db41dd8050289f6a453d7cdef060b5100e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72436
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
79 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a55802ce0c8a4282d90e90deca61d3ee3b6ea86b5f2cb7aa0459700299e9a13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81172
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
2 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1690519379184&cv=11&fst=1690519379184&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=83891883.1690519379&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18202259e18c6d888b9b98496ba7756f4455d7d0936df1859641881c4bf6e8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1405
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
2 KB 56ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1690519379199&cv=11&fst=1690519379199&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=83891883.1690519379&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19cc782887b7abf491b565af3f692fb8147b597f42083efc35dabef63a510f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1404
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.bd3e0b05.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 13ms
13ms Script
application/javascript 2a02:26f0:3500:887::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "6dcfe4ec85689b22c849d9ef7f4b6487"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18133

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 1D31 325 B
794 B 400ms
400ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7eda75688c0d3624-FRA
content-length: 325
content-type: text/html
date: Fri, 28 Jul 2023 04:42:59 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1bfQg%2BqJTvUqZvrT72P%2F1Fn9eeHSXV15rZBEOx6JgOUhmJcNM2Y64dm0hoDuEq%2BNZ3YfjpGum5q1W9K03PSatLv0I4IvMHsrwbBxFYVtuvrQy0kZAvIbzV0%2B1zFyF%2BH797DmQ6qTEa1%2Bg5jG461"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: CoP6Z/6C8vP82ibeMtsXwJvK3ZMNJZyQgXXcojW14oXghZ9y/5uj6w92OuKRbDej19TUyMyis3w=
x-amz-request-id: KVF9NSM760DGJK5A
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
2 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1690519379311&cv=11&fst=1690519379311&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=83891883.1690519379&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f02e520332b4430b947d74c1d0978589459d594b71a0534383e53a1ed9678394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1405
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1690519379357&cv=11&fst=1690519379357&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=83891883.1690519379&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

651ef401f9832f368a4ac3a86739364bd9f14061389434743ca2b6115dbfd81f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
259 B 374ms
88ms Ping
image/gif 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=03270477630514983&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 04:42:59 GMT
Cache-Control: no-cache
content-encoding: gzip
X-TraceId: fb4ea03493b96f804910a89d164e027a
Content-Length: 63
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 372ms
88ms Script
application/javascript 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
X-TraceId: 4679c37c2d6316d555b09f565312573e
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK 00e83052a71a1dff3bc62d5d40765808fc Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
399 B 478ms
456ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Fri, 28 Jul 2023 04:42:59 GMT
ob-sent-time: 1690519379772
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=300
X-CC: DE
Connection: keep-alive
X-TraceId: d7beae1499105bf179858faee4f5e756
Content-Length: 2
Expires: Fri, 28 Jul 2023 04:47:59 GMT

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
707 B 48ms
22ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 06:16:53 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DQWXNZEZZP4HNRGM
age: 80767
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: 8+hjrEBUqrvsATe9eiXLWIu78LYjV26OUeThj9oSqY0a7IwZhmd08FV/ROMAtfdjKfaiUDC/NaK8viP9l1YvRGXgCS1lucinYMkZgIohwmE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
402 B 49ms
23ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 12:04:23 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: KM8G0Y1NESFA9SQS
age: 59917
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: lMunV2/175m9CpXcyyQki1JklgArHwDBqawyc3L4+nsPe8zwKdgSPKLGLyGk0KgEA817+zm3TtKb+pI5kK6Ez8H69Sfh2CLS+hMRzHIllro=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1690519379380&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat&tna=v2.7.8&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26se...
https://rp4.liadm.com/j?dtstmp=1690519379380&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat&tna=v2.7.8&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26s...

13 B
552 B

331ms
99ms

XHR
application/json

204.236.226.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1690519379380&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat&tna=v2.7.8&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOjRkY2M6YTI5YjpjZWZm&n3pc=true

Requested by

Protocol

Server

204.236.226.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-204-236-226-117.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:43:00 GMT
x-pixel-event-id: ca00e79b-0375-428f-b04c-895de7c1f56b
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 21687756c7a9f7de
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 28 Jul 2023 04:42:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1690519379380&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat&tna=v2.7.8&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMTphYzg6MjA6M2QwMDoxMDEyOjRkY2M6YTI5YjpjZWZm&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: 7fea742924c62caf
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8893
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=sZR3DHxpdEcrVXdJUzhIQkEvdTZkRG5vempuTzdzQVZJZ0k0OXYwTzVUQlNLQW9VVjV4UWpjYlk0UHZFUWltSU9IOW9POWlXL29pQVZIZWp2R1VhM2VzN01lSnpYNGJHSHZ3TDZYOU0xY0V6bnFMV1BFUWJZVW8xTW1WOX...

422 B
652 B

61ms
19ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sZR3DHxpdEcrVXdJUzhIQkEvdTZkRG5vempuTzdzQVZJZ0k0OXYwTzVUQlNLQW9VVjV4UWpjYlk0UHZFUWltSU9IOW9POWlXL29pQVZIZWp2R1VhM2VzN01lSnpYNGJHSHZ3TDZYOU0xY0V6bnFMV1BFUWJZVW8xTW1WOXlPSlg2bkkzS1M5YkhvdDJxNlcxMDQzeXNreHNMRWpUdU90V0RuOU5lbFEzNDBvdGJzYUlUZVBHT1UvTEZJRHdxWUZob011Z3hsNUZ3NjN3cmloaU1EUXJTYmRMcW5Ha2VDNkhaQU54NE5HZTYzdTF0RlFKQitxVExNNnZqL3NKMitnTXo0anZ1UTlEazVuWkVrSzZtMUZyWFdZd1paYVRlelZUVGM4QXNKNFQ0OXlxV2xLYz18&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f140d76175bc3f07d3835a1a33e32f80a0fe029f56cf0a358f0e661bfddea919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3375798
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sZR3DHxpdEcrVXdJUzhIQkEvdTZkRG5vempuTzdzQVZJZ0k0OXYwTzVUQlNLQW9VVjV4UWpjYlk0UHZFUWltSU9IOW9POWlXL29pQVZIZWp2R1VhM2VzN01lSnpYNGJHSHZ3TDZYOU0xY0V6bnFMV1BFUWJZVW8xTW1WOXlPSlg2bkkzS1M5YkhvdDJxNlcxMDQzeXNreHNMRWpUdU90V0RuOU5lbFEzNDBvdGJzYUlUZVBHT1UvTEZJRHdxWUZob011Z3hsNUZ3NjN3cmloaU1EUXJTYmRMcW5Ha2VDNkhaQU54NE5HZTYzdTF0RlFKQitxVExNNnZqL3NKMitnTXo0anZ1UTlEazVuWkVrSzZtMUZyWFdZd1paYVRlelZUVGM4QXNKNFQ0OXlxV2xLYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264708
content-length: 0
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 03:04:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5900
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jul 2023 05:04:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 181 KB
66 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

