pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.revealedtoday.info/a/1393/click/3955/865321/bad6966da0daa0d90391dbf7ddfdf8f7331b76a9/4fa3eecbb9de2536fe91ccba60f763...
Effective URL:
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_re...
Submission: On June 12 via api (June 12th 2023, 8:38:40 pm UTC) from US — Scanned from DE

Summary HTTP 180 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 40 domains to perform 180 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com. The Cisco Umbrella rank of the primary domain is 956163.
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.210.234.44 52.210.234.44	16509 (AMAZON-02) (AMAZON-02)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
2	52.222.174.124 52.222.174.124	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20e1:f400:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:9c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	44.210.2.193 44.210.2.193	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.200.49.94 54.200.49.94	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.118 13.32.27.118	16509 (AMAZON-02) (AMAZON-02)
41	52.222.250.38 52.222.250.38	16509 (AMAZON-02) (AMAZON-02)
1	18.214.96.110 18.214.96.110	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b110:4a5:1251:7b86:2622	14618 (AMAZON-AES) (AMAZON-AES)
1	52.1.91.70 52.1.91.70	14618 (AMAZON-AES) (AMAZON-AES)
2	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	34.213.130.140 34.213.130.140	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4007:80c::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	18.66.137.164 18.66.137.164	16509 (AMAZON-02) (AMAZON-02)
2	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2600:9000:21f... 2600:9000:21f3:5200:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
7	13.32.99.41 13.32.99.41	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:4200:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:21f... 2600:9000:21f3:aa00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	3.210.192.5 3.210.192.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4549	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.207.44.109 18.207.44.109	14618 (AMAZON-AES) (AMAZON-AES)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.88.95.86 3.88.95.86	14618 (AMAZON-AES) (AMAZON-AES)
1	3.220.126.149 3.220.126.149	14618 (AMAZON-AES) (AMAZON-AES)
180	57

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.revealedtoday.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.234.44 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-234-44.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-124.cdg50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e1:f400:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.210.2.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-2-193.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.200.49.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-49-94.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-118.fra56.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.96.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-96-110.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:4a5:1251:7b86:2622 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.91.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-91-70.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.130.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-130-140.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4007:80c::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-164.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5200:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

views.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.99.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-41.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4200:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:aa00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.210.192.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-192-5.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4549 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.207.44.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-44-109.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.88.95.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-95-86.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.126.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-126-149.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net d2cli4kgl5uxre.cloudfront.net	2 MB
20	wistia.com fast.wistia.com — Cisco Umbrella Rank: 5278 embed-ssl.wistia.com — Cisco Umbrella Rank: 9599 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 7733 distillery.wistia.com — Cisco Umbrella Rank: 8092	3 MB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	627 KB
7	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 22889	145 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5056	1014 B
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	2 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 121	9 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 959 trc.taboola.com — Cisco Umbrella Rank: 632 trc-events.taboola.com — Cisco Umbrella Rank: 1944	22 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	311 B
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 117028 io.v2.customerlabs.co — Cisco Umbrella Rank: 116844	198 KB
6	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3402 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161 sslwidget.criteo.com — Cisco Umbrella Rank: 1727 widget.us.criteo.com — Cisco Umbrella Rank: 16732	28 KB
6	upwellness.com pages.upwellness.com — Cisco Umbrella Rank: 956163 live.upwellness.com store.upwellness.com — Cisco Umbrella Rank: 833354	77 KB
5	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 66087 api.useproof.com — Cisco Umbrella Rank: 64079	602 KB
4	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 251479	472 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 386	13 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3123 tr.outbrain.com — Cisco Umbrella Rank: 2867	8 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 540	8 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2871 rp.liadm.com — Cisco Umbrella Rank: 2189 rp4.liadm.com — Cisco Umbrella Rank: 8339	16 KB
2	clickcertain.com 1 redirects a.clickcertain.com — Cisco Umbrella Rank: 7854	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 733 script.hotjar.com — Cisco Umbrella Rank: 1102	73 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	116 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1155	879 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 752	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
2	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 7431 trace.mediago.io — Cisco Umbrella Rank: 1119	26 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 54929 business.newsbreak.com — Cisco Umbrella Rank: 15575	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6317 flask.nextdoor.com — Cisco Umbrella Rank: 5915	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 811	19 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 12750	51 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 19314	37 KB
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 42574	580 B
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 90632	715 B
1	gstatic.com www.gstatic.com	390 KB
1	unsplash.com views.unsplash.com — Cisco Umbrella Rank: 35857
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 22808	282 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	27 KB
1	welldaily.com 1 redirects go.welldaily.com	2 KB
1	revealedtoday.info 1 redirects links.revealedtoday.info	733 B
0	tiktok.com Failed analytics.tiktok.com Failed
180	40

	Domain	Requested by
41	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
11	fast.wistia.com	pages.upwellness.com fast.wistia.com
9	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
7	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
7	www.google.de	pages.upwellness.com
7	www.google.com	1 redirects pages.upwellness.com
6	www.facebook.com	pages.upwellness.com
6	embed-cloudfront.wistia.com	fast.wistia.com
6	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
5	io.v2.customerlabs.co	pages.upwellness.com cdn.js.customerlabs.co
4	trc-events.taboola.com	cdn.taboola.com
4	live-visitor-counts.herokuapp.com	cdn.useproof.com
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	a.clickcertain.com	1 redirects pages.upwellness.com
2	api.useproof.com	cdn.useproof.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	sp.analytics.yahoo.com	pages.upwellness.com
2	ct.pinterest.com	s.pinimg.com pages.upwellness.com
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	pages.upwellness.com
1	distillery.wistia.com	fast.wistia.com
1	pipedream.wistia.com	fast.wistia.com
1	a.remarketstats.com	1 redirects
1	analytics.proofapi.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	script.hotjar.com	static.hotjar.com
1	trace.mediago.io	pages.upwellness.com
1	d2cli4kgl5uxre.cloudfront.net	cdn.mediago.io
1	views.unsplash.com	pages.upwellness.com
1	flask.nextdoor.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	embed-ssl.wistia.com	pages.upwellness.com
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	cdn.js.customerlabs.co	pages.upwellness.com
1	business.newsbreak.com	static.newsbreak.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	mug.criteo.com	pages.upwellness.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	www.googleadservices.com	www.googletagmanager.com
1	events.ub-analytics.com	pages.upwellness.com
1	cdn.mediago.io	pages.upwellness.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	cdnjs.cloudflare.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	pages.upwellness.com
1	go.welldaily.com	1 redirects
1	links.revealedtoday.info	1 redirects
0	analytics.tiktok.com Failed	pages.upwellness.com
180	65

