urlscan.io logo urlscan.io
SecurityTrails logo

pages.upwellness.com Open in urlscan Pro
3.69.136.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.thealternativedaily.com/a/75/click/9498936/46948073/_39713c452b16fc76159f05809e3da232b208147b/2a716f186dfb8f9270cf53c87f...
Effective URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_...
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 5 countries across 33 domains to perform 112 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on August 16th 2021. Valid for: 3 months.
This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 15169 (GOOGLE)
1 1 52.51.237.18 16509 (AMAZON-02)
1 3.69.136.55 16509 (AMAZON-02)
3 18.66.112.128 16509 (AMAZON-02)
1 208.83.60.221 36529 (AXXA-RACKCO)
5 34.225.58.203 14618 (AMAZON-AES)
2 2600:9000:225... 16509 (AMAZON-02)
1 151.101.193.131 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a04:4e42:200... 54113 (FASTLY)
1 13.32.118.208 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 52.205.62.94 14618 (AMAZON-AES)
1 52.222.214.18 16509 (AMAZON-02)
14 52.222.250.38 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
2 151.101.65.44 54113 (FASTLY)
1 2.18.234.190 16625 (AKAMAI-AS)
1 18.66.112.53 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.193.101.206 14618 (AMAZON-AES)
2 18.66.139.38 16509 (AMAZON-02)
1 151.101.130.133 54113 (FASTLY)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.238.14.155 14618 (AMAZON-AES)
1 142.250.186.162 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.127 22075 (AS-OUTBRAIN)
1 18.66.112.111 16509 (AMAZON-02)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 212.82.100.181 34010 (YAHOO-IRD)
1 18.66.139.117 16509 (AMAZON-02)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 54.78.108.238 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.75.88.209 16625 (AKAMAI-AS)
1 54.86.117.43 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3.210.192.5 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.237.200.61 14618 (AMAZON-AES)
2 141.226.228.48 200478 (TABOOLA-AS)
112 48
1    35.238.129.105 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 105.129.238.35.bc.googleusercontent.com
links.thealternativedaily.com
1    52.51.237.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-237-18.eu-west-1.compute.amazonaws.com
go.welldaily.com
1    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
pages.upwellness.com
3    18.66.112.128 (United States)

ASN16509 (AMAZON-02, US)
builder-assets.unbounce.com
1    208.83.60.221 (United States)

ASN36529 (AXXA-RACKCO, US)
upwellness.com
5    34.225.58.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-58-203.compute-1.amazonaws.com
store2.upwellness.com
2    2600:9000:2250:8000:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    151.101.193.131 (United States)

ASN54113 (FASTLY, US)
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    13.32.118.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-208.fra60.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    2600:9000:225e:1a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
3    2606:4700:3032::ac43:dff2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
2    2a02:26f0:6c00:2af::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
3    52.205.62.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-62-94.compute-1.amazonaws.com
h.upwellnessfeed.com
1    52.222.214.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-18.fra56.r.cloudfront.net
assets.ubembed.com
14    52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    18.66.112.53 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    44.193.101.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-101-206.compute-1.amazonaws.com
events.ub-analytics.com
2    18.66.139.38 (United States)

ASN16509 (AMAZON-02, US)
zrp7lhhta7.execute-api.us-east-1.amazonaws.com
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
embed-fastly.wistia.com
1    2600:1f18:730:b150:9292:c5da:e647:d689 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.238.14.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-14-155.compute-1.amazonaws.com
rp4.liadm.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    18.66.112.111 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    54.78.108.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
in.hotjar.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com
distillery.wistia.com
1    2606:4700:3033::6815:40e (United States)

ASN13335 (CLOUDFLARENET, US)
api.useproof.com
2    3.210.192.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-192-5.compute-1.amazonaws.com
live-visitor-counts.herokuapp.com
1    2606:4700:3035::6815:23e9 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.proofapi.com
1    34.237.200.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-200-61.compute-1.amazonaws.com
pipedream.wistia.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
17 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
405 KB
11 wistia.com
fast.wistia.com
embed-fastly.wistia.com
distillery.wistia.com
pipedream.wistia.com
300 KB
7 upwellness.com
pages.upwellness.com
upwellness.com
store2.upwellness.com
64 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
219 KB
5 google.de
www.google.de
1000 B
5 google.com
www.google.com
1 KB
5 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
5 KB
4 facebook.com
www.facebook.com
1004 B
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
63 KB
4 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
26 KB
4 useproof.com
cdn.useproof.com
api.useproof.com
602 KB
3 pinterest.com
ct.pinterest.com
1 KB
3 bing.com
bat.bing.com
10 KB
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
4 KB
3 upwellnessfeed.com
h.upwellnessfeed.com
14 KB
3 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
11 KB
3 googletagmanager.com
www.googletagmanager.com
119 KB
3 unbounce.com
builder-assets.unbounce.com
38 KB
2 herokuapp.com
live-visitor-counts.herokuapp.com
200 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 amazonaws.com
zrp7lhhta7.execute-api.us-east-1.amazonaws.com
857 B
2 yimg.com
s.yimg.com
7 KB
2 facebook.net
connect.facebook.net
115 KB
2 pinimg.com
s.pinimg.com
19 KB
2 ubembed.com
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
assets.ubembed.com
49 KB
1 proofapi.com
analytics.proofapi.com
836 B
1 yahoo.com
sp.analytics.yahoo.com
964 B
1 googleadservices.com
www.googleadservices.com
14 KB
1 ub-analytics.com
events.ub-analytics.com
245 B
1 googleapis.com
fonts.googleapis.com
981 B
1 welldaily.com
go.welldaily.com
2 KB
1 thealternativedaily.com
links.thealternativedaily.com
673 B
0 litix.io Failed
fg8vvsvnieiv3ej16jby.litix.io Failed
112 33
Domain Requested by
14 d9hhrg4mnvzow.cloudfront.net pages.upwellness.com
8 fast.wistia.com pages.upwellness.com
fast.wistia.com
5 www.google.de pages.upwellness.com
5 www.google.com 1 redirects pages.upwellness.com
5 fonts.gstatic.com fonts.googleapis.com
5 store2.upwellness.com pages.upwellness.com
store2.upwellness.com
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
4 www.facebook.com pages.upwellness.com
3 ct.pinterest.com s.pinimg.com
pages.upwellness.com
3 bat.bing.com pages.upwellness.com
bat.bing.com
3 h.upwellnessfeed.com pages.upwellness.com
h.upwellnessfeed.com
3 cdn.useproof.com pages.upwellness.com
cdn.useproof.com
3 www.googletagmanager.com pages.upwellness.com
www.googletagmanager.com
3 builder-assets.unbounce.com pages.upwellness.com
2 trc-events.taboola.com cdn.taboola.com
2 live-visitor-counts.herokuapp.com cdn.useproof.com
2 tr.outbrain.com amplify.outbrain.com
pages.upwellness.com
2 www.google-analytics.com www.googletagmanager.com
pages.upwellness.com
2 zrp7lhhta7.execute-api.us-east-1.amazonaws.com upwellness.com
2 s.yimg.com pages.upwellness.com
s.yimg.com
2 connect.facebook.net pages.upwellness.com
connect.facebook.net
2 s.pinimg.com pages.upwellness.com
s.pinimg.com
2 d34qb8suadcc4g.cloudfront.net pages.upwellness.com
d34qb8suadcc4g.cloudfront.net
1 pipedream.wistia.com fast.wistia.com
1 analytics.proofapi.com cdn.useproof.com
1 api.useproof.com cdn.useproof.com
1 distillery.wistia.com fast.wistia.com
1 www.gstatic.com cdn.useproof.com
1 stats.g.doubleclick.net www.google-analytics.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 sp.analytics.yahoo.com pages.upwellness.com
1 script.hotjar.com static.hotjar.com
1 trc.taboola.com cdn.taboola.com
1 www.googleadservices.com www.googletagmanager.com
1 rp4.liadm.com pages.upwellness.com
1 rp.liadm.com 1 redirects
1 embed-fastly.wistia.com pages.upwellness.com
1 events.ub-analytics.com pages.upwellness.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 static.hotjar.com pages.upwellness.com
1 amplify.outbrain.com pages.upwellness.com
1 cdn.taboola.com pages.upwellness.com
1 assets.ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1 b-code.liadm.com pages.upwellness.com
1 d9i5ve8f04qxt.cloudfront.net pages.upwellness.com
1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com pages.upwellness.com
1 upwellness.com pages.upwellness.com
1 pages.upwellness.com
1 go.welldaily.com 1 redirects
1 links.thealternativedaily.com 1 redirects
0 fg8vvsvnieiv3ej16jby.litix.io Failed fast.wistia.com
112 52

This site contains no links.