feaf5f0b3371ee927abff75727635403eefc7c9b931d5728312e745c7d423882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67797
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 403 cl4975ot4arrr6.js
cdn.js.customerlabs.co/ 0
0 667ms
594ms Script
application/xml 18.66.137.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P4
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
content-type: application/xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dEwa390Zfg7aQe1CfYrsBntkyRnbNMBVO51GNY-8KWqwn-XIx74W7g==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5c397bb5a2bc738df6ce55c0bbc0a058efa1f115454c53b6f18a29d199795dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 48ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&rl=&if=false&ts=1690519379421&sw=1600&sh=1200&v=next&r=canary&ec=0&o=30&ttf=1195.099998474121&tts=910.7999992370605&ttse=1193.099998474121&fbp=fb.1.1690519379419.954360958&it=1690519379138&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 04:42:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 error
connect.facebook.net//log/ 0
0 50ms
50ms Image
text/html 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=next&e=Error%3A%20You%20are%20sending%20a%20non-standard%20event%20%27LPVisit%27.%20The%20preferred%20way%20to%20send%20these%20events%20is%20using%20trackCustom.%20See%20%27https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fads-for-websites%2Fpixel-events%2F%23events%27%20for%20more%20information.&s=Error%3A%20You%20are%20sending%20a%20non-standard%20event%20%27LPVisit%27.%20The%20preferred%20way%20to%20send%20these%20events%20is%20using%20trackCustom.%20See%20%27https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fads-for-websites%2Fpixel-events%2F%23events%27%20for%20more%20information.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A47272)%0A%20%20%20%20at%20Object.r%20%5Bas%20validateEventAndLog%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A5818)%0A%20%20%20%20at%20Function.pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A9149)%0A%20%20%20%20at%20Function.Y%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A3929)%0A%20%20%20%20at%20va%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A11660)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A11696%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A35934%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A81935)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A83481)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A35897)&ue=1&rs=canary&rqm=FGET
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 48ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&rl=&if=false&ts=1690519379425&sw=1600&sh=1200&v=next&r=canary&ec=1&o=30&ttf=1199.7999992370605&tts=910.7999992370605&ttse=1193.099998474121&fbp=fb.1.1690519379419.954360958&it=1690519379138&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 04:42:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 error
connect.facebook.net//log/ 0
0 51ms
50ms Image
text/html 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=next&e=Error%3A%20You%20are%20sending%20a%20non-standard%20event%20%27LPVisit_InflQuiz%27.%20The%20preferred%20way%20to%20send%20these%20events%20is%20using%20trackCustom.%20See%20%27https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fads-for-websites%2Fpixel-events%2F%23events%27%20for%20more%20information.&s=Error%3A%20You%20are%20sending%20a%20non-standard%20event%20%27LPVisit_InflQuiz%27.%20The%20preferred%20way%20to%20send%20these%20events%20is%20using%20trackCustom.%20See%20%27https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fads-for-websites%2Fpixel-events%2F%23events%27%20for%20more%20information.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A47272)%0A%20%20%20%20at%20Object.r%20%5Bas%20validateEventAndLog%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A5818)%0A%20%20%20%20at%20Function.pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A9149)%0A%20%20%20%20at%20Function.Y%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A3929)%0A%20%20%20%20at%20va%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A11660)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A29%3A11696%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A35934%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A81935)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A83481)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A35897)&ue=1&rs=canary&rqm=FGET
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&rl=&if=false&ts=1690519379426&sw=1600&sh=1200&v=next&r=canary&ec=2&o=30&ttf=1202.099998474121&tts=910.7999992370605&ttse=1193.099998474121&fbp=fb.1.1690519379419.954360958&it=1690519379138&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 04:42:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 val.html Show response
d2cli4kgl5uxre.cloudfront.net/js/h/ Frame F3F0 15 KB
15 KB 64ms
14ms Document
text/html 2600:9000:237d:3600:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2cli4kgl5uxre.cloudfront.net/js/h/val.html?postM=1
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:3600:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57635
content-length: 14955
content-type: text/html
date: Thu, 27 Jul 2023 12:42:25 GMT
etag: "4fe9088bce7cb730680b930054492124"
last-modified: Mon, 10 Oct 2022 09:17:12 GMT
server: AmazonS3
vary: Origin
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
x-amz-cf-id: HssjWTwWDfQUcWC8iigZhB_iYEnQ9slU52yQyA5hiGzYAy4pYhJPnw==
x-amz-cf-pop: MUC50-P2
x-amz-version-id: 5H82oy8DzGfPgn50RaNmMTQosnA7YxRG
x-cache: Hit from cloudfront