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
live.upwellness.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
store.upwellness.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
useproof.com GTS CA 1P5	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.mediago.io Amazon RSA 2048 M02	`2023-02-24` - `2023-10-05`	7 months	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-01` - `2023-11-02`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
proofapi.com GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh

This page contains 4 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Frame ID: 6611C455C90F95EC63134F040B956B96
Requests: 169 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: CBACD62456B12E77DA01E86AE2F62976
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: A025416B354AF1BFA4135BB6F19B0BD8
Requests: 8 HTTP requests in this frame

Frame: https://d2cli4kgl5uxre.cloudfront.net/js/h/val.html?postM=1
Frame ID: EF80ACF9A320F2B9F6190695916C4E7A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.revealedtoday.info/a/1393/click/3955/865321/bad6966da0daa0d90391dbf7ddfdf8f7331b76a9/4fa3eecbb9... HTTP 302
https://go.welldaily.com/aff_c?offer_id=67&aff_id=2&aff_sub=revgoldrevfs0608 HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFF... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

96 %
HTTPS

43 %
IPv6

40
Domains

65
Subdomains

57
IPs

7
Countries

7800 kB
Transfer

11372 kB
Size

50
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.revealedtoday.info/a/1393/click/3955/865321/bad6966da0daa0d90391dbf7ddfdf8f7331b76a9/4fa3eecbb9de2536fe91ccba60f76310bd97b3c8 HTTP 302
https://go.welldaily.com/aff_c?offer_id=67&aff_id=2&aff_sub=revgoldrevfs0608 HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=xNQVc3xmblVpcHIyTlJUZGJnS1pIVmI3MTVxU1NTUnEyaUJXaWZ4dEFITmhIK3RCM0l3TFJRQzZ6NHBkMVJIOXVTb3JRYnZVb1RvZzBzZ0pYMTAvVVBZcUdhMjAxdXJZU2JUNnFwUmVGc243MDB4d1d6aGhJeW4yU3JCdmZNbm1wUU9wRGsrRzlwSHd4SWhrMTF6SWVtNGZ1SlpaeWp2QTRha3VpcU91Vkd1ZmY1aThnSjl2OEZLUXIwc1ZYR2tneU1WQVY3WDgrOHFWcVU5Ymk5a241Q2FrUm95SU1LaTBkYlR1NlMrekhZRUtmb2s5T2oxUHlCS2wxdnJGZXNZak1IekpxZ2lIRDlBVFBadG52UWdzK1NyVEdqN2VPa2RnMXNuSkNyQ2Rmc3d1R3dmND18&cppv=2

Request Chain 51

https://rp.liadm.com/j?dtstmp=1686602312456&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe&tna=v2.7.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1686602312456&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe&tna=v2.7.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjQwNjA6YWNiNjo3YTVl&n3pc=true

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=SIKHZM-9IYKt9u8Pkryv0A0&sscte=1&crd=&pscrd=EkxDaEFJOElTYnBBWVF6ckdHeUlEcTJLWTNFaVVBMmw0U2JYdjVIWExlU1FSbVRpbWtqQlZhcTQyQW5hV2R4bmRXajVqcnZiaXFPMzgwGlhDaEVJOElTYnBBWVF4YkNNdXU3czlzUDZBUkl0QU1DZzdrSVlhUkduTk9xRWZKUUZsNXR5dVo5V1ZHT21yTmNvUkFxd3A5cmxpUENMWkJ3QV9nUjdUUl9mIhMIz4Hencu-_wIVgpb9Bx0S3gva HTTP 302
https://www.google.com/pagead/1p-conversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOElTYnBBWVF6ckdHeUlEcTJLWTNFaVVBMmw0U2JYdjVIWExlU1FSbVRpbWtqQlZhcTQyQW5hV2R4bmRXajVqcnZiaXFPMzgwGlhDaEVJOElTYnBBWVF4YkNNdXU3czlzUDZBUkl0QU1DZzdrSVlhUkduTk9xRWZKUUZsNXR5dVo5V1ZHT21yTmNvUkFxd3A5cmxpUENMWkJ3QV9nUjdUUl9mIhMIz4Hencu-_wIVgpb9Bx0S3gva&is_vtc=1&ocp_id=SIKHZM-9IYKt9u8Pkryv0A0&cid=CAQSKQBygQiD_LnfWz0IYzn03HhbQlzTqw_yfx_5yzOaVXplnTgw9PCI65ZW&random=3250374877 HTTP 302
https://www.google.de/pagead/1p-conversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOElTYnBBWVF6ckdHeUlEcTJLWTNFaVVBMmw0U2JYdjVIWExlU1FSbVRpbWtqQlZhcTQyQW5hV2R4bmRXajVqcnZiaXFPMzgwGlhDaEVJOElTYnBBWVF4YkNNdXU3czlzUDZBUkl0QU1DZzdrSVlhUkduTk9xRWZKUUZsNXR5dVo5V1ZHT21yTmNvUkFxd3A5cmxpUENMWkJ3QV9nUjdUUl9mIhMIz4Hencu-_wIVgpb9Bx0S3gva&is_vtc=1&ocp_id=SIKHZM-9IYKt9u8Pkryv0A0&cid=CAQSKQBygQiD_LnfWz0IYzn03HhbQlzTqw_yfx_5yzOaVXplnTgw9PCI65ZW&random=3250374877&ipr=y