Subject Issuer Validity Valid
pages.upwellness.com
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
www.upwellness.com
RapidSSL RSA CA 2018		 2020-02-02 -
2022-03-03		 2 years crt.sh
store2.upwellness.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-04 -
2021-11-04		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
h.upwellnessfeed.com
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
assets.ubembed.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-09-12 -
2022-10-11		 a year crt.sh
embed-fastly.wistia.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.wistia.com
Amazon		 2021-04-01 -
2022-04-30		 a year crt.sh
*.herokuapp.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh

This page contains 3 frames:

Primary Page: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Frame ID: D36E73BCCC2941A933F78930CF3FD1F7
Requests: 102 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 2DAA41FD55782D76E74684C4BB8114A0
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: C5392CE6DC824AE70DFC9C9AF3BE26BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://links.thealternativedaily.com/a/75/click/9498936/46948073/_39713c452b16fc76159f05809e3da232b208147b/2a716f... HTTP 302
    https://go.welldaily.com/aff_c?offer_id=34&aff_id=1&aff_sub=AD210910PM HTTP 302
    https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&A... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

97 %
HTTPS

42 %
IPv6

33
Domains

52
Subdomains

48
IPs

5
Countries

2112 kB
Transfer

4702 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.thealternativedaily.com/a/75/click/9498936/46948073/_39713c452b16fc76159f05809e3da232b208147b/2a716f186dfb8f9270cf53c87f3106372787e8dd HTTP 302
    https://go.welldaily.com/aff_c?offer_id=34&aff_id=1&aff_sub=AD210910PM HTTP 302
    https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&duid=f0f26c15fa8f--01ffrfbzeh53snwv2gs4zz6m8s&se=e30&dtstmp=1631835258521 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&duid=f0f26c15fa8f--01ffrfbzeh53snwv2gs4zz6m8s&se=e30&dtstmp=1631835258521&i6=MmEwMTo0Zjg6MTUwOjIwMDg6Mzg6OjE%3D&n3pc=true
Request Chain 81
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1631835258892&cv=9&fst=1631835258892&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/675938688/?random=1631835258892&cv=9&fst=1631833200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&is_vtc=1&random=772196615&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/675938688/?random=1631835258892&cv=9&fst=1631833200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&is_vtc=1&random=772196615&resp=GooglemKTybQhCsO&ipr=y

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pages.upwellness.com/uc-21dr-fps-aff/
Redirect Chain
  • https://links.thealternativedaily.com/a/75/click/9498936/46948073/_39713c452b16fc76159f05809e3da232b208147b/2a716f186dfb8f9270cf53c87f3106372787e8dd
  • https://go.welldaily.com/aff_c?offer_id=34&aff_id=1&aff_sub=AD210910PM
  • https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
271 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5ddc56af572aec8bc7543c888a5a810b1635cb9e70fbfe62e398bd6c8c9172c6

Request headers

Host
pages.upwellness.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 16 Sep 2021 23:34:17 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
c6b88db9-db73-4de8-8407-993721c6140d
etag
"a:8a49fc95fe5db18be9c92c561a04022a"
last-modified
Tue, 18 May 2021 20:39:04 GMT
x-unbounce-visitorid
aa538868-f70c-46b1-976c-f3d4c82ada1a
x-unbounce-variant
a
content-location
https://pages.upwellness.com/uc-21dr-fps-aff/
link
<https://pages.upwellness.com/uc-21dr-fps-aff/>; rel="canonical"
set-cookie
ubpv=a%2Cc6b88db9-db73-4de8-8407-993721c6140d; Max-Age=15897600; Expires=Sat, 19 Mar 2022 23:34:17 GMT; Path=/uc-21dr-fps-aff/; SameSite=Lax ubvs=aa538868-f70c-46b1-976c-f3d4c82ada1a; Max-Age=15552000; Expires=Tue, 15 Mar 2022 23:34:17 GMT; Path=/; SameSite=Lax ubvt=aa538868-f70c-46b1-976c-f3d4c82ada1a; Max-Age=259200; Expires=Sun, 19 Sep 2021 23:34:17 GMT; Path=/; Domain=upwellness.com; SameSite=Lax
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

Server
nginx
Date
Thu, 16 Sep 2021 23:34:16 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
335
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
enc_aff_session_34=ENC03fcff9f04122788f98a40abc650da4d6f06f2a7b10c7780d2cc7ac38549df8dca38c9ac59103e94a66ac64c6c6cb3613ce2d267e1657a43bf2b639e0b90880746429ef58a6e85e5d7d375de7ad7f0c227d5857e7777454f71c1862c1076e11de54911343420620e30f82547b16089be25391321009f6924a41091ef2c50629b342c47157d; expires=Thu, 23 Sep 2021 23:34:16 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Sun, 11 Aug 2024 10:14:16 GMT; path=/; SameSite=None; Secure
Tracking_id
1027a6a9d597c5ee60a6617c212e60
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
5cc18e4236b480d213202662fe5ee5d1
Access-Control-Allow-Headers
Tune-SDK-Version
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
19347720
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
i4veKqs-gudflHHC8IwlmqBR2-YViZRzqnM4MJ8HoGR1mfMUxPbSKg==
jquery.min.js
upwellness.com/services/scripts/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upwellness.com/services/scripts/jquery/jquery.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.83.60.221 , United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
public
Date
Thu, 16 Sep 2021 23:34:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Nov 2020 19:48:41 GMT
Server
nginx
ETag
W/"5fbd6399-15d84"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800, public
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 23 Sep 2021 23:34:17 GMT
jquery-shims.bundle-aa41391.z.js
builder-assets.unbounce.com/published-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 23:20:08 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 22:29:05 GMT
server
AmazonS3
age
12356050
etag
"ea132b475b756b7f755049edca93b98c"
x-cache
Hit from cloudfront
x-amz-version-id
KxeWw.rsdMt236FNaf3m5f2PRohd8nQX
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
content-length
1991
x-amz-cf-id
xTJ4Ub9mw32s9AwJRHBjnkE9jsOhEPqUrhn01ExWROcsegEYCaENGg==
UCInvisibleLink
store2.upwellness.com/cgi-bin/ 		433 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.58.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-58-203.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4b14a777c8582e60d34266d77bff8d0a47eefac19e4e3a282fcbf4c22ca08a39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
252
UCAffiliateId
store2.upwellness.com/cgi-bin/ 		80 B
542 B 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCAffiliateId?merchantId=UPWEL
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.58.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-58-203.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8f187cec7d401ebbadadcb77e1a42df64e60a776bbe66aa6c8214a40ef988b28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
content-length
66
vary
Accept-Encoding
content-type
application/x-javascript
UCAffiliateNetworkPixel
store2.upwellness.com/cgi-bin/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?merchantId=UPWEL&ThemeCode=SF3309
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.58.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-58-203.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f886442185a1559b3e9fe399279660422eff85dc639a3a29b16c47a8baae0ddc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
597
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
11832940
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
niCAjk_qgte65mzA-DQjaA_1-_N3fvqjz5zHLG1wd47qYex5GX39aQ==
/
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08fcbfb27e1dc396851ae92a74ec8e70bb08564d4c5a519be53303641937a30f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
x-backend-region
eu_west_1
age
0
etag
209ab4ce3ff5c6ca9d5e1ba348f1fbb8-v0.179.1
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, MISS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA50-C1
accept-ranges
none
x-amz-apigw-id
Fx4jGG-EDoEFjHA=
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-862759327
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b27e7fbd77725fe2559f25d7279145520587734c90a172a85b3b13c4535495c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39227
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:54:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 23:34:18 GMT
i9kdn2aofd.jsonp
fast.wistia.com/embed/medias/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/i9kdn2aofd.jsonp
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
400fcf9c4ca35a2142830741ad70a9a977ae9e14f9db298a55fc36d7cc58b279
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
58352
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1379
x-request-id
1c54b305c11974bf0166974d96cb328c
x-served-by
cache-dca17769-DCA, cache-fra19139-FRA
x-runtime
0.065142
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1631835258.233098,VS0,VE1
etag
W/"400fcf9c4ca35a2142830741ad70a9a9"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
92
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
E-v1.js
fast.wistia.com/assets/external/ 		611 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b65fa5d96d9b48f7a823f076336fcb4ffd66c09f9614cc5ff52ac91724be05e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
vary
Accept-Encoding
age
2720
x-cache
HIT, HIT
content-length
117791
x-served-by
cache-dca12926-DCA, cache-fra19139-FRA
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631835258.233137,VS0,VE0
etag
"61434d36-1cc1f"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 92
swatch
fast.wistia.com/embed/medias/i9kdn2aofd/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/embed/medias/i9kdn2aofd/swatch
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b89b262b0248a14d47f04f975b900bd3c4289f4f624caef19820be480023a7af
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
access-control-request-method
*
age
24590
x-cache
HIT, HIT
content-disposition
inline
content-length
4515
x-served-by
cache-dca12926-DCA, cache-fra19139-FRA
access-control-allow-origin
*, *
x-browser-version
92
last-modified
Mon, 27 Jul 2020 22:43:39 UTC
x-timer
S1631835258.233201,VS0,VE1
strict-transport-security
max-age=0
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control
public, no-cache, max-age=30097707
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
collect.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-208.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfbf4fc433fc3f4aeec3d85e0cf44f049edc4301576c404f74579130a8bc2eb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:20:59 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
last-modified
Tue, 07 Sep 2021 15:08:43 GMT
server
AmazonS3
age
202400
etag
"53706200a4c45a8d879974a147bd21ea"
x-cache
Hit from cloudfront
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800,s-maxage=604800
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
99051
x-amz-cf-id
vPsr_T_qpj9U4FhWgXrbErEZB4wXSv9Pr0K_BP1w9YGItvScTrxOmg==
main.bundle-fed11df.z.js
builder-assets.unbounce.com/published-js/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 06 May 2021 20:57:02 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 18:27:02 GMT
server
AmazonS3
age
11500637
etag
"02427a0829fed4e24e9864e2f6f1d669"
x-cache
Hit from cloudfront
x-amz-version-id
PY5jXkWzij7RMiymy035twJKn1QV7eth
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
content-length
33154
x-amz-cf-id
Qe5XzKG808tfxUuCvcjR-cjS_DXVP_FsGv5EE4-XyXlaKVReXprMjA==
a-057g.min.js
b-code.liadm.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-057g.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZIO-Http /
Resource Hash
7ba22a5e9ec9615ad47452e1459daeec330a664cf862ad44a5e1cce6147dc899