GET
H2 200 track
trace.mediago.io/api/log/ 0
197 B 372ms
118ms Image
text/plain 35.208.249.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=101&random_t=1690519379429_53
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 modules.1add6ea328bf63ee1745.js Show response
script.hotjar.com/ 228 KB
56 KB 58ms
14ms Script
application/javascript 18.173.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1add6ea328bf63ee1745.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-87.muc50.r.cloudfront.net

Software

Resource Hash

2983407ba3eb28c2d5e908a4e1f963b79188fa101d5f7b492424d2c53871eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 14:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 51893
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56679
last-modified: Thu, 27 Jul 2023 14:17:57 GMT
etag: "c18911b02330e868307f9824828dc851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Fq2CHhmbzx5Enz6CFUInvG_HbAOIm2Z0szAe0l8vqjNhT6sHiu9Odw==

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 543ms
178ms Ping
application/json 52.36.7.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-ai5nmpyl-lkm3l9f0&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&rl=&ts=1690519379040&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20115&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1690588800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.7.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-7-214.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 59ms
6ms Script
application/javascript 108.138.17.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 6603563
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: DyRIAZfavYA3DZQAh1IvlTcK_byHKI3SpK83rK5Os0-gyviL1AGwRA==

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
116 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 28 Jul 2023 04:42:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3FD4F027C79C469F9F50C62F5B20CA4A Ref B: FRAEDGE1412 Ref C: 2023-07-28T04:42:59Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=c2b07484-40c6-476a-8e51-c659dc01904f&sid=3a7bcda02d0111ee9c76b1583e80b3f4&vid=3a7be8d02d0111eeb9d8cd4a6947cd26&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&r=&lt=1593&evt=pageLoad&sv=1&rn=706942

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 04:42:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9537D6D2536B4AA292AB3F019CB4D691 Ref B: FRAEDGE1412 Ref C: 2023-07-28T04:42:59Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
455 B 42ms
19ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1690519379184&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2113648998&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
455 B 40ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1690519379184&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2113648998&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTJmOGM0MDk1MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 337 KB
91 KB 18ms
17ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8b435d8b0ae81cfebe5fc191b96cac18d8b936aa91e141d9493051babd21ff89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id: c421fc6e
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230727143042DBC1E2982BA1166178DC
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f31c5552347a7e0c5dae7d887c8a1c751c44744e7a1fdb622713adf4e490b2e1ea726dee101c15ff9ded15b4e344193c2720ac0413f2c865f8c1795c3fb9b2408dfeb75cec9879db221b32334bca965bb3541438cece95f7e1d4357ffe8c5c9e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=14
content-length: 93091

GET
H2 200 main.MTJmOGM0MDk1Mw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 361 KB
97 KB 35ms
35ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1Mw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f6c8030f1900ac09cf4aa736e195e7af0b226c89ae377105df9558fa1648aab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id: c421fc76
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230727143507F34164D72B28BF67BFE4
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0130e44c0a172e5818d467d7d5c2c91aafa29e353dd37cfd707e5922a2ef1e6960375f84a77a0a7fb3c820514486569726bbbf72885021ae8c6a1292d18a76312b5df9d171bd225bd492f253d36ebac4b9c8a6801535532c480bcea7c371d31138
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 98770

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 2 KB
2 KB 37ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1690519379467&data=%7B%22id%22%3A121%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1690519379451%2C%22cv%22%3A%2220230702-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1690519379466%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22tos%22%3A13%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da716db2febfdbe080f2c7fe6c8c68f4aab92b321e0404f46732d4c2c0360ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7411
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230095-FRA
server: nginx
x-timer: S1690519380.561387,VS0,VE15
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1690519379199&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=758946768&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 31ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1690519379199&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=758946768&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
634 B 114ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2028%20Jul%202023%2004%3A42%3A59%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 91ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 28 Jul 2023 04:42:59 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
861 B 97ms
42ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1690519379487&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.dad5ce17.1690519379.6fba4d70
x-envoy-upstream-service-time: 2
content-length: 385
x-pinterest-rid: 1713241105470694
pin-unauth: dWlkPU5EVTNOek5rTXpFdE1qWXpOQzAwTkRoaExUbGxaR1F0WkdJM01tRmlOelk1T1RZMw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
324 B 48ms
47ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1690519379493

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.dad5ce17.1690519379.6fba4d9b
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1150233170047571
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1690519379311&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1122058752&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1690519379311&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1122058752&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1690519379357&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1004728067&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1690519379357&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1004728067&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 15ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1064096153&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=2032512279&gjid=1974926444&cid=383546155.1690519380&tid=UA-28307243-3&_gid=656700374.1690519380&_slc=1&gtm=45He37q0n81M3S986P&z=1808472047

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 78ms
22ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28307243-3&cid=383546155.1690519380&jid=2032512279&gjid=1974926444&_gid=656700374.1690519380&_u=YGBAiEABBAAAAGAAI~&z=1650772957

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Jul 2023 04:42:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
24 KB 23ms
9ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 02:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3636797
x-amzn-requestid: a143ac67-23e9-4195-b503-036e75323cc1
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: GlxbmHIJIAMFVMA=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-648bc916-43ae50675935f5736a6a05de
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pXC6INAEVLTNZykGNwgliaYmAhCxLTNpQuAuyGqofxygeWnJK4QCzA==

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.ub-assets.com/fonts/s/merriweather/v30/ 20 KB
20 KB 27ms
14ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 09:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 20028
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 21238632
x-amzn-requestid: 1352c4cf-17c5-49cb-97ee-6c32833acd58
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGUMxGOkIAMFbow=
content-length: 20056
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f33eb-4772d39620ea101514e4a183
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ByH8AEQYFijp6WPQdi62vBsLDe1ebk8RWEcmyXq6OxG7d9a27YQhgw==

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.ub-assets.com/fonts/s/merriweather/v30/ 19 KB
20 KB 20ms
8ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 09:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 19740
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 21238632
x-amzn-requestid: b175e53d-8f4d-4434-a90c-5b4d71c47562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGUMxFcTIAMFUPA=
content-length: 19768
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f33eb-70ad7f887420f571431f88d6
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HKU4V65TCpvKpXWRyClGkhbpxMXqRLQTjlFV3Gn9FPmtEpWgioTuUw==