Request Chain 75

https://sslwidget.criteo.com/event?a=102531&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyNGJpN2U0U3FpbzhiYWNPTkF2eDdWMUF4dWkyRVRkSkplZ1k5JTJCbmtmbGRmOUdGcWN5NTRIRk83Qk55bG5MUkRsMGhqU1NYd1FWQTJnRG1EN0JiRFRZbk1wZFpRcjdpR3BzeSUyQnVIMkxOOWI0OUlDZ2llV3h3JTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102f1797f89ff657c363441211b3f9%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D2_revgoldrevfs0608&ceid=01274feb-1cb1-4eb4-9f3e-0b76341fb5e9&dtycbr=62845 HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyNGJpN2U0U3FpbzhiYWNPTkF2eDdWMUF4dWkyRVRkSkplZ1k5JTJCbmtmbGRmOUdGcWN5NTRIRk83Qk55bG5MUkRsMGhqU1NYd1FWQTJnRG1EN0JiRFRZbk1wZFpRcjdpR3BzeSUyQnVIMkxOOWI0OUlDZ2llV3h3JTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102f1797f89ff657c363441211b3f9%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D2_revgoldrevfs0608&ceid=01274feb-1cb1-4eb4-9f3e-0b76341fb5e9&dtycbr=62845

Request Chain 162

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86 HTTP 302
https://a.clickcertain.com/px/smart/a/?partner_id=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86&c=24a3d6f0fe7dd9c&seg=uc-grplus-fps HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

180 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-fps/
Redirect Chain

https://links.revealedtoday.info/a/1393/click/3955/865321/bad6966da0daa0d90391dbf7ddfdf8f7331b76a9/4fa3eecbb9de2536fe91ccba60f76310bd97b3c8
https://go.welldaily.com/aff_c?offer_id=67&aff_id=2&aff_sub=revgoldrevfs0608
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

312 KB
43 KB

634ms
61ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f207a6dbdda4e9fcf5396a56b17d615f76eba8c2151dc32b3835970e5547ea9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 42983
content-location: https://pages.upwellness.com/uc-grplus-fps/
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 20:38:31 GMT
etag: "an:d481d07de9c9428b8ba70c8eef6f8125"
link: <https://pages.upwellness.com/uc-grplus-fps/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: 6d2c7105-ebae-455a-91f2-47af4209ed5f
x-unbounce-variant: an
x-unbounce-visitorid: d481d07d-e9c9-428b-8ba7-0c8eef6f8125

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 12 Jun 2023 20:38:30 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102f1797f89ff657c363441211b3f9
X-Request-Id: c8de1253e6e8126bc0c6b2468ad3fa45
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 165ms
42ms Stylesheet
text/css 52.222.174.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-124.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:02:31 GMT
content-encoding: gzip
via: 1.1 3975dc95fb3c5fc91da92363a17c96c4.cloudfront.net (CloudFront)
x-amz-version-id: Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop: CDG50-P2
age: 1971361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Mon, 13 Mar 2023 16:18:47 GMT
server: AmazonS3
etag: "15295835030f315ea1ec0147abd5ea63"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qJpfBlxg4EoWmEQfCVFc3mUfXd6LCzONLqi-xQvRTCJUtw-Dz4trgg==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 146ms
41ms Script
application/javascript 2600:9000:20e1:f400:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e1:f400:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:51:43 GMT
content-encoding: gzip
via: 1.1 1dc2ff77d1e8b23aad1d3301c4982860.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
x-amz-cf-pop: CDG50-C2
age: 5377609
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1865
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: udocjoY00HlecTkMPzOnrClCdyxT4hzzhkyWv_aYvdzTHOTrLnlA4A==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 258ms
30ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ec6fa4c10a264e6b3322120a6744b1239fc56abb1be2c35beceeb4805265770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 6836
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: Ga0fLHOAjoEF1IA=

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 42 KB
15 KB 255ms
31ms Script
application/javascript 2600:9000:225e:9c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f21e3a7eb4ab64052ab4c1938aa95e536d67c62e4c0b10bbb6140a1ede240fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 07:38:10 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 46822
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 4aqGIX3xnTabiYXV4vb65km_Mky2bUd6t7Mmox5G0vYOHqSuIjfU2Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 175ms
109ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd50003422f29c72626e570befd7164972ee953510534332addded40a4eb9978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56304
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 107ms
42ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc05b045c53817a90a09ee715feda4a7a83f1503bc6d805bd1dd18e5b87249c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73234
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
80 KB 189ms
123ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d6906f5c886e20cb01d1712aed2fc973075b91074bb5ee153c2b45927126c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81713
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
15 KB 136ms
67ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c67226c4f4029abbab42bff4669f1b2f45918c814466caa74f2f55eeb5b5ba8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 146ms
81ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3a7da94016ef3d6f3d393f030aa833a74c4022b67050ea8859a0dcac3ad2537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74135
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 e8xcaqkjm4.jsonp Show response
fast.wistia.com/embed/medias/ 7 KB
2 KB 236ms
81ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b8b5efcda45690e3fcba53f110d190a58af14a80c0bbefedd4fd2e9fe575861a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 ddeb8679359f033dad405557c487bfdc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 131288
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 49
content-length: 1836
x-request-id: 73452001-d475-4a67-912c-72b5e06319f0
x-served-by: cache-iad-kcgs7200033-IAD, cache-fra-eddf8230034-FRA
x-runtime: 0.048159
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 114
server: envoy
x-timer: S1686602312.192266,VS0,VE2
etag: W/"b8b5efcda45690e3fcba53f110d190a5"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zA3JZVIKoZ6kVhgiHNF9s-fgtdAm0EuWFCz7DmQGQHpdoKERE66UeA==
x-cache-hits: 32, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 651 KB
118 KB 146ms
27ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ec3e8323e0737223c3f78f5c420210fd8bac9f541914efe642f21762e930ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 334
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 120050
x-served-by: cache-iad-kjyo7100080-IAD, cache-fra-eddf8230034-FRA
x-browser-version: 114
last-modified: Mon, 12 Jun 2023 20:31:54 GMT
server: AmazonS3
x-timer: S1686602312.192233,VS0,VE0
etag: "c696c2291f4577cdcb0ae79036dc3d36"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf3a2a821da091c6300b7f877a801b58b5437548
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 33