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 05:11:29 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
server
ZIO-Http
age
66169
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
content-encoding
gzip
x-amz-cf-id
NVuFVwtOY80XdR72e2c6RMHaPYMUtxsLOn-2Xhv0T1t8YDuzwVmv_w==
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15387759
cf-ray
68fde79c0bb54e3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
497733
x-amz-id-2
H6ZIkpihwD2NWJAmkNq/mx8uBgwQVsnR4HeMriixdJ7+y9Z5MBq6CTVi0htNuiAnVtjEeIcxm2I=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"0426397a9b31146729ac86c5be8595d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WihCIWKtauxjo2cz3Hu4%2FuppJWs7ky%2FzIQ4nCQjV9xAdX4tU7F9OwcToiYfcVLprpyRxolAvdxXERTh7fHPgnwN4XXalHRo9tX7420A34Zwo6EetxJFCL5lDpt%2FmiJTXK%2FrpgcsloeFFrV5WST3h"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
G7YP0C5YWHNJMG64
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges
bytes
content-type
application/javascript
cf-bgj
minify
invisibleLink.jsp
store2.upwellness.com/affiliate/ 		212 B
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-21dr-fps-aff/%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM
Requested by
Host: store2.upwellness.com
URL: https://store2.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.58.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-58-203.compute-1.amazonaws.com
Software
Apache /
Resource Hash
28a39362683d201f601984493866733a383ddaa4625d997330d20907188a1e6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
142
core.js
s.pinimg.com/ct/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"be0de9f37bc515448fb9440e478cda10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
1a8689e8-2.16.186.151
accept-ranges
bytes
content-length
585
access-control-expose-headers
X-CDN
gtm.js
www.googletagmanager.com/ 		112 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4060ac2ffb8a8c586c68669c9b38661719a1d1ebba17ee7ec3031b077d2cd76c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42559
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:54:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 23:34:18 GMT
universal-script
h.upwellnessfeed.com/v1/lst/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
540d4bba81958ef2b8464afc75a107192dd9e24d9ebadff25f44f7e6996c0480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:34:18 GMT
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Type
text/plain;charset=utf-8
Access-Control-Expose-Headers
Session-ID
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Front-End-Https
off
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
16935224
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
xAEPrNUa_BvTWZwwisl5mnJQfBYUyBqRoDZQlle8imKMyKmlNvUGew==
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.1/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 16:54:54 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 19:19:04 GMT
server
AmazonS3
age
3825565
etag
W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
zK9uvDBr0ib-wh3T5tBs0s1P3QyjU6sHypN9qyKA3J95xdEZJCJ4nA==
bcc2773e-new-fotolia-209178477-subscription-monthly-m-1_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/bcc2773e-new-fotolia-209178477-subscription-monthly-m-1_100000000000000000001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47baee30f6bfeaa3db42509c6ff9da0a491170f703e3c0fec4a6bd6549673e89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:39 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730600
etag
"0dc4c6ffbf1826352dd79ad9f62fb4ee"
x-cache
Hit from cloudfront
x-amz-version-id
IdsDEm2_OCEOqLgykItwXdDyO1ZmRiXz
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
38293
x-amz-cf-id
V0GbxJEmSCEZz_yvvxU33jERZ8cd7VmEV89rCcKAbL9_bHZGITrFqw==
90573055-bg-fotolia-72502809-subscription-monthly-m-1_10000001ay0840000bk01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/90573055-bg-fotolia-72502809-subscription-monthly-m-1_10000001ay0840000bk01o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9371102bb7ce84dc977807fa942168edc2e4803e343a3b89ad028ca0f23f12fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:39 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730600
etag
"1ec236a76729ca3172d830b5c6361b5a"
x-cache
Hit from cloudfront
x-amz-version-id
nHzj7mzFjZvwOprc5FUvJY8DRe5xqFqX
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
53737
x-amz-cf-id
09VXtNQMG64MPaMkSfMsQ_rKqy4pKbCqXyF0KZNDOzZvcSV30y4uwQ==
4f9aad47-fotolia-167079908-subscription-monthly-m-1_10000001m50ia00006y01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/4f9aad47-fotolia-167079908-subscription-monthly-m-1_10000001m50ia00006y01o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5129a60f12da6bfeb1a49438cf79b71e730c0a42c8fde87a318df73f951fa76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:39 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730600
etag
"5edcf24de6e6e9e2923f5e376eede24d"
x-cache
Hit from cloudfront
x-amz-version-id
k5lRA.PQyfl1ITrACuUi8hWdpPAhmixb
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
18199
x-amz-cf-id
c5CJPcgeGBKpVH6QbyEOJ6LDoyRxVvaBmJzPWrSwH1AWnK_XFKh_gw==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
8VymxCbeM9NEbcgMdHxZL3M1/9vJkcFhPm2lPi3vKCC41+oZjEQCFvT5/zaOIYz2mECW8HBoXoSmhpRLEkCGoQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 16 Sep 2021 23:34:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 16 Sep 2021 23:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1783
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5639
x-amz-id-2
AqJMa/zNAtbyVu+hrW9ASLMPDH1M4uwnTnyeWOeC6ucySdGN9zhh5sbDFuIAOwFyR/cWjOgfFCs=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 27 May 2021 13:00:20 GMT
server
ATS
etag
"6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
7VFYWND0YMHS0KMX
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges
bytes
content-type
application/javascript
tfa.js
cdn.taboola.com/libtrc/unip/1225872/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa3547abea3784ceccc2dac8d6ad68455f7dfd84b9995cfacc16983f0ddd0da7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
imSYArNm.gr8CKcCmXiTQfn3a1AGdpSK
content-encoding
gzip
etag
"db2218f685f0380f83000a7ea0edefed"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
24762
x-amz-id-2
j0RWsZk78EwkqfEDfs3mAT4cQERzXPRy+9Qa9l5mQTl2wxoE2lqx89843xDOWT3M94jeQgd9H4g=
x-served-by
cache-fra19137-FRA
last-modified
Mon, 09 Aug 2021 10:28:23 GMT
server
AmazonS3
x-timer
S1631835258.395782,VS0,VE99
date
Thu, 16 Sep 2021 23:34:18 GMT
vary
Accept-Encoding
x-amz-request-id
JAN0FAVBRWB9S5HC
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
39
x-cache-hits
1
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:34:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 09:47:31 GMT
Server
AkamaiNetStorage
ETag
"fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3100
Expires
Thu, 16 Sep 2021 23:54:18 GMT
hotjar-795540.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-795540.js?sv=6
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9d95e8ccdf38efe39fe7e7adc7c70765d6b25d71c4fce98a937ecb98726247e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P5
etag
W/571ed5b6dd7f83c3ec2c0c9de4f07805
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
2029
via
1.1 cf2071a2896a4f71dbfdbc521d554363.cloudfront.net (CloudFront)
x-amz-cf-id
d7SJLS2_Za5uYRb1NxPXgjlo0QqNy0zQiZ0yWMwE08RPkxNwuQFXsg==
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:17 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref
Ref A: 328CE26EB54846DAAA5C02019DBC8500 Ref B: FRAEDGE1307 Ref C: 2021-09-16T23:34:18Z
etag
"80386a5f63aad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9827
a59d415a-ab59-4c98-9877-c2921f41470a
https://pages.upwellness.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://pages.upwellness.com/a59d415a-ab59-4c98-9877-c2921f41470a
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arvo:700%7CLato:900,700%7CDroid+Sans:regular,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
620b15cd148704b3dccf7af2ea3768ce065ad0e9d0482c6a560d840f8634cf5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 23:34:18 GMT
server
ESF
date
Thu, 16 Sep 2021 23:34:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 23:34:18 GMT
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1631835258302&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=99fe7f93-4155-42bc-b81b-80eab4bf4ecc&dtm=1631835258299&vp=1600x1200&ds=1600x12501&vid=1&sid=55db377a-0aac-4949-b5d7-dfe8fa79e1d5&duid=2a206782-326b-4090-8bfb-cfc505aa2ebc&uid=aa538868-f70c-46b1-976c-f3d4c82ada1a&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYzZiODhkYjktZGI3My00ZGU4LTg0MDctOTkzNzIxYzYxNDBkIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.101.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-101-206.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Sep 2021 23:34:18 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
146d712b-e6dd89e8-triangle_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		299 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/146d712b-e6dd89e8-triangle_1000000000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f44bab7c8fe7e70f4fdaef06ff8e42ab8c15f41f3addd65191d388e4d26424f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:39 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:03 GMT
server
AmazonS3
age
730600
etag
"7ef5d40eecab8e860bbc08a5e3ce3dae"
x-cache
Hit from cloudfront
x-amz-version-id
VAaC7zZhJ_C7RlYHRbIdnOmOQXr_Zbyg
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
299
x-amz-cf-id
QDgSQelbVHs6WHlSDoVCpm_MjLGbaMPvjG7ZPCE0tVHBb7nzU9YvFg==
a337963d-358e1bea-tick-mark-png-image-100916-orange-02g02g02g02g000000_101d01c000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		707 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/a337963d-358e1bea-tick-mark-png-image-100916-orange-02g02g02g02g000000_101d01c000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5268525385e9ba7228956155146e3ce597e01eb7c0db25d9861d8acc5a044302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:23 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730496
etag
"3e547e123baefe6606ddd4c30dcb766e"
x-cache
Hit from cloudfront
x-amz-version-id
ntKUSGaZxJ8kHm37gtPmzMLG0Fzb5kPP
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
707
x-amz-cf-id
itr1LZgpB3eqLXXGHM7Aki_VsiuyD5UT9DAe9Ud00wMH1pPmLJTgXw==
fef581e2-leftarrow_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		601 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/fef581e2-leftarrow_1000000000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ad5c0750803a5b88cd95cb516a1fbe4f01512b8b12057d3335afab3dc776dd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:39 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730600
etag
"4387b54491c07d0afa1ef34e1a5fab7b"
x-cache
Hit from cloudfront
x-amz-version-id
C7z.5469F6inzu5JgiXiX9XpHb4rooDl
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
601
x-amz-cf-id
uJm7NK9VccjoQCC3pSyqbuZki0Q58ikytCKyvuoAhTCCiTqOReQq7w==
29012426-rightarrow_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		621 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/29012426-rightarrow_1000000000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47c7e1d31ce30c8b4b2a81e566b0a044cdd0fd63e03979ada13db11f3eb776a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:39 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:03 GMT
server
AmazonS3
age
730600
etag
"02297e07a69ab224409da1cf47f674b6"
x-cache
Hit from cloudfront
x-amz-version-id
LWcBAkRLnfSBHSoZf0CLA43AEb8W2H1L
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
621
x-amz-cf-id
hC3l_f_3rFJQ8BVQZLyAt6wwmyzpuWOvRJYhGgHZ25lIiPopVGN_GQ==
476b6d7d-100h_105k026000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/476b6d7d-100h_105k026000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0375e9031bbd68f296e76d1f7361f3753807a087d1f4933f96245958a7439d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:23 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730495
etag
"c10088bd61f05d51fae2739d5a882614"
x-cache
Hit from cloudfront
x-amz-version-id
LQnwIAvFX8WMWmPNL_IxV3ACvF1fODVB
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
4787
x-amz-cf-id
C5lRPLz7viXgmUeQJNOF-1AUxfj9bprRTBuXa7tYjQmV_Z3QDTCHFQ==
e7b547fb-the21dayrevival-wholefoodandnutritionprogram-693x872_109f0bu000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/e7b547fb-the21dayrevival-wholefoodandnutritionprogram-693x872_109f0bu000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69bdd953536b3f73a037d107b013f29872d2a018bda296dd7f026de09e08a9c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:24 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730495
etag
"7209949179ed4462c15ab21dbe079413"
x-cache
Hit from cloudfront
x-amz-version-id
qg7s.KWmjyixV4wSkXTAVbKCVbq_DkXB
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
56630
x-amz-cf-id
Zj6aR3KOLVprm8LE4rdD82BdzCaNlATGBtRI8N9AbQI1vIgeuql84A==
505b2cb8-screen-shot-2019-03-12-at-2-23-52-pm_108r0da000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/505b2cb8-screen-shot-2019-03-12-at-2-23-52-pm_108r0da000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
931184ef9cbb9665b0ccc1c04aca974543572f2dfa515c73f1cce9d5ee9b73ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:24 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730495
etag
"aa2a2c305291ef5915607ba57c5f5bfb"
x-cache
Hit from cloudfront
x-amz-version-id
f8hb8x4YyC8.oEGnJECSE3F7lWftsprv
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
73489
x-amz-cf-id
82-g-5Tqkzs0pkVdPvtbC_xumKszfdljZgQBFdwhztFO0UeSJbo4Qg==
6140c901-lr-wh-officephotos-41-1_109g0e507s09z01o02b01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/6140c901-lr-wh-officephotos-41-1_109g0e507s09z01o02b01o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de4d1f1ae6e682503c102a9f99914e489fbd9de795163f230d647602527c984e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:24 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730495
etag
"1b353856ce68a2a7754ee62669c241f0"
x-cache
Hit from cloudfront
x-amz-version-id
aZLrMI5p9y5Gzs0OH4Tzu7OIJ1UYBjSF
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
14026
x-amz-cf-id
ls3cPBEznDC73aMmQAQPoCMjn63VDLYPvCD7sYxCVajitcSQixz61w==
74f2260b-fotolia-223885016-subscription-monthly-m-1_10d90880a208803700001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/74f2260b-fotolia-223885016-subscription-monthly-m-1_10d90880a208803700001o.jpg
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c76f2e91201e2a237f13b847eb3ea602eb4bba33c2f8088fe63f57ee6925a0e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:24 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730495
etag
"54a9144d8b3451c0eb6ea09af7b13212"
x-cache
Hit from cloudfront
x-amz-version-id
ej1sjrzRUsaSoVReN0gb_bXh8CCCCZjn
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
7858
x-amz-cf-id
UwIyjAlm3Rk6C8YCiWkikRtCUNTJYOYgcHZ6zROzkKNncdXjEh2U_A==
777f04bb-artboard-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		284 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/777f04bb-artboard-1_1000000000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a79d9992811703b0ff051a4222ea5d17b1c1320f2b6de32168c45c2fef6d782