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 10 KB
11 KB 26ms
13ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 10104
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 20787877
x-amzn-requestid: 5ee39d7f-03c2-4a56-8fa7-101ecc9b2189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cXgrOG9UIAMFxyA=
content-length: 10127
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-638614ae-7f0f9074637e0bc574dfb42d
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5ztYfQK7Y44_EqGR8ipPLXXWHuFzeXKp1byY45mczBbSebAlNw3eHg==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1690519379534&cv=11&fst=1690519379534&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=83891883.1690519379&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36a03eda02063dd2c24cb33501a991feba51b15119ae8d9768fc48a3a8974e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1404
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_185ec.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 19ms
18ms Script
application/javascript 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_185ec.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-akamai-request-id: c421fcd4
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230727143045DBC1E2982BA116617937
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d92eb5bbdf588b02e6c96d639d924923bd58aaf70cac5b700ab4708e57e76ea7c7169cf0c78fdc86a4f2b49ad3a0769e0907b6bbcef15fc71f167713362283bb6f81677265199063e558deecf892ceb121972c7e07caa78f2a72cbccd42d045e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 30815

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
555 B 232ms
231ms Ping
text/plain 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
x-akamai-request-id: c421fcf5
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202307280442590E3FAA3CB1869294CC9B
x-cache: TCP_MISS from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 210,23.36.160.137
x-tt-trace-host: 017dc06d77903ca0ba5871c5dd190e1c9a5d403ab26401bc44f9da2ee733fa8955b9adcf3f695978f8aea0e83b566d03c19a1d71c3babf2e27568f9fb3735a80bae8929a850c07b80059155fd43cb9040cf48976e6c1a49ff33ba8cc66efbfc6fc
server-timing: inner; dur=121, cdn-cache; desc=MISS, edge; dur=6, origin; dur=210
content-length: 0
expires: Fri, 28 Jul 2023 04:42:59 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
552 B 165ms
165ms Ping
text/plain 23.36.162.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJmOGM0MDk1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-137.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
x-akamai-request-id: c421fcfe
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202307280442594F30B6FF741E78957AAA
x-cache: TCP_MISS from a23-36-160-137.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,23.36.160.137
x-tt-trace-host: 017dc06d77903ca0ba5871c5dd190e1c9a5d403ab26401bc44f9da2ee733fa8955e69ec988e1242313b4438c1c6baaf09b2f6ba418a17d733bbf20efe105280fa7f099b8ad0c020583353fd66c081dd65774c24491a66eb5313399ade66e081c36
server-timing: inner; dur=39, cdn-cache; desc=MISS, edge; dur=10, origin; dur=132
content-length: 0
expires: Fri, 28 Jul 2023 04:42:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E56T163DF6&gtm=45je37q0&_p=1064096153&cid=383546155.1690519380&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690519379&sct=1&seg=0&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 7ms
7ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 14160
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 4443620
x-amzn-requestid: 9be225b6-cb3a-434b-86c6-cff729584ace
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: GG_pZFiSoAMF68A=
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-647f796f-7ee04e4a0a6c8f665148030c
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nQ-bp4kHvX-YRLAcjW2myzIUYK8wuxyZtVrKo8_dTAy3629lya98VQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28307243-3&cid=383546155.1690519380&jid=2032512279&_u=YGBAiEABBAAAAGAAI~&z=1811515127

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28307243-3&cid=383546155.1690519380&jid=2032512279&_u=YGBAiEABBAAAAGAAI~&z=1811515127

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 1D31 389 KB
114 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 14:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jul 2024 14:24:55 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 1D31 112 KB
112 KB 12ms
12ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EVYPA0P5Y1F9HAWT
age: 8029785
alt-svc: h3=":443"; ma=86400
content-length: 114404
x-amz-id-2: VamiXOuxmaIy4QVPQOuZ/ivdTLf5+wkLRW8iFuZvVoukauCqZG90aCb6n+Sxpfr33rhB08FkjR4=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkwGEu9lLUN4BHhIS9HSZaHhla2GH13EnzQdXso2OAFKSxn7Pmmg%2BDMTbhARwNnsL6GjKyGlmwOZCNTXDi2GHxDH%2BD6zpzJ1wBZ546w%2Fx87xsfV2Y9PcBdDlRGYSVDaGdgdz1NJsgCb03iGwp3ED"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7eda756b2ee83624-FRA

GET
H2 204 795540 Show response
vc.hotjar.io/sessions/ 0
258 B 96ms
35ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/795540?s=0.25&r=0.06420270547632434
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.1add6ea328bf63ee1745.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: qBohFLNIJlVRgQJeFggNVvaQWbOgbyqb6HaEXuhoAIdQ2ok9vuAzGg==

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 2 KB
1 KB 20ms
20ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1690519379738&data=%7B%22id%22%3A413%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1690519379451%2C%22cv%22%3A%2220230702-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1690519379470%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10%22%2C%22tos%22%3A16%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 96c6dcf9425eb93abe9886883f41a9e79f97ae0bfdd9b4191992574c46b6152d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms: 13
date: Fri, 28 Jul 2023 04:42:59 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7138
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230095-FRA
server: nginx
x-timer: S1690519380.739386,VS0,VE13
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1690519379534&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3827163829&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1690519379534&cv=11&fst=1690516800000&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3827163829&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 04:42:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 201ms
182ms Image
text/plain 44.238.137.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&vrs=6.0&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&ndclid=&ndclid_src=0&rf=&sem=&tm=0&iid=06675170-aa61-427e-a73d-e4792e93c29b&pageid=d0c0a50b-6606-406f-a85d-bb8afd7a81c5&sessionid=a1d7b88c-1d4f-46ff-aa6e-f1e492545fd8
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102fe8185b5e80eaeab04d1a2a160f&n=tune&cid=10_PH72623seg&mid=10_PH72623seg&AFFID=477232&subid=10_PH72623seg&partner_id=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.137.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-137-106.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:42:59 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
context-id: 2daa945a-7259-48b8-b9b7-2597336df6d7