GET
H2 200 swatch
fast.wistia.com/embed/medias/e8xcaqkjm4/ 5 KB
5 KB 307ms
124ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
access-control-request-method: *
via: 1.1 972475a90ca36cd44d9a9e3be6e1990e.cloudfront.net (CloudFront), 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD55-P2, IAD89-C3
age: 11322
edge-cache-tag: 9c999aa0107b556d5cd5f59d9dd7e014
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 320
content-disposition: inline
content-length: 4891
x-served-by: cache-iad-kcgs7200082-IAD, cache-fra-eddf8230034-FRA
x-browser-version: 114
last-modified: Tue, 05 Oct 2021 16:24:56 UTC
server: envoy
x-timer: S1686602312.192012,VS0,VE96
etag: KTO7iHMFy31bRBoB_X8SLpxC2Uc=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vRCrU0Ev_a9foFLsh3O311U7GGpS8PBJV0eo3vQ_G2zl_N5LFwT8Uw==
x-cache-hits: 16, 0

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 594ms
226ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
811 B 486ms
136ms Script
text/javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 224ms
133ms Script
text/javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 851

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 104ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1821089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27198
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Jn5rKaK4mWt2rZjWcIhCiXb218m7y3rjpoI%2FGd9g37DuFFBkycC0HUJz2DuKbbnglrZbwYbpzG9nLW1emOA6q2La6yCObbaHoLC4cMloBpSdHeTs9vQHj1mut67w%2Bz7mejXxdQlA6Daj%2BWUd9UALL3Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d64e5e229ef2bba-FRA
expires: Sat, 01 Jun 2024 20:38:32 GMT

GET
H2 200 main.bundle-85a7477.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 44ms
43ms Script
application/javascript 52.222.174.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-124.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:49:42 GMT
content-encoding: gzip
via: 1.1 3975dc95fb3c5fc91da92363a17c96c4.cloudfront.net (CloudFront)
x-amz-version-id: TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop: CDG50-P2
age: 2652530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33747
last-modified: Mon, 27 Feb 2023 19:12:56 GMT
server: AmazonS3
etag: "b4081a636463cc60b1faf49e579e8cb9"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Rr2qbbqJ2C8x-d8_1L9znuQMfxSxcXFxERRzKS74eQR8kWJnr8z2TQ==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 117ms
35ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H6WQCW6APBRBRCJ9
age: 11373757
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: vM+BMECrCORW9FJ+rHMQf57UtypTW4x/blOCBNGkW80f7RL4qXXnsbQ/1PrS2xXuBPa/piNmWbg=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzarlohM992731VHq%2BRdD6D4xKHVBFRnr8owVtpb5OKj9v5qDxb2kpCEyN03ciIOj5sm5Hjw4M1HzKLj509WEyxZmwcD3X8jq8tKSS1pFVWxMPKqWqNGhXCH5D1xwDLCpUbUE2W16RDWeA%2FXrpZl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7d64e5e388291915-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 114ms
28ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0063ead0fc6b4ddafaf004c17771309a5931249b36c40781ced840a776b9755b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-cdn: fastly
etag: "101ddadc6513f10acedb39dafd405d0d"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1445

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 279ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:30 GMT
x-amz-version-id: pM_8Podf2LG1oYqe3ugSKxJX2zCnEaDh
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 0B440MPJW8S8WFTE
age: 3
x-amz-server-side-encryption: AES256
x-amz-id-2: vNyUAW6uQozjM75h+HxyJD22FlYBb+BLX7zkza/K+ldHvcfV7YFJ+6DRoQdwF2vWNLcZM3hzM7E=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 12 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 07 Jun 2023 11:01:50 GMT
server: ATS
etag: "62d9fe1cc1697022ba0fe2a4d038b308-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 290ms
219ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90d181c72600ede987fa9d4579da027538f3ee8fe539f2e68675b51c29494c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: zvOJwzlHQ0K8T6kwqxdnDC4zNBqbrXE6
content-encoding: gzip
via: 1.1 varnish
date: Mon, 12 Jun 2023 20:38:32 GMT
x-amz-request-id: 2FAY73FKBJTBDDRS
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18353
x-amz-id-2: M0trKCN3QLxcchvBHuuRhppguG+NeWh4cXrH1YKN17ob08ztDYkkynuFdu22ysMu1U68Kv22UG8=
x-served-by: cache-fra-etou8220101-FRA
last-modified: Sun, 11 Jun 2023 11:03:41 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1686602312.244871,VS0,VE192
etag: "8c2f5933b325f56577b4b590b7c28c2a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 20
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 142ms
27ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f8cb3417715e1f98e281c70c4a0cfa4d8b2934bea25ac91bc9f0682259a8f3e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 20:38:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2023 14:50:34 GMT
Server: AkamaiNetStorage
ETag: "966f548b03fbf3b19ba87f8ba3bc7617:1686581804.902101"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6952
Expires: Mon, 12 Jun 2023 20:58:32 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 607ms
201ms Script
application/javascript 54.200.49.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.200.49.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-200-49-94.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 23:19:10 GMT
server: istio-envoy
etag: W/"6481106e-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 4

GET events.js
analytics.tiktok.com/i18n/pixel/ 0
0

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 143ms
28ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1686614400000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 17:20:48 GMT
x-amz-cf-pop: FRA60-P3
age: 26540
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: HWY_21PSVsiWeu7IfHZFMj9iw72m4uJKso_xsWTyZuNGPzSoSnfl4Q==