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:37:43 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730596
etag
"7cca19642100ce74e18ae3872c46a272"
x-cache
Hit from cloudfront
x-amz-version-id
LUUqpYcE7BEkov4ba3Vp8y_iyNBxSYww
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
284
x-amz-cf-id
ZuV9XKhUUQXSgFfj66UWiLYyDHiqRRPVSweyCdnMz5k7x6EeGu1VcA==
e7d14cb1-redbanner_10s0072000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-21dr-fps-aff/e7d14cb1-redbanner_10s0072000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06748c444801bc661db1c0c4ca04c3d229829da3265958a41c8b2ab0bd7dda1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 12:39:24 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Tue, 18 May 2021 20:39:04 GMT
server
AmazonS3
age
730495
etag
"40b3fd41399e86d60fb039cab973231c"
x-cache
Hit from cloudfront
x-amz-version-id
UeosM7ZSTZ0lBs9AGth4LAeMIBC6Vtd_
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
6920
x-amz-cf-id
W31gVeUwGzliTMZtO_X7-rCE8T5lgAcNMA8kKOtt4YAIYh82clM1aA==
UCAffiliateNetworkPixel
store2.upwellness.com/cgi-bin/ 		0
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.05590715075748509&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM
Requested by
Host: store2.upwellness.com
URL: https://store2.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?merchantId=UPWEL&ThemeCode=SF3309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.58.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-58-203.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
server
Apache
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
rt
zrp7lhhta7.execute-api.us-east-1.amazonaws.com/prod/v1/ 		20 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zrp7lhhta7.execute-api.us-east-1.amazonaws.com/prod/v1/rt
Requested by
Host: upwellness.com
URL: https://upwellness.com/services/scripts/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
35
x-amzn-remapped-date
Thu, 16 Sep 2021 23:34:19 GMT
x-amz-cf-pop
FRA60-P4
x-amzn-requestid
ab214fa0-21b0-4f35-adcd-b87883d1f14a
x-cache
Miss from cloudfront
x-amz-apigw-id
Fx4jQF_boAMFuVw=
content-length
35
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/json
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amzn-remapped-server
Apache
x-amz-cf-id
EJo34koS98vLhTKckxjPF_qasHJNrdKYUlThuyQObdlorQRdEgeP-w==
x-amzn-remapped-connection
keep-alive
rt
zrp7lhhta7.execute-api.us-east-1.amazonaws.com/prod/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zrp7lhhta7.execute-api.us-east-1.amazonaws.com/prod/v1/rt
Protocol
H2
Server
18.66.139.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pages.upwellness.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Thu, 16 Sep 2021 23:34:18 GMT
x-amzn-requestid
51b012de-3804-4a52-be21-62a314498ae9
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
Fx4jNEagoAMF6Hg=
access-control-allow-methods
OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
kHd76HjH90JH8ujYpsjTQiFUfSeJIvObsSQwNJOBvwhMqMTQYuixOA==
wistia-mux.js
fast.wistia.com/assets/external/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9924880902b87011459a257b7cd5677eafd11f1de5decc7cde1d5b078f50eaf8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
vary
Accept-Encoding
age
2721
x-cache
HIT, HIT
content-length
24814
x-served-by
cache-dca12924-DCA, cache-fra19139-FRA
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631835258.417574,VS0,VE0
etag
"61434d36-60ee"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 34
302615157369859
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/302615157369859?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aaf8a3440a13cd82f500be91fa7cf41c7602de0c3b88df445df9b1cbe9234e2a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Kg5hFNncD55qK3C/bCwelt3ajSG9VsBvz/HjIOxdzCwfo3zxj7Xoxr0ri3DRdN2K+1FD1jFfAHLYhsQVXNfvIg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 16 Sep 2021 23:34:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
733a08588534a591ea80f80a552cc801.webp
embed-fastly.wistia.com/deliveries/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-fastly.wistia.com/deliveries/733a08588534a591ea80f80a552cc801.webp?image_crop_resized=960x540
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
944be4e93e167484de76640b455ee9a4b00dcf37341f2b53532d4e1d5fcc9882