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 1D31 178 B
1007 B 298ms
253ms XHR
application/json 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:43:00 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 178
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 6cd8dc5d-9fd3-47f5-8fb7-0e8e1cfc967f
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: IwgVJFvzoAMFi0A=
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=862f5lZxYslhFeL8GqCA9H56txAF1KwjJRboTjj8MjUT8WKfclOEdR6oJXQCBiL%2B0jY7DInWSawt0Cmuz7ClLu0%2FFikQbhIJPxOipE8TAVCr6o%2FtOQ1oR9TT%2FThS3yhImzmWNxTA%2B2fuZxg9VWnD"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7eda756c0c1d9b95-FRA
x-amzn-remapped-date: Fri, 28 Jul 2023 04:43:00 GMT
x-amz-cf-id: rnsIKRWiuWrhT0Ujyv-FskvH2ATNmI4vUlmBnV2uHIypfCmEuWPfMA==
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10&rl=&if=false&ts=1690519379923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=next&r=canary&ec=3&o=30&ttf=1699.5&tts=910.7999992370605&ttse=1203&fbp=fb.1.1690519379419.954360958&it=1690519379138&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jul 2023 04:42:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 save
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ Frame 0
0 203ms
164ms Preflight 2606:4700:20::681a:8a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7eda756d7ce936df-FRA
date: Fri, 28 Jul 2023 04:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkT7YzOD9MkOx9i%2F7q8e64RhWWpxcu6TW8MSCDeP73M%2B9aEDN9NELfXs1A2%2BhG0yogWXATomsiup2hK1AKvH4dZ%2Fa431cW5C%2FaW9RDTV3EOBsyIgMrPQC4dylFPSWovM7VuiVKgbTUVUvEk0NWS7S5U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 500 save Show response
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ 169 B
661 B 189ms
185ms XHR
application/json 2606:4700:20::681a:8a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: c4715026965d1fdff3eef886fdbfad3ed5ba397f9ecf17648b5fd19bb1a3cb95

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Jul 2023 04:43:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.23
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://pages.upwellness.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNNHThfQMGEawObvEwalQs%2B7EoqxQeiNRIZeJC3mKij0OuhZUQ6vV9S4ADodAc8igk8UdHFDduu1pz5T1h5b0PCvi%2BPUAJUbNqm1O9%2BLaiO0eVESIi3iK4OEWADL3VsSRZTI%2F%2FcdjzGY1e%2FoavgM3ME%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization,Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 7eda756e8e3836df-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Fri, 28 Jul 2023 04:43:00 GMT

GET
H2 200 website-popup Show response
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ 23 B
435 B 203ms
201ms XHR
application/json 2606:4700:20::681a:8a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 8a0989e03715f36714c74897fd554f6dfc00f87e0145feda60300babf0fbfb26

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Jul 2023 04:43:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.23
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://pages.upwellness.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emXWqzNAG6CufWKghiDgUI3%2Bge9dMgWciMSg8QXO7AUAGm5%2BA2v74VSdXPW9cm4XzLfIXU4e%2FNC3sUFW8m5uota9sD040wNAvGAZE%2BEj3MgmwlxQQq%2FpT7K08lH%2F8CHiF2CAvlt6M3J6%2BP%2BaLs8Sssw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization,Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 7eda756e9e3d36df-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Fri, 28 Jul 2023 04:43:00 GMT

OPTIONS
H2 204 website-popup
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ Frame 0
0 179ms
173ms Preflight 2606:4700:20::681a:8a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7eda756d7ceb36df-FRA
date: Fri, 28 Jul 2023 04:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=id89afVwK319mHlB8pIrz3dLOioUI2yv%2B2ymS6kcVgE410pJHZkq7VVv6n%2Brn8mm9x6Pw3hOoHNxrkPn0Z64dcCJM%2B67Ypx8nHiIQzywV8%2B8Gk5NIBksQB6defoIrwxagZUPm4pHhpZWbsdEQmrilP4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 7571 565 B
582 B 43ms
43ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.dad5ce17.1690519380.6fba4f67
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 04:43:00 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 5020909331459883

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 441ms
105ms Preflight 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-248-82.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Fri, 28 Jul 2023 04:43:00 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 1D31 0
200 B 110ms
110ms XHR
text/plain 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-248-82.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Fri, 28 Jul 2023 04:43:00 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 1D31 87 B
711 B 452ms
402ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522c20afede-3b07-4b47-b1c1-0bbc65df6d70%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102fe8185b5e80eaeab04d1a2a160f%2526n%253Dtune%2526cid%253D10_PH72623seg%2526mid%253D10_PH72623seg%2526AFFID%253D477232%2526subid%253D10_PH72623seg%2526partner_id%253D10%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102fe8185b5e80eaeab04d1a2a160f%2526n%253Dtune%2526cid%253D10_PH72623seg%2526mid%253D10_PH72623seg%2526AFFID%253D477232%2526subid%253D10_PH72623seg%2526partner_id%253D10%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b2e7738d18acfe7ade2011f4edfc3a9e11a1ea85c585eee17f0ed107809f8f34

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:43:00 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"57-TPUMUuLM+GMzWaIXXwiPOIhCdFU"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORnAaWGuPgezbzPqaI1hCB25q5Lu0PwPKp4FoMH%2FSun2MLSpYq09ctWPAqPoKEpnqW5LZnsbXnH2w5PjwkuWJ86duaHrtHVW4tgrK5dWhg7ikTRrMKc7TKIi6rKN3P7CICC9WE8tddZoq8fIrZ%2BWLcNThVa2"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7eda756dfb3730f9-FRA
access-control-allow-headers: X-Requested-With,content-type