GET
H2 200 pixel.js Show response
cdn.mediago.io/js/ 26 KB
26 KB 125ms
31ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/pixel.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37b976ac6a9338da3b8c6cdd8906ddd14add06bbea122629c956ca331f653cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: XYrTzTbqsDS8y_SYq5q0XpfTigYsvOFo
date: Mon, 12 Jun 2023 06:06:26 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 06:12:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 52327
x-amz-server-side-encryption: AES256
etag: "461a220676b1f0c3982b65bffda90f2e"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 26184
x-amz-cf-id: N9HFo9FyJ8e6-WZZZG1zLz6zhF5LR21X7WjhHhsG2w9aC-vj6sAe1w==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
69 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

129569645cb4787068726c1d1f16696f98dfe81dfa08439cb6a9674479e05314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70300
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET events.js
analytics.tiktok.com/i18n/pixel/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 42 KB
42 KB 104ms
34ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:28 GMT
x-amz-version-id: lJAmakYKgdsFfju9rAQ_NzyoVi2.uFzt
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294465
etag: "e3753887ecf5fb15513cde566e26a803"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 43016
x-amz-cf-id: XjBYEsVthL3DLq1vQExEv7Gl-0dx4WxAYqAoqQw5pJKo2q1Lih4RFw==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 121 KB
121 KB 34ms
33ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:32 GMT
x-amz-version-id: BKVxmHo89kyERTnWcn0VwVcCrf2b5OO6
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294461
etag: "8623460fd509c8bce7623df03b517ef6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 123673
x-amz-cf-id: 4J-qB2pnrvkJ50T3eHGGxVWFBHl06KRiLdy8QkDjI3HCPp1RA4o5Og==

GET
H2 200 cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 34 KB
35 KB 88ms
88ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 15:59:32 GMT
x-amz-version-id: uxBUg74jY0Y1i_4VyMH60o9xW0QePNIj
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22048740
etag: "57ad6757695bd394d132dffc6cf3d1fd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 35034
x-amz-cf-id: JXc1vn7hbU-tcDwVUxjg6DSUorZyE3O-tHVA7qk-s4_9yBzA1YXxUw==

GET
H2 200 a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 185 KB
186 KB 109ms
108ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:06:38 GMT
x-amz-version-id: au.ApT0XP8axgvPpnxd4g7.IOce6tuGq
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 21022315
etag: "ce5156cacf580d0e35ff189b67aacfbc"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 189879
x-amz-cf-id: a_ahSKVq_Bos3ohX9YABGjr9YMoCHPkhCT1C8LBLAXwy5p39bs9FdQ==

GET
H2 200 aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 167 KB
167 KB 92ms
91ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:32 GMT
x-amz-version-id: QS0pP_ZeSDsPG_tDzM.REht8tGo9nZPS
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294461
etag: "981ccd318264bd584234aaec828d43ce"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 170550
x-amz-cf-id: Uxwsqhx3xW3_qgHCQssROEieZLBNI39ANK4J29oMuLDrocYLxo3Sfg==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 91 KB
92 KB 71ms
70ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:32 GMT
x-amz-version-id: 7LCThZSUle7eZdJUw8pzfb8V8juuLqKH
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294461
etag: "fc4db20401afee8c48e1ca79db0f0ec7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 93607
x-amz-cf-id: LO-eSheohW7_yePA9LToRgvy27TLBQA7HWqV_QLzoMmyZGR3l53NQA==

GET
H2 200 f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 393 KB
394 KB 129ms
128ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:25:42 GMT
x-amz-version-id: 83kQBtYIphc_dei_VsMT5haUCjNGXhhw
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22367570
etag: "056ca93a156b7b1ffad3e735ce3b7550"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 402177
x-amz-cf-id: xS3lXbYnMau-RL1JUDRfNygRzlPg9a-dP4pBx0j4rEM7D4hjQlNIyg==

GET
H2 200 5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 117 KB
117 KB 123ms
122ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5065891f-manuka-background-orange-01-1_11lc0mj1hc0mj01z000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:33 GMT
x-amz-version-id: oGmxOfer.hDO1KT81sQ61EDCeHTa2tQb
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294460
etag: "3e061c61f1b29bc2e19ae6c9a78f8819"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 119389
x-amz-cf-id: 2PW7Q83GciVSeJtgcweYhji8RWNIcVGXnakcW9JmTbOXyqxBRa1cPQ==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 44ms
44ms Script
application/javascript 2600:9000:20e1:f400:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e1:f400:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 21:52:30 GMT
content-encoding: gzip
via: 1.1 1dc2ff77d1e8b23aad1d3301c4982860.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C2
age: 6129963
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: YoJIWN7zxRb0_olMUAGz8rjfjjmrX-5AtMsoHxVg0RRPpxF9bo6QCA==

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 389ms
123ms Image
image/gif 18.214.96.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1686602312054&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=8ac9c3f5-f2c1-4ec7-8882-09b8d713a6d7&dtm=1686602312052&vp=1600x1200&ds=1600x17230&vid=1&sid=c75e4466-4bcc-482a-8ad1-5b44f13dc5c0&duid=e1118b83-f699-446e-8653-b5f6ae694dec&uid=d481d07d-e9c9-428b-8ba7-0c8eef6f8125&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNmQyYzcxMDUtZWJhZS00NTVhLTkxZjItNDdhZjQyMDllZDVmIiwidmFyaWFudElkIjoiYW4iLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.96.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-96-110.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CBAC 15 KB
6 KB 112ms
37ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 20:38:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 482500
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
2 KB 137ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1686602312150&cv=11&fst=1686602312150&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b685acc67243349316cd30c8bbc966a9193ccae008826b890f1a7dc4e5e55973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 47ms
45ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d300f0e7fd80d3826ae192195a0cf6362345b48f4748b9e0a6e43e0d32ce219e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73188
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
80 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32f2b593d1ec97c6855a4f2c8bbcac21ce02a6fd94213cfcc2f8cb7d7b2ac22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81729
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f05df9c043c84ba716c31985f1b91cfeb53960e1673cc20755cefabbeab5069a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74161
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
2 KB 76ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1686602312191&cv=11&fst=1686602312191&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceb0e395828c8fecc0f7d56064fab4c7330b83f20a011587d825e89a7961c492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
2 KB 59ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1686602312213&cv=11&fst=1686602312213&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4509fd2c3140101b9cabb07cdf2d5bff08cc81f0c10e70116b002fa11d46bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
2 KB 85ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1686602312247&cv=11&fst=1686602312247&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36840f8fd89d5d9ebc1598072e2051e976121e16b5e4126240ae029f5081d7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1399
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/458254939/ 3 KB
2 KB 122ms
45ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/458254939/?random=1686602312267&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