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
via
1.1 varnish, 1.1 varnish
age
742428
edge-cache-tag
733a08588534a591ea80f80a552cc801
access-control-request-method
*
x-cache-hits
1, 1
x-cache
HIT, HIT
content-length
47652
x-served-by
cache-dca17778-DCA, cache-fra19139-FRA
last-modified
Mon, 27 Jul 2020 22:43:39 UTC
x-timer
S1631835259.624980,VS0,VE1
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline
cache-control
max-age=31536000
accept-ranges
bytes
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3...
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%...
13 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&duid=f0f26c15fa8f--01ffrfbzeh53snwv2gs4zz6m8s&se=e30&dtstmp=1631835258521&i6=MmEwMTo0Zjg6MTUwOjIwMDg6Mzg6OjE%3D&n3pc=true
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.14.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-14-155.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
x-pixel-event-id
c083682b-1608-4265-8d1d-59da11aa2996
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
9a25d8c8efe47608

Redirect headers

date
Thu, 16 Sep 2021 23:34:18 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&duid=f0f26c15fa8f--01ffrfbzeh53snwv2gs4zz6m8s&se=e30&dtstmp=1631835258521&i6=MmEwMTo0Zjg6MTUwOjIwMDg6Mzg6OjE%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://pages.upwellness.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
0fdb2b78d87da7b0
request-time
1
content-length
0
x-content-type-options
nosniff
index.html
cdn.useproof.com/proxy/ Frame 2DAA 		325 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

:method
GET
:authority
cdn.useproof.com
:scheme
https
:path
/proxy/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pages.upwellness.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
content-type
text/html
content-length
325
x-amz-id-2
3b0ZCnyMRKF+teCewN/7LAfIBmf3fq76FwgGI7WXFR3ukPp2CqjDxjMnH/NI89DmOvLsvuPA0QU=
x-amz-request-id
34RX0NWCHR9F1BWS
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
cache-control
max-age=315360000, no-transform, public
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges
bytes
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMMkaFjUW04YQLxunbsx5m6%2Fl%2FkqQpUgXPQmjXY2U9oLjuXpYDlWRWQfJIeAV5a8MTusm2xRL26VaVyL4Xfahl1fKE8%2FHCe%2Bmh1EogF7xo%2FuPXrk5hl81fe7xAM7gNYr7v5VrYPbANyeAZ0quiN4"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68fde79e3d9f4e3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14042
x-xss-protection
0
server
cafe
etag
5157641309300231189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Sep 2021 23:34:18 GMT
10056129.json
s.yimg.com/wi/config/ 		46 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10056129.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 11:17:26 GMT
x-content-type-options
nosniff
age
44213
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
1TFQZ9WBDYJZFFGY
x-amz-id-2
OQx+mvWgt829hR6OknY/S5ul0nDHl02gbrME7ZW7AQJ+MmUEMSMmLvk9fk7j9ps84Yj+KAFQSFE=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 23 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 18 Aug 2021 21:49:32 GMT
server
ATS
etag
"fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
5lqV4GvMTyzNl0lqaN8QODBV_nzn4eKl
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/octet-stream
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:700%7CLato:900,700%7CDroid+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:42:30 GMT
x-content-type-options
nosniff
age
107508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:42:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:700%7CLato:900,700%7CDroid+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:13:08 GMT
x-content-type-options
nosniff
age
242470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:13:08 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:700%7CLato:900,700%7CDroid+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 18:02:17 GMT
x-content-type-options
nosniff
age
365521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 18:02:17 GMT
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:700%7CLato:900,700%7CDroid+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 03:55:15 GMT
x-content-type-options
nosniff
age
243543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 03:55:15 GMT
tDbM2oWUg0MKoZw1-LPK8w.woff2
fonts.gstatic.com/s/arvo/v14/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arvo/v14/tDbM2oWUg0MKoZw1-LPK8w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:700%7CLato:900,700%7CDroid+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:38:48 GMT
x-content-type-options
nosniff
age
366930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17300
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:38:48 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2538
date
Thu, 16 Sep 2021 22:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 17 Sep 2021 00:52:00 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-675938688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae0d3ff6bea6db5e28ee326c4511d1e9c63b0140eb7173fef71699038fac6cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39196
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:54:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 23:34:18 GMT
json
trc.taboola.com/1225872/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1225872/trc/3/json?tim=1631835258697&data=%7B%22id%22%3A808%2C%22ii%22%3A%22%2Fuc-21dr-fps-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1631835258691%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1631835258696%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A9%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15b8b5664ab189cf4f6ea63d50112dafab88afc179c66077d6bac4bfcd2fc0c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
26
date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
gzip
server
nginx
x-timer
S1631835259.742936,VS0,VE26
x-served-by
cache-fra19137-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cachedClickId
tr.outbrain.com/ 		35 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
gzip
X-TraceId
c6f9b82b016009e7a4af0e78cec1391
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00e83052a71a1dff3bc62d5d40765808fc&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&optOut=false&bust=00891383183317509
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:34:19 GMT
Cache-Control
no-cache
X-TraceId
a82366a1bdecdc608f3e52cf23e6656f
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
main.e7fd5392.js
s.pinimg.com/ct/lib/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.e7fd5392.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2af::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"30ff292a4ebc0e59d7e191b6f654384a"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
1a868a2c-2.16.186.151
accept-ranges
bytes
content-length
18816
access-control-expose-headers
X-CDN
27015508.js
bat.bing.com/p/action/ 		0
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27015508.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Sep 2021 23:34:18 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: E4A37FCA78564D40A7F607B2C64ECE74 Ref B: FRAEDGE1307 Ref C: 2021-09-16T23:34:18Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=a15cb3c4-78e6-460a-bf9f-f6e56dfca131&sid=9cc76180174611eca11501e8b3527ac6&vid=9cc78c00174611ecb78fe3cd40dc863d&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&r=&lt=2174&evt=pageLoad&msclkid=N&sv=1&rn=503065
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Sep 2021 23:34:18 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B63E9AD04E8B492BB9E1A52A6B9B20E9 Ref B: FRAEDGE1307 Ref C: 2021-09-16T23:34:18Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
663553
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TE9ECZLan0rNIk0UHyhJRm7xk_G-OjKqavDtzqcywjH5iIWniROTnw==
/
www.facebook.com/tr/ 		44 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&rl=&if=false&ts=1631835258745&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631835258743.1471547676&it=1631835258422&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 23:34:18 GMT
/
www.facebook.com/tr/ 		44 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1631835258752&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631835258743.1471547676&it=1631835258422&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 23:34:18 GMT
/
www.facebook.com/tr/ 		44 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_21DR&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1631835258754&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1631835258743.1471547676&it=1631835258422&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 23:34:18 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2016%20Sep%202021%2023%3A34%3A18%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&enc=UTF-8&yv=1.10.1&tagmgr=gtm
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:34:18 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 16 Sep 2021 23:34:18 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame C539 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pages.upwellness.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
QZnFJHnGMeO1-botT0kNxqw_LHqqN6I5wMXmwVptkTS2xFALHKfS8A==
age
5048953
gusid
h.upwellnessfeed.com/v1/lst/ 		32 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.upwellnessfeed.com/v1/lst/gusid?
Requested by
Host: h.upwellnessfeed.com
URL: https://h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
Product-ID
180470