OPTIONS
H2 204 announcement-bar
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ Frame 0
0 161ms
161ms Preflight 2606:4700:20::681a:8a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7eda756fdf5336df-FRA
date: Fri, 28 Jul 2023 04:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0hn2dtffVd%2Fr%2FN63RPWrp9fAKUawssIwf0hs87CbEJG0cCBYJYsUYqRk3oshgzJmyc1uaCwL1cSurgIkAkA2MFmFW%2FZytwlis0fHivJmfajSLEefw1ojmBE9Dx3rpmrh3dULkx7Yt6yfeHZ%2BgzwGu4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 announcement-bar Show response
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ 23 B
411 B 207ms
206ms XHR
application/json 2606:4700:20::681a:8a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 8a0989e03715f36714c74897fd554f6dfc00f87e0145feda60300babf0fbfb26

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Jul 2023 04:43:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.23
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://pages.upwellness.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXTY2VfoN8hsUvUSSMJ97W9P05BkQdMM%2BiduIiTkATenkLvIoEzG8k7%2BZnoBhnyk%2BhMjZXDWyZODWVtRwzU3np%2BuljKkHcETJ6wUJ9dn9dLqhGSurapnAadXNApW%2BiXX2kgVymeUlS%2F1ku6TTJgU9vI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization,Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 7eda7570d84736df-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Fri, 28 Jul 2023 04:43:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 140ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1665&scd=0&ssd=1&est=1690519379454&ver=36&isls=true&src=i&invt=1500&msa=1708&rv=1&tim=1690519381119&vi=1690519379451&ri=0534dfb06b7fa781184242d748a05802&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Fri, 28 Jul 2023 04:43:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
250 B 139ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1666&scd=0&ssd=1&est=1690519379454&ver=36&isls=true&src=i&invt=1500&msa=1708&rv=1&tim=1690519381120&vi=1690519379451&ri=696d3bb1b57919b678ebedbac4d669d5&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Fri, 28 Jul 2023 04:43:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4667&scd=0&ssd=1&est=1690519379454&ver=36&isls=true&src=i&invt=3000&msa=1708&rv=1&tim=1690519384120&vi=1690519379451&ri=0534dfb06b7fa781184242d748a05802&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Fri, 28 Jul 2023 04:43:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4667&scd=0&ssd=1&est=1690519379454&ver=36&isls=true&src=i&invt=3000&msa=1708&rv=1&tim=1690519384121&vi=1690519379451&ri=696d3bb1b57919b678ebedbac4d669d5&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102fe8185b5e80eaeab04d1a2a160f%26n%3Dtune%26cid%3D10_PH72623seg%26mid%3D10_PH72623seg%26AFFID%3D477232%26subid%3D10_PH72623seg%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Fri, 28 Jul 2023 04:43:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/inflammation-quiz/	1970-01-20 18:00:16	Name: ubpv Value: au%2Cce51cc0b-0e94-443c-a27a-24c78d18f232
links.paleohacks-mailing.com/	1970-01-20 13:36:02	Name: _session_id Value: 7d82634f3b9ae8cea7fd01a4481a0816
go.welldaily.com/	1970-01-20 13:45:24	Name: enc_aff_session_77 Value: ENC03169f254b388761484234e34c2fd8f3ebf54baea2b23ab5c8f0a81696853bd04fa7f26263e1d7dedae3b69328a57c950e74ec19d12841a3723a7014d8808f3dcc78d4733205ec4993a1c29b09d8b2a78464ffb2f37eed9ec71e37f74e009714fa90ad7ffca7640bb34938cf183d905733b84a976beaf3def47ed3af31451b57e524dd6c73
go.welldaily.com/	1970-01-20 23:11:19	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTUiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExNS4wLjU3OTAuMTEwIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-20 17:54:31	Name: ubvs Value: fb47005a-60fd-4e48-9e1d-f1b75b7ac5c8
.upwellness.com/	1970-01-20 13:39:38	Name: ubvt Value: v2%7Cfb47005a-60fd-4e48-9e1d-f1b75b7ac5c8%7Cce51cc0b-0e94-443c-a27a-24c78d18f232%3Aau%3Aweighted
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: B071E2F3CCD2FF01899ACE9B9C1F5800