431164b04e3765e1b2594997f08ec62297da883c6482e2b995478ed6e9080233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1640
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 162ms
34ms Script
application/javascript 108.138.17.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2686496
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 9SYuxmdD5UM5f4rxbd0vTyd7g9GRfGaCwAsVNgGWhhdYK1UwY51SUA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame CBAC
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=xNQVc3xmblVpcHIyTlJUZGJnS1pIVmI3MTVxU1NTUnEyaUJXaWZ4dEFITmhIK3RCM0l3TFJRQzZ6NHBkMVJIOXVTb3JRYnZVb1RvZzBzZ0pYMTAvVVBZcUdhMjAxdXJZU2JUNnFwUmVGc243MDB4d1d6aGhJeW4yU3JCdm...

417 B
650 B

111ms
36ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xNQVc3xmblVpcHIyTlJUZGJnS1pIVmI3MTVxU1NTUnEyaUJXaWZ4dEFITmhIK3RCM0l3TFJRQzZ6NHBkMVJIOXVTb3JRYnZVb1RvZzBzZ0pYMTAvVVBZcUdhMjAxdXJZU2JUNnFwUmVGc243MDB4d1d6aGhJeW4yU3JCdmZNbm1wUU9wRGsrRzlwSHd4SWhrMTF6SWVtNGZ1SlpaeWp2QTRha3VpcU91Vkd1ZmY1aThnSjl2OEZLUXIwc1ZYR2tneU1WQVY3WDgrOHFWcVU5Ymk5a241Q2FrUm95SU1LaTBkYlR1NlMrekhZRUtmb2s5T2oxUHlCS2wxdnJGZXNZak1IekpxZ2lIRDlBVFBadG52UWdzK1NyVEdqN2VPa2RnMXNuSkNyQ2Rmc3d1R3dmND18&cppv=2

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

024d63c477b3b71469863111d6a816069106911108b2f6362f78a9354694602e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1508641
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=xNQVc3xmblVpcHIyTlJUZGJnS1pIVmI3MTVxU1NTUnEyaUJXaWZ4dEFITmhIK3RCM0l3TFJRQzZ6NHBkMVJIOXVTb3JRYnZVb1RvZzBzZ0pYMTAvVVBZcUdhMjAxdXJZU2JUNnFwUmVGc243MDB4d1d6aGhJeW4yU3JCdmZNbm1wUU9wRGsrRzlwSHd4SWhrMTF6SWVtNGZ1SlpaeWp2QTRha3VpcU91Vkd1ZmY1aThnSjl2OEZLUXIwc1ZYR2tneU1WQVY3WDgrOHFWcVU5Ymk5a241Q2FrUm95SU1LaTBkYlR1NlMrekhZRUtmb2s5T2oxUHlCS2wxdnJGZXNZak1IekpxZ2lIRDlBVFBadG52UWdzK1NyVEdqN2VPa2RnMXNuSkNyQ2Rmc3d1R3dmND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 268886
content-length: 0
expires: 0

GET
H2 200 main.14eb2ef4.js Show response
s.pinimg.com/ct/lib/ 62 KB
18 KB 29ms
27ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.14eb2ef4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cfdc9706fe9b9ba84f87bb05a4c67a4c8dcc52297179fd44e00052e835cc9196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-cdn: fastly
etag: "fe85b902a86ad6ce0e244ed2db1c45c4"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 17990

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1686602312456&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe&tna=v2.7.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessio...
https://rp4.liadm.com/j?dtstmp=1686602312456&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe&tna=v2.7.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessi...

13 B
553 B

419ms
133ms

XHR
application/json

52.1.91.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1686602312456&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe&tna=v2.7.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjQwNjA6YWNiNjo3YTVl&n3pc=true

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Server

52.1.91.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-91-70.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
x-pixel-event-id: 9eba5536-1936-4d0d-8476-e51876299766
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: e44c3861cf27ecc7
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 12 Jun 2023 20:38:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1686602312456&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe&tna=v2.7.2&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDEyOjQwNjA6YWNiNjo3YTVl&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: 1a80f4398814357a
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 470ms
115ms Script
application/javascript 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 20:38:32 GMT
X-TraceId: c039c9d18667fa17a451603cdd25d24a
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 464ms
109ms Image
image/gif 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=042719670377385266&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 20:38:32 GMT
Cache-Control: no-cache
X-TraceId: 931625d046954a247bfd8e429436ba30
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 70 KB
19 KB 43ms
43ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

700ee4f0e5008ffacae2947ee3ecf5dc90b0d3937aec33f6e5145b959354d86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 335
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19328
x-served-by: cache-iad-kcgs7200160-IAD, cache-fra-eddf8230034-FRA
x-browser-version: 114
last-modified: Mon, 12 Jun 2023 20:31:54 GMT
server: AmazonS3
x-timer: S1686602313.594152,VS0,VE0
etag: "0e66b8ad2026593cab4b433eadbfcdb7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf3a2a821da091c6300b7f877a801b58b5437548
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 3

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 634ms
195ms Ping
application/json 34.213.130.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-9vimw0ja-litbgxa2&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&ts=1686602311938&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20114&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1686614400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.130.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-130-140.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 220 B
1 KB 222ms
221ms Script
text/javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-fps/%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9cdc6a807b83ca53db77d57f58a2e265774e2fc1356ad863ebcc56c546cfaa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 148