Response headers

Date
Thu, 16 Sep 2021 23:34:19 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
off
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Type
text/plain;charset=utf-8
Access-Control-Allow-Origin
https://pages.upwellness.com
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
Access-Control-Expose-Headers
Session-ID
gusid
h.upwellnessfeed.com/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.upwellnessfeed.com/v1/lst/gusid?
Protocol
HTTP/1.1
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://pages.upwellness.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Thu, 16 Sep 2021 23:34:19 GMT
Content-Type
application/vnd.sun.wadl+xml;charset=utf-8
Content-Length
1552
Connection
keep-alive
Access-Control-Allow-Origin
https://pages.upwellness.com
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Headers
product-id
Access-Control-Expose-Headers
Session-ID
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Allow
HEAD,GET,OPTIONS
Last-Modified
Thu, 16 Sep 2021 23:34:19 UTC
Front-End-Https
off
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1631835258790&cv=9&fst=1631835258790&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e339fe7872f9dff7d7b2c0d0a66e999e95174b1d4e67c7c023ad275ecb482e15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1631835258839&cv=9&fst=1631835258839&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8d972fc9c01481e041092eae84ee1b3211e238252102036dd4e95a051f5d46d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/795540/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.108.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 16 Sep 2021 23:34:18 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1631835258892&cv=9&fst=1631835258892&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86b363c24d6db5f0fcecdcf21ecbfb47fcdea6f0f1621b542b8b9bfbc5504008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1101
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/675938688/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1631835258892&cv=9&fst=1631835258892&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/675938688/?random=1631835258892&cv=9&fst=1631833200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
  • https://www.google.de/pagead/1p-user-list/675938688/?random=1631835258892&cv=9&fst=1631833200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/675938688/?random=1631835258892&cv=9&fst=1631833200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&is_vtc=1&random=772196615&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/675938688/?random=1631835258892&cv=9&fst=1631833200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&is_vtc=1&random=772196615&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-28307243-3&cid=138861888.1631835259&jid=1556080325&gjid=1092270366&_gid=794154629.1631835259&_u=YGBAgEABAAAAAE~&z=2119673287
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Sep 2021 23:34:19 GMT
content-type
text/plain
access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=313445739&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1556080325&gjid=1092270366&cid=138861888.1631835259&tid=UA-28307243-3&_gid=794154629.1631835259&gtm=2wg9f0M3S986P&z=806937001
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 03:43:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71477
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame 2DAA 		389 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.5.0/firebase.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116073
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 14:56:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 04:05:01 GMT
proxy.js
cdn.useproof.com/proxy/ Frame 2DAA 		112 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/proxy.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/proxy/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15387757
cf-ray
68fde7a0f81f4e3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
114404
x-amz-id-2
5/9ljZ7zvso1tKgr2uUjGG0wYyTFt7319aXsf5sMbUgzD/ozDN82XQLnlr5kT1FHpC0gZcdYGgQ=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd%2FwpPjPzcoJC%2Ba0u07GXkeLSXNo5oZaKhfgU8K6T40jqHCeBIPt59wrZKXXxo1VCKx2bn6bPZH6AOpYY3X%2FU8YOkVmQUlRyndUbkjcWWUmj55oJEa%2BWwIvIurwhYu0lXkzWVgVka96jLUnlf68Z"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
AKJNGBSW6PDMDT22
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges
bytes
content-type
application/javascript
cf-bgj
minify
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-28307243-3&cid=138861888.1631835259&jid=1556080325&_u=YGBAgEABAAAAAE~&z=2004332176
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-28307243-3&cid=138861888.1631835259&jid=1556080325&_u=YGBAgEABAAAAAE~&z=2004332176
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/862759327/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/862759327/?random=1631835258790&cv=9&fst=1631833200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&fmt=3&is_vtc=1&random=2763850383&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/862759327/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/862759327/?random=1631835258790&cv=9&fst=1631833200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&fmt=3&is_vtc=1&random=2763850383&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/675938688/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/675938688/?random=1631835258839&cv=9&fst=1631833200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&fmt=3&is_vtc=1&random=2757230983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/675938688/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/675938688/?random=1631835258839&cv=9&fst=1631833200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&fmt=3&is_vtc=1&random=2757230983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		493 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1631835259140
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.8f6656b8.1631835259.1e53a7
x-envoy-upstream-service-time
3
x-pinterest-rid
5515696555705003
pin-unauth
dWlkPU1tSmpZalptTURndE16QTJOUzAwWWpFNUxXRmlNVEl0WVRrM01USTJOamM1TUdFeA
access-control-allow-origin
https://pages.upwellness.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
342
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22e7fd5392%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1631835259142
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8f6656b8.1631835259.1e53a8
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1049027230556409
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/862759327/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/862759327/?random=1631835258892&cv=9&fst=1631833200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&fmt=3&is_vtc=1&random=4286223254&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/862759327/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/862759327/?random=1631835258892&cv=9&fst=1631833200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&async=1&fmt=3&is_vtc=1&random=4286223254&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302615157369859&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM&rl=&if=false&ts=1631835259248&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40id%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fi9kdn2aofd%22%2C%22%40type%22%3A%22VideoObject%22%2C%22duration%22%3A%22PT2M59S%22%2C%22name%22%3A%2221DR_FPS_V1%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2F733a08588534a591ea80f80a552cc801.jpg%3Fimage_crop_resized%3D640x360%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fi9kdn2aofd%22%2C%22uploadDate%22%3A%222020-07-27%22%2C%22description%22%3A%22an%20UpWellness%20video%22%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=3&o=30&fbp=fb.1.1631835258743.1471547676&it=1631835258422&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-21dr-fps-aff/?offer=34&session_id=1027a6a9d597c5ee60a6617c212e60&n=tune&AFFID=477232&subid=1_AD210910PM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 23:34:19 GMT
/
ct.pinterest.com/md/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:34:19 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8f6656b8.1631835259.1e53af
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
1164369340922364
expires
Sat, 01 Jan 2000 00:00:00 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dbfef1341c9a79d742fc27039bca0f4e3042a48881c21b039d039a451961c6ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
br
vary
Accept-Encoding
age
2722
x-cache
HIT, HIT
content-length
12637
x-served-by
cache-dca17782-DCA, cache-fra19139-FRA
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631835260.556388,VS0,VE0
etag
"61434d36-315d"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 40
hls_video.js
fast.wistia.com/assets/external/engines/ 		356 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39df4b8e7ba1635560bb6cee9517576d7a52b927a91bfe4dc36ba8b759b6aeb6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
content-encoding
br
vary
Accept-Encoding
age
2722
x-cache
HIT, HIT
content-length
85296
x-served-by
cache-dca17779-DCA, cache-fra19139-FRA
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631835260.557353,VS0,VE0
etag
"61434d36-14d30"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 31
x
distillery.wistia.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-117-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 16 Sep 2021 23:34:19 GMT
cache-control
max-age=0, private, must-revalidate
trtc0limNRYJwhvfi9uRqUFQo0w1
api.useproof.com/pixel/ Frame 2DAA 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
178
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date
Thu, 16 Sep 2021 23:34:19 GMT
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
50a616c9-7b1d-4495-a3ef-4d5489600d5a
surrogate-control
no-store
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
content-encoding
br
x-amz-apigw-id
Fx4jWEl_oAMF87w=
pragma
no-cache
server
cloudflare
etag
W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcZeiOBAwOTfgs7ahkaetjRjtoyS27oJ%2FuYS5tqAm0uYxCL4sjj9V%2Bofcc2q2rIN0TgWSOmQdBBkVFUxHolugnQbz%2BbAhTCukpKLRy9XOoWfHUBcuedahbxqwWDyHmMGytVSy3IlwkbiSH3B61fS"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
68fde7a49b902488-FRA
x-amz-cf-id
6N6wH_ec4UWS0kLwzNNC1-gMlkWun1ZCIK70g_9lkhtunP6KvGxiXw==
x-amzn-remapped-connection
keep-alive
expires
0
blank.gif
fast.wistia.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pages.upwellness.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:19 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
9922
x-cache
HIT, HIT
x-cache-hits
1, 208
content-length
1214
x-served-by
cache-dca17754-DCA, cache-fra19133-FRA
x-browser-version
92
last-modified
Thu, 16 Sep 2021 20:46:57 GMT
x-timer
S1631835260.631991,VS0,VE0
etag
"6143ad41-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
register
live-visitor-counts.herokuapp.com/lvc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://live-visitor-counts.herokuapp.com/lvc/register
Protocol
HTTP/1.1
Server
3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-192-5.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.useproof.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Content-Length,Content-Type
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin
https://cdn.useproof.com
Access-Control-Max-Age
43200
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Date
Thu, 16 Sep 2021 23:34:20 GMT
Via
1.1 vegur
register
live-visitor-counts.herokuapp.com/lvc/ Frame 2DAA 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-visitor-counts.herokuapp.com/lvc/register
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-192-5.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://cdn.useproof.com
Date
Thu, 16 Sep 2021 23:34:20 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
0
Vary
Origin
track
analytics.proofapi.com/ Frame 2DAA 		74 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522384195a9-c23e-463c-af86-4c67c57d6cbb%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-21dr-fps-aff%252F%253Foffer%253D34%2526session_id%253D1027a6a9d597c5ee60a6617c212e60%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_AD210910PM%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-21dr-fps-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-21dr-fps-aff%252F%253Foffer%253D34%2526session_id%253D1027a6a9d597c5ee60a6617c212e60%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_AD210910PM%2522%257D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:23e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
65ffc469b9eeed0fccdd4db37263dc8d250702237a4710b78221b3770ba25093