.upwellness.com/	1970-01-20 23:11:19	Name: ucacid Value: 1567559807.270048
.store.upwellness.com/	1970-01-20 23:11:19	Name: ucacid Value: 1567559807.270048
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcTDznUqVG_WBdIsXQNn
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcTDznUqVG_WBdIsXQNn.n292
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 23:11:19	Name: _lc2_fpi Value: f0f26c15fa8f--01h6dcx75k571r4h2qcx0a5mat
.upwellness.com/	1970-01-20 15:44:55	Name: _gcl_au Value: 1.1.83891883.1690519379
store.upwellness.com/	1970-01-20 13:45:24	Name: AWSALB Value: 3CkXJ6m0a1vatC1KN8KSQJ7x04J4i5Xn4NgFWoMQqCyvSMzZA3LiupqaXerKeaIui8fHpjFmGYAcj9zzto2H5eTJm+Wk5WrxPCUaeN0g+eVCV3wMisDumVWyHE9v
store.upwellness.com/	1970-01-20 13:45:24	Name: AWSALBCORS Value: 3CkXJ6m0a1vatC1KN8KSQJ7x04J4i5Xn4NgFWoMQqCyvSMzZA3LiupqaXerKeaIui8fHpjFmGYAcj9zzto2H5eTJm+Wk5WrxPCUaeN0g+eVCV3wMisDumVWyHE9v
.store.upwellness.com/	1970-01-20 22:20:55	Name: UPWEL-ANP Value: 6141
.criteo.com/	1970-01-20 22:56:55	Name: uid Value: cd7ef67e-93cf-41a6-beb3-591aeb2e8053
.js.ubembed.com/	1970-01-20 13:35:21	Name: __cf_bm Value: dVeAKsYsj4fZe8.a2cBh9eFu7ZLvDJOXQ.amwyZ8w_M-1690519379-0-AfjVK4QZyJEdMy7sFN3DQiSCaPSwfGmRFrR3z4xUrOocA8N9OEmxnMSXDpDMnQJxFbD0T6Em67/PpD3Pqoj3JkM=
.tiktok.com/	1970-01-20 22:56:55	Name: _ttp Value: 2TBbNKcfkC9PlqI0J1VxMOyAWw4
.upwellness.com/	1970-01-20 15:44:55	Name: _fbp Value: fb.1.1690519379419.954360958
.doubleclick.net/	1970-01-20 22:56:55	Name: IDE Value: AHWqTUnieCDNluGF-OKvq4M-Qx1oU_EMs-j6N-Gq4HByAO1xT1QlJmnJCPBrSFgO
.upwellness.com/	1970-01-20 23:11:19	Name: __nbpix_uid Value: 1-ai5nmpyl-lkm3l9f0
.upwellness.com/	1970-01-20 13:36:45	Name: _uetsid Value: 3a7bcda02d0111ee9c76b1583e80b3f4
.upwellness.com/	1970-01-20 22:56:55	Name: _uetvid Value: 3a7be8d02d0111eeb9d8cd4a6947cd26
.bing.com/	1970-01-20 22:56:55	Name: MUID Value: 2E832F6DA1C864B10F773C31A0A3650D
.upwellness.com/	1970-01-20 13:36:45	Name: _gid Value: GA1.2.656700374.1690519380
.upwellness.com/	1970-01-20 13:35:19	Name: _dc_gtm_UA-28307243-3 Value: 1
.upwellness.com/	1970-01-20 22:56:55	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-20 22:56:55	Name: _ttp Value: f8xCVSUV8Xjly6T93ENtf3ivnZK
.upwellness.com/	1970-01-20 23:11:19	Name: _ga_E56T163DF6 Value: GS1.1.1690519379.1.0.1690519379.0.0.0
.upwellness.com/	1970-01-20 23:11:19	Name: _ga Value: GA1.1.383546155.1690519380
.pages.upwellness.com/	1970-01-20 22:20:55	Name: _pin_unauth Value: dWlkPU5EVTNOek5rTXpFdE1qWXpOQzAwTkRoaExUbGxaR1F0WkdJM01tRmlOelk1T1RZMw
.yahoo.com/	1970-01-20 22:21:16	Name: A3 Value: d=AQABBFNHw2QCEBmrcGPh8FTgQQockVG1YGsFEgEBAQGYxGTNZOANyiMA_eMAAA&S=AQAAAjXbaAIxRwid4tG5Ov9-3-Y
.liadm.com/	1970-01-20 23:11:19	Name: lidid Value: cae7edfc-ad9a-4b39-b3b8-226066c8f269
.upwellness.com/	1970-01-20 22:20:55	Name: _hjSessionUser_795540 Value: eyJpZCI6IjIyYmVjNTQ3LTVlM2EtNTFlOS1iODg0LWIwZTA3MzU2Yzc4NSIsImNyZWF0ZWQiOjE2OTA1MTkzNzk3MjUsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 13:35:21	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 13:35:19	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 13:35:21	Name: _hjSession_795540 Value: eyJpZCI6IjJhMDIwOGI4LTUxNzQtNGYwZS1hOGJmLTVlMTE2YWQ2ZDc4NSIsImNyZWF0ZWQiOjE2OTA1MTkzNzk3MzIsImluU2FtcGxlIjp0cnVlfQ==
.upwellness.com/	1970-01-20 13:35:21	Name: _hjAbsoluteSessionInProgress Value: 1
.upwellness.com/	1970-01-20 23:04:43	Name: cto_bundle Value: 22BvYV94STRIRFpYWWowNlhlUGZsUE1ZWVViVVhnckJ2YzZtSEVqcnh0eUVLU1ZvY3lyNDh1QmxQNk5WS2h6VDNnQTEyZFh0YTMzWDFYRjN6YzVyb0xCN1hoTE9QWDZhUFh2UDkxdDRGN0JEc09iZE9FUiUyRmxZTEU3RnZId2hMSlo2UFFwOXE0TCUyQkwwRm1yYjNPaUlYZkRFSnpnJTNEJTNE
.upwellness.com/	1970-01-20 14:19:57	Name: session_id Value: a1d7b88c-1d4f-46ff-aa6e-f1e492545fd8
pages.upwellness.com/	1970-01-20 13:35:19	Name: outbrain_cid_fetch Value: true
.mediago.io/	1970-01-20 22:20:55	Name: __mguid_ Value: 9f166803717a84807317972af8bcb6ae