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 2 KB
2 KB 86ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1686602312588&data=%7B%22id%22%3A643%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1686602312581%2C%22cv%22%3A%2220230611-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1686602312587%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b6b6338b41654102a12bb2fbb69d5ed53d6fbed1378d125b1e77a05a1f7c0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220101-FRA
server: nginx
x-timer: S1686602313.655337,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
455 B 139ms
58ms Image
image/gif 2a00:1450:4007:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1686602312191&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=656849678&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
455 B 106ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1686602312191&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=656849678&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
384 B 125ms
45ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 22:57:52 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 03FANEB7Y51AHN16
age: 78041
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: N5vJWPYZpMzhm8OlQAWgNNE6ubt4TbUpJ30kVyrVbfKfgAp0HSpr64YGwz+tKbnVHxdOHfefdPN73ahtFfKrkQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
679 B 124ms
44ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:14:25 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: E1FQQF7DT4K3J57E
age: 15848
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: uqSgSF//z4RxoeC/rK/EIeOTEANcRZLwa8wV1hQJw5VSlqW1aYcORlDV1bVP1ZRISwaMd5Ajr+g=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 91ms
27ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 20:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 185
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 12 Jun 2023 22:35:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 143 KB
55 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aabed7300c8f2c3abe0951684ad67bacd4758e1b0bb3953257909605897995f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56308
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:38:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 20:38:32 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 196 KB
197 KB 749ms
626ms Script
binary/octet-stream 18.66.137.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-164.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e476c17d38ac4239d3c4651cfdec091040a48ff75515129e8cc350507419d8f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: NlZKf0B6IXapaE23HbzW.1SfWweYCyge
date: Mon, 12 Jun 2023 20:38:34 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 201018
last-modified: Fri, 02 Jun 2023 13:30:42 GMT
server: AmazonS3
etag: "daf7e6c025c9170adaf6019b5d2d7857"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: ye5pyX-EY0Wm5YNYLq3eGuzpREALfrQLtkBd45awcbaURA3YQoPnfw==

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 96 KB
29 KB 31ms
30ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a2a18d0b33ea40329eda9a58c5d3a5163c465c96bd0cb67c8b728bf4a7e3b9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 333
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 29679
x-served-by: cache-iad-kcgs7200043-IAD, cache-fra-eddf8230034-FRA
x-browser-version: 114
last-modified: Mon, 12 Jun 2023 20:31:54 GMT
server: AmazonS3
x-timer: S1686602313.640391,VS0,VE2
etag: "9a29b1e8b209d81ee59315460ad156de"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf3a2a821da091c6300b7f877a801b58b5437548
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 1

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 56ms
55ms Image
image/gif 2a00:1450:4007:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1686602312213&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2339754644&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1686602312213&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2339754644&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 55ms
55ms Image
image/gif 2a00:1450:4007:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1686602312150&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2861721360&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1686602312150&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2861721360&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 57ms
56ms Image
image/gif 2a00:1450:4007:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1686602312247&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1966865712&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1686602312247&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1966865712&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
861 B 224ms
66ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1686602312624&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.14eb2ef4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d7d5ce17.1686602312.538a512
x-envoy-upstream-service-time: 2
content-length: 385
x-pinterest-rid: 7349983011320183
pin-unauth: dWlkPVpUY3lOVFZrTnpBdE4ySmpOQzAwTURjMkxXSTVNMk10Wm1RME9HUXlabVl6Tm1WbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
324 B 119ms
69ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2214eb2ef4%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1686602312628

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d7d5ce17.1686602312.538a513
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 3329875634550897
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/458254939/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages...
https://www.google.com/pagead/1p-conversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-...
https://www.google.de/pagead/1p-conversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-g...

42 B
108 B

46ms
46ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOElTYnBBWVF6ckdHeUlEcTJLWTNFaVVBMmw0U2JYdjVIWExlU1FSbVRpbWtqQlZhcTQyQW5hV2R4bmRXajVqcnZiaXFPMzgwGlhDaEVJOElTYnBBWVF4YkNNdXU3czlzUDZBUkl0QU1DZzdrSVlhUkduTk9xRWZKUUZsNXR5dVo5V1ZHT21yTmNvUkFxd3A5cmxpUENMWkJ3QV9nUjdUUl9mIhMIz4Hencu-_wIVgpb9Bx0S3gva&is_vtc=1&ocp_id=SIKHZM-9IYKt9u8Pkryv0A0&cid=CAQSKQBygQiD_LnfWz0IYzn03HhbQlzTqw_yfx_5yzOaVXplnTgw9PCI65ZW&random=3250374877&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/458254939/?random=353481874&cv=11&fst=1686602312267&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOElTYnBBWVF6ckdHeUlEcTJLWTNFaVVBMmw0U2JYdjVIWExlU1FSbVRpbWtqQlZhcTQyQW5hV2R4bmRXajVqcnZiaXFPMzgwGlhDaEVJOElTYnBBWVF4YkNNdXU3czlzUDZBUkl0QU1DZzdrSVlhUkduTk9xRWZKUUZsNXR5dVo5V1ZHT21yTmNvUkFxd3A5cmxpUENMWkJ3QV9nUjdUUl9mIhMIz4Hencu-_wIVgpb9Bx0S3gva&is_vtc=1&ocp_id=SIKHZM-9IYKt9u8Pkryv0A0&cid=CAQSKQBygQiD_LnfWz0IYzn03HhbQlzTqw_yfx_5yzOaVXplnTgw9PCI65ZW&random=3250374877&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyN...
https://widget.us.criteo.com/event?a=102531&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyN...