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:20 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"4a-UnrA2++2haeyHGMwRcVmzUhpOyc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAO3Vauxf00KUEyVFyD2AR6sPF%2FqEx6ijxyLYbMW14RFYLOSMkH2sO9I0gHKqz%2Bz72qG0cp3dxWAibo924MJIioBS2N0apQDoXhQJ2S4wcIrhkx4Falg9e6ZJQ5mZKtUd%2FU5ZZN1TKR8Oui4iRUNRrJ%2BfKBv"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.useproof.com
access-control-allow-credentials
true
cf-ray
68fde7a6491b5373-FRA
access-control-allow-headers
X-Requested-With,content-type
mput
pipedream.wistia.com/ 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.200.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-200-61.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 16 Sep 2021 23:34:20 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
unip
trc-events.taboola.com/1225872/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1585&scd=9&ssd=1&est=1631835258693&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1631835260279&vi=1631835258691&ri=16b867015d5741b188deea6a998554bd&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Thu, 16 Sep 2021 23:34:20 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
allIntegrations.js
fast.wistia.com/assets/external/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d77802915404115b7ae2d56748b9baf61a53e1b9e9c3832885fb63e9e898bcbf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:34:20 GMT
content-encoding
br
vary
Accept-Encoding
age
2724
x-cache
HIT, HIT
content-length
9034
x-served-by
cache-dca12924-DCA, cache-fra19139-FRA
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631835261.557787,VS0,VE0
etag
"61434d36-234a"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 31
unip
trc-events.taboola.com/1225872/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4586&scd=9&ssd=1&est=1631835258693&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1631835263280&vi=1631835258691&ri=16b867015d5741b188deea6a998554bd&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-21dr-fps-aff%2F%3Foffer%3D34%26session_id%3D1027a6a9d597c5ee60a6617c212e60%26n%3Dtune%26AFFID%3D477232%26subid%3D1_AD210910PM
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Thu, 16 Sep 2021 23:34:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
fg8vvsvnieiv3ej16jby.litix.io/ 		0
0
/
fg8vvsvnieiv3ej16jby.litix.io/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| lp object| ub string| __ultraaff_r string| __ultraaff_u object| _uca string| ucAffiliateId function| pintrk function| gtag object| dataLayer object| head object| script function| ucAnpFailback function| ucAnpCallback object| UnbounceSnowplowNamespace function| ubSnowplow function| fbq function| _fbq object| dotq object| _tfa function| obApi function| hj object| _hjSettings object| uetq string| output number| output2 object| wistiajsonp-/embed/medias/i9kdn2aofd.jsonp function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| LI object| __li__evt_bus object| liQ object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| TimeMe string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent number| c_start function| ucaEvent boolean| ucaInit object| ube object| google_tag_manager boolean| proofInitialized object| google_tag_data object| platform object| YAHOO string| GoogleAnalyticsObject function| ga function| FBQ function| FBQ_SETUP object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| UET function| UET_init function| UET_push object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules boolean| mh_uts_available function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData