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save Message: Failed to load resource: the server responded with a status of 500 ()
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
ads.nextdoor.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.leadquizzes.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
business.newsbreak.com
cdn.js.customerlabs.co
cdn.mediago.io
cdn.taboola.com
cdn.useproof.com
connect.facebook.net
ct.pinterest.com
d1wbjksx0xxdn3.cloudfront.net
d2cli4kgl5uxre.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dynamic.criteo.com
events.ub-analytics.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gum.criteo.com
links.paleohacks-mailing.com
live-visitor-counts.herokuapp.com
live.upwellness.com
lq3-production01.s3.amazonaws.com
mug.criteo.com
pages.upwellness.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
s3-us-west-2.amazonaws.com
script.hotjar.com
sp.analytics.yahoo.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
tr.outbrain.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
vc.hotjar.io
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.thealternativedaily.com
108.138.17.124
108.138.36.109
108.138.36.11
13.32.99.67
141.226.228.48
151.101.65.44
178.250.1.11
18.173.154.87
18.66.112.110
18.66.137.31
18.66.97.10
184.30.17.67
2001:4860:4802:34::36
204.236.226.117
212.82.100.181
23.206.208.183
23.23.204.175
23.36.162.137
2600:1f18:730:b140:231f:659f:da19:e372
2600:9000:21f3:600:b:3165:13c0:21
2600:9000:225e:1600:8:8845:1500:93a1
2600:9000:237d:3600:11:9be7:da80:93a1
2606:4700:20::681a:8a2
2606:4700:3034::ac43:a9b0
2606:4700::6812:a96
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c08::9c
2a02:2638:d::10
2a02:2638:d::d
2a02:26f0:3500:887::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
3.69.136.55
3.93.168.254
35.169.121.207
35.208.249.213
35.238.129.105
44.238.137.106
52.203.160.179
52.210.234.44
52.222.250.226
52.36.7.214
52.92.177.209
52.92.248.96
54.146.248.82
54.230.112.98
64.202.112.191
008a49b472b118119bb608c77a2548e473338a1ebcba56942253a6c056b8c1aa
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
0844c9a128728f4e84141e98d0fa5db90fa06cf757183718264ac3496d002e46
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
18202259e18c6d888b9b98496ba7756f4455d7d0936df1859641881c4bf6e8eb
189d627cc048280c5d155a07a318138f662df0d1ffced3eb687024f5345175a4
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
19cc782887b7abf491b565af3f692fb8147b597f42083efc35dabef63a510f40
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2983407ba3eb28c2d5e908a4e1f963b79188fa101d5f7b492424d2c53871eba6
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
36211f7227a549b27cc5e4abe5ad6c72dd87c63294d1714ad97f79bf3b87827a
36a03eda02063dd2c24cb33501a991feba51b15119ae8d9768fc48a3a8974e5b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37b976ac6a9338da3b8c6cdd8906ddd14add06bbea122629c956ca331f653cc0
3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4fd685de2e746658201c54a2ac810b327fa3aba727fa7f787d8eee00ccec0267
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
584323a2420393638791f47389addf0e8acb772847846eb19b2a9274db1b5945
586ad1f5ccb3041bd9778e18d183819056d2bd3f52598dce216e353643bf298f
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
651ef401f9832f368a4ac3a86739364bd9f14061389434743ca2b6115dbfd81f
682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7caff6ec921ac5193a702bf43b93ab4f1446c2d95cd6feb1637d7690272e5bd3
806e15a79c3ffd13bd4b526bcc77d9db41dd8050289f6a453d7cdef060b5100e
80d28a0a340093ea7e8b629615f9319284068b2054fb932c0239e6ac8cb94058
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
85c6e11094ea33a2ca02a14e96eb0fc927d1b8f1a0735a317ab34a82277e31b7
8a0989e03715f36714c74897fd554f6dfc00f87e0145feda60300babf0fbfb26
8b435d8b0ae81cfebe5fc191b96cac18d8b936aa91e141d9493051babd21ff89
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96c6dcf9425eb93abe9886883f41a9e79f97ae0bfdd9b4191992574c46b6152d
a42263d2056f54920618e06d5019d6a25a9b058021054cc8b3dd08255925fe6d
a55802ce0c8a4282d90e90deca61d3ee3b6ea86b5f2cb7aa0459700299e9a13a
a6ef27a85d1dc06c15bda35f9cccf37d8c64559068414a5cb326bd1b7c2efc8f
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
b2e7738d18acfe7ade2011f4edfc3a9e11a1ea85c585eee17f0ed107809f8f34
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
c4715026965d1fdff3eef886fdbfad3ed5ba397f9ecf17648b5fd19bb1a3cb95
c67226c4f4029abbab42bff4669f1b2f45918c814466caa74f2f55eeb5b5ba8f
c94bb17fbc1da1c48cbc77934044dd68941572c180ae6df4f1afff92ff798550
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cddbd04fb6a2bc681de9bd4558b7062169322c73e095466a592152ea9e6fad8f
ced5b747fe92122e8fb38c867ac67b80ffba333bd3d42285cdecbff43073a6e6
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
d5c397bb5a2bc738df6ce55c0bbc0a058efa1f115454c53b6f18a29d199795dc
d9b8bd32739cf2c8bae28e0e7d122fc8ea56a588931a6071ff79bc1966c8777f
da716db2febfdbe080f2c7fe6c8c68f4aab92b321e0404f46732d4c2c0360ca8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3a3f753ac18fd87c4630e324ad3ed97f7cb1fb41d35ed4d5d3c84c187e281d
e1ade42fcd41956dfa10ce86bb5f61c95a4f20c1ca951789a04a69443d895e2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4554ecf492a5cf1681be4d982ade8d8827fcd979cde5438af4684fdb98ed463
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f02e520332b4430b947d74c1d0978589459d594b71a0534383e53a1ed9678394
f140d76175bc3f07d3835a1a33e32f80a0fe029f56cf0a358f0e661bfddea919
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f6c8030f1900ac09cf4aa736e195e7af0b226c89ae377105df9558fa1648aab2
f70bfa6c4d4c151c6e6bf0b1d26c1093e8f05ad38231708a8d34fff5cf167a87
f77d46b52dc81fc9bc9295133402e15e7b27bde1e0c8be1c78a5554c0a45acd7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
feaf5f0b3371ee927abff75727635403eefc7c9b931d5728312e745c7d423882
ffba72759f855fee68eb688b30849a824b21451b43b13e8bd856a0d94d267561

pages.upwellness.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

42 %IPv6

38 Domains

59 Subdomains

53 IPs

7 Countries

2330 kBTransfer

5650 kBSize

44 Cookies

0 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

42 %
IPv6

38
Domains

59
Subdomains

53
IPs

7
Countries

2330 kB
Transfer

5650 kB
Size

44
Cookies

125 HTTP transactions
1 data transactions