34 Cookies

Domain/Path Name / Value
pages.upwellness.com/uc-21dr-fps-aff/ Name: ubpv
Value: a%2Cc6b88db9-db73-4de8-8407-993721c6140d
links.thealternativedaily.com/ Name: _maropost_session
Value: 75bc0c98316e9ea3adff1e64f66f96ca
go.welldaily.com/ Name: enc_aff_session_34
Value: ENC03fcff9f04122788f98a40abc650da4d6f06f2a7b10c7780d2cc7ac38549df8dca38c9ac59103e94a66ac64c6c6cb3613ce2d267e1657a43bf2b639e0b90880746429ef58a6e85e5d7d375de7ad7f0c227d5857e7777454f71c1862c1076e11de54911343420620e30f82547b16089be25391321009f6924a41091ef2c50629b342c47157d
go.welldaily.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/ Name: ubvs
Value: aa538868-f70c-46b1-976c-f3d4c82ada1a
.upwellness.com/ Name: ubvt
Value: aa538868-f70c-46b1-976c-f3d4c82ada1a
.upwellness.com/ Name: UltraCartShoppingCartID
Value: B2D37221302DFB017BF0F5FCF12E5E00
store2.upwellness.com/ Name: JSESSIONID
Value: abcJnScBKtH96gS-jXtNU
store2.upwellness.com/ Name: LBJSESSIONID
Value: abcJnScBKtH96gS-jXtNU.n45
.upwellness.com/ Name: _li_dcdm_c
Value: .upwellness.com
.upwellness.com/ Name: _lc2_fpi
Value: f0f26c15fa8f--01ffrfbzeh53snwv2gs4zz6m8s
.upwellness.com/ Name: ucacid
Value: 1905948583.018025
store2.upwellness.com/ Name: AWSALB
Value: FuGt2lJnPZT2+6+8K7NTv4rFZQ2sFRFSi5wV20qaYPqp0ue1W6Ig+aStZWl7opJ/COZ4QMVi3a8HcS4yjM/6nR8aHrzKswyeNv8ZJye9Nsp4/+gMosa847Jrkp5D
store2.upwellness.com/ Name: AWSALBCORS
Value: FuGt2lJnPZT2+6+8K7NTv4rFZQ2sFRFSi5wV20qaYPqp0ue1W6Ig+aStZWl7opJ/COZ4QMVi3a8HcS4yjM/6nR8aHrzKswyeNv8ZJye9Nsp4/+gMosa847Jrkp5D
.store2.upwellness.com/ Name: UPWEL-ANP
Value: 6161
.bing.com/ Name: MUID
Value: 0AC4BC9DBB9369EB3449AC29BA4168C7
.upwellness.com/ Name: _gcl_au
Value: 1.1.589032978.1631835259
.upwellness.com/ Name: _uetsid
Value: 9cc76180174611eca11501e8b3527ac6
.upwellness.com/ Name: _uetvid
Value: 9cc78c00174611ecb78fe3cd40dc863d
.upwellness.com/ Name: _fbp
Value: fb.1.1631835258743.1471547676
.facebook.com/ Name: fr
Value: 0fFuFSWeGD5TJxG5Q..BhQ9R6...1.0.BhQ9R6.
.upwellness.com/ Name: _hjid
Value: 2b582439-99da-449b-8201-6715b2067aff
.upwellness.com/ Name: _hjFirstSeen
Value: 1
pages.upwellness.com/ Name: _hjIncludedInPageviewSample
Value: 1
.upwellness.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
pages.upwellness.com/ Name: _hjIncludedInSessionSample
Value: 1
.liadm.com/ Name: lidid
Value: 4b05be48-11b6-4252-b241-e8d0926f6e6b
.yahoo.com/ Name: A3
Value: d=AQABBHrUQ2ECEDq6NNIx1xTCq3I5kwLjvwwFEgEBAQElRWFNYQAAAAAA_SMAAA&S=AQAAAofDjafKNIVItcVMQ9BQQOY
.upwellness.com/ Name: _ga
Value: GA1.2.138861888.1631835259
.upwellness.com/ Name: _gid
Value: GA1.2.794154629.1631835259
.upwellness.com/ Name: _dc_gtm_UA-28307243-3
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
pages.upwellness.com/ Name: outbrain_cid_fetch
Value: true
.pages.upwellness.com/ Name: _pin_unauth
Value: dWlkPU1tSmpZalptTURndE16QTJOUzAwWWpFNUxXRmlNVEl0WVRrM01USTJOamM1TUdFeA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
amplify.outbrain.com
analytics.proofapi.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
cdn.taboola.com
cdn.useproof.com
connect.facebook.net
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
distillery.wistia.com
embed-fastly.wistia.com
events.ub-analytics.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
go.welldaily.com
googleads.g.doubleclick.net
h.upwellnessfeed.com
in.hotjar.com
links.thealternativedaily.com
live-visitor-counts.herokuapp.com
pages.upwellness.com
pipedream.wistia.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
store2.upwellness.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
upwellness.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
zrp7lhhta7.execute-api.us-east-1.amazonaws.com
fg8vvsvnieiv3ej16jby.litix.io
104.75.88.209
13.32.118.208
141.226.228.48
142.250.186.162
151.101.130.133
151.101.193.131
151.101.65.44
18.66.112.111
18.66.112.128
18.66.112.53
18.66.139.117
18.66.139.38
2.18.234.190
208.83.60.221
212.82.100.181
2600:1f18:730:b150:9292:c5da:e647:d689
2600:9000:2250:8000:1d:11cf:5800:93a1
2600:9000:225e:1a00:8:8845:1500:93a1
2606:4700:3032::ac43:dff2
2606:4700:3033::6815:40e
2606:4700:3035::6815:23e9
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9c
2a02:26f0:6c00:2af::1931
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::622
3.210.192.5
3.69.136.55
34.225.58.203
34.237.200.61
34.238.14.155
35.238.129.105
44.193.101.206
52.205.62.94
52.222.214.18
52.222.250.38
52.51.237.18
54.78.108.238
54.86.117.43
70.42.32.127
0375e9031bbd68f296e76d1f7361f3753807a087d1f4933f96245958a7439d56
06748c444801bc661db1c0c4ca04c3d229829da3265958a41c8b2ab0bd7dda1f
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
08fcbfb27e1dc396851ae92a74ec8e70bb08564d4c5a519be53303641937a30f
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b65fa5d96d9b48f7a823f076336fcb4ffd66c09f9614cc5ff52ac91724be05e
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b8b5664ab189cf4f6ea63d50112dafab88afc179c66077d6bac4bfcd2fc0c6
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
28a39362683d201f601984493866733a383ddaa4625d997330d20907188a1e6e
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39df4b8e7ba1635560bb6cee9517576d7a52b927a91bfe4dc36ba8b759b6aeb6
3a79d9992811703b0ff051a4222ea5d17b1c1320f2b6de32168c45c2fef6d782
400fcf9c4ca35a2142830741ad70a9a977ae9e14f9db298a55fc36d7cc58b279
4060ac2ffb8a8c586c68669c9b38661719a1d1ebba17ee7ec3031b077d2cd76c
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
47baee30f6bfeaa3db42509c6ff9da0a491170f703e3c0fec4a6bd6549673e89
47c7e1d31ce30c8b4b2a81e566b0a044cdd0fd63e03979ada13db11f3eb776a8
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f
4b14a777c8582e60d34266d77bff8d0a47eefac19e4e3a282fcbf4c22ca08a39
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
5268525385e9ba7228956155146e3ce597e01eb7c0db25d9861d8acc5a044302
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
540d4bba81958ef2b8464afc75a107192dd9e24d9ebadff25f44f7e6996c0480
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ddc56af572aec8bc7543c888a5a810b1635cb9e70fbfe62e398bd6c8c9172c6
620b15cd148704b3dccf7af2ea3768ce065ad0e9d0482c6a560d840f8634cf5e
65ffc469b9eeed0fccdd4db37263dc8d250702237a4710b78221b3770ba25093
69bdd953536b3f73a037d107b013f29872d2a018bda296dd7f026de09e08a9c0
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
7ad5c0750803a5b88cd95cb516a1fbe4f01512b8b12057d3335afab3dc776dd2
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7ba22a5e9ec9615ad47452e1459daeec330a664cf862ad44a5e1cce6147dc899
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8
86b363c24d6db5f0fcecdcf21ecbfb47fcdea6f0f1621b542b8b9bfbc5504008
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f187cec7d401ebbadadcb77e1a42df64e60a776bbe66aa6c8214a40ef988b28
931184ef9cbb9665b0ccc1c04aca974543572f2dfa515c73f1cce9d5ee9b73ba
9371102bb7ce84dc977807fa942168edc2e4803e343a3b89ad028ca0f23f12fb
944be4e93e167484de76640b455ee9a4b00dcf37341f2b53532d4e1d5fcc9882
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
9924880902b87011459a257b7cd5677eafd11f1de5decc7cde1d5b078f50eaf8
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9d95e8ccdf38efe39fe7e7adc7c70765d6b25d71c4fce98a937ecb98726247e6
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8d972fc9c01481e041092eae84ee1b3211e238252102036dd4e95a051f5d46d
aa3547abea3784ceccc2dac8d6ad68455f7dfd84b9995cfacc16983f0ddd0da7
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
aaf8a3440a13cd82f500be91fa7cf41c7602de0c3b88df445df9b1cbe9234e2a
ae0d3ff6bea6db5e28ee326c4511d1e9c63b0140eb7173fef71699038fac6cde
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b27e7fbd77725fe2559f25d7279145520587734c90a172a85b3b13c4535495c2
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
b89b262b0248a14d47f04f975b900bd3c4289f4f624caef19820be480023a7af
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
c76f2e91201e2a237f13b847eb3ea602eb4bba33c2f8088fe63f57ee6925a0e7
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d77802915404115b7ae2d56748b9baf61a53e1b9e9c3832885fb63e9e898bcbf
dbfef1341c9a79d742fc27039bca0f4e3042a48881c21b039d039a451961c6ba
de4d1f1ae6e682503c102a9f99914e489fbd9de795163f230d647602527c984e
dfbf4fc433fc3f4aeec3d85e0cf44f049edc4301576c404f74579130a8bc2eb2
e339fe7872f9dff7d7b2c0d0a66e999e95174b1d4e67c7c023ad275ecb482e15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f44bab7c8fe7e70f4fdaef06ff8e42ab8c15f41f3addd65191d388e4d26424f3
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f5129a60f12da6bfeb1a49438cf79b71e730c0a42c8fde87a318df73f951fa76
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f886442185a1559b3e9fe399279660422eff85dc639a3a29b16c47a8baae0ddc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3