8 KB
4 KB

356ms
126ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyNGJpN2U0U3FpbzhiYWNPTkF2eDdWMUF4dWkyRVRkSkplZ1k5JTJCbmtmbGRmOUdGcWN5NTRIRk83Qk55bG5MUkRsMGhqU1NYd1FWQTJnRG1EN0JiRFRZbk1wZFpRcjdpR3BzeSUyQnVIMkxOOWI0OUlDZ2llV3h3JTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102f1797f89ff657c363441211b3f9%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D2_revgoldrevfs0608&ceid=01274feb-1cb1-4eb4-9f3e-0b76341fb5e9&dtycbr=62845

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac98a0f805e1bfa5f9f9304a4723c312a0e53c00ce8ff685d04753a21d9e5a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11945721
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=102531&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyNGJpN2U0U3FpbzhiYWNPTkF2eDdWMUF4dWkyRVRkSkplZ1k5JTJCbmtmbGRmOUdGcWN5NTRIRk83Qk55bG5MUkRsMGhqU1NYd1FWQTJnRG1EN0JiRFRZbk1wZFpRcjdpR3BzeSUyQnVIMkxOOWI0OUlDZ2llV3h3JTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102f1797f89ff657c363441211b3f9%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D2_revgoldrevfs0608&ceid=01274feb-1cb1-4eb4-9f3e-0b76341fb5e9&dtycbr=62845
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4965279
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1686602312719&cv=11&fst=1686602312719&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&hn=www.googleadservices.com&frm=0&auid=286511323.1686602312&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416b14ea1899b3fa714c295a7a3051dcf5419fdeace40f69a9f8f5691d470c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 250ms
62ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2012%20Jun%202023%2020%3A38%3A32%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&enc=UTF-8&yv=1.15.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Jun 2023 20:38:33 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 222ms
62ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&enc=UTF-8&yv=1.15.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Jun 2023 20:38:33 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 470 KB
115 KB 93ms
28ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e7da82e3b134182524c06afc63fc24b907e44ebcd4ffa26bfc355b8b53120bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 335
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 116993
x-served-by: cache-iad-kiad7000059-IAD, cache-fra-eddf8230084-FRA
x-browser-version: 114
last-modified: Mon, 12 Jun 2023 20:31:54 GMT
server: AmazonS3
x-timer: S1686602313.879457,VS0,VE0
etag: "5f08b11a6717e30450f3b620d0f1433e"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf3a2a821da091c6300b7f877a801b58b5437548
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 14

GET
H2 200 0b76a8eda7c331eb805ad8af326f611e.png
embed-ssl.wistia.com/deliveries/ 96 KB
96 KB 143ms
37ms Image
image/png 2600:9000:21f3:5200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/0b76a8eda7c331eb805ad8af326f611e.png?image_crop_resized=1920x1080
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:36:56 GMT
access-control-request-method: *
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 72095
edge-cache-tag: 0b76a8eda7c331eb805ad8af326f611e
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 409
content-disposition: inline
surrogate-key: 0b76a8eda7c331eb805ad8af326f611e thumbnail-delivery
last-modified: Thu, 23 Sep 2021 14:58:31 UTC
server: envoy
etag: MCRQ8DYfj2ieeWrQGMrwuPDRHns=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: y_uBqqtoDd-yi8Dx3SLqDz7CcBzNOALFmZZ70YG5TtVsDsSVYAmTag==

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 2 KB
1 KB 47ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1686602312791&data=%7B%22id%22%3A455%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1686602312581%2C%22cv%22%3A%2220230611-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1686602312591%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aed7d31637ff613850bfb62f758fa28981199998819ced712e7c2345676869b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Mon, 12 Jun 2023 20:38:32 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220101-FRA
server: nginx
x-timer: S1686602313.879441,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 124ms
46ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-28307243-3&cid=1586504115.1686602313&jid=1525057014&gjid=1028644606&_gid=828741028.1686602313&_u=YGBAiEABBAAAAEAAI~&z=1436771171

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Jun 2023 20:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 29ms
28ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=412334831&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=1525057014&gjid=1028644606&cid=1586504115.1686602313&tid=UA-28307243-3&_gid=828741028.1686602313&gtm=45He3671n81M3S986P&z=548997980

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 05:58:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52813
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 100ms
29ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Jun 2023 20:38:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Yq505Tbk1Cyb30X2hPKr/IO2ndzk7F7PUECc3hQjqKp3iMRuYwBk1EjpkylRdaDaQfRddBfTjWR0PlwBO3753A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 10 KB
4 KB 141ms
64ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

d2b4c981d258d38be720817b04e02e768bcf88eaff940dd5e076d18e2867024d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 20:38:33 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/29ff3f3195e53c22a5a7347d0daef818
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bIljrZMaSte43nsLEiGARlxA0dJ2uSPvwI_P3v9ihOYnLlraZSmEkQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 110ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 12 Jun 2023 20:38:32 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60F398734CA3436887330E3048AD6A67 Ref B: FRA31EDGE0821 Ref C: 2023-06-12T20:38:33Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 253ms
215ms Image
text/plain 54.200.49.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&ndclid=&rf=&sem=&tm=0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.49.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-49-94.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
x-envoy-upstream-service-time: 13
server: istio-envoy
context-id: 8c433d9b-25d3-459d-a18a-4675ece557c8

GET
H2 200 v
views.unsplash.com/ 0
0 133ms
44ms Image
application/json 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.unsplash.com/v?app_id=27955&photo_id=0tgmnmiyq9y,0tgmnmiyq9y,0tgmnmiyq9y
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
BLOB 200
OK 5381af65-f4fa-4ff9-a8a2-35859a46177f
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/5381af65-f4fa-4ff9-a8a2-35859a46177f
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 7 KB
1 KB 453ms
325ms Stylesheet
text/css 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

10418b9b694f65ea9322fd88b0acd517d139fb68fdf6c8e72af892136a54996d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 54a64319-15b3-4381-8d8c-9b9fd26fc1fd
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: GbFLfH-8IAMF4tw=
content-length: 702
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-64878249-44d83ba337e613c9733f909a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: B2LU8LuqlCgfPABwTyiPYjA0Y7HH3YZNTpexrbLWz9VZl4vmdTTuFw==

GET
H2 200 2181c4f3-upwellness-logo_104201o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 4 KB
4 KB 41ms
31ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2181c4f3-upwellness-logo_104201o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:37 GMT
x-amz-version-id: OtTs_SZSYdNFf.JD9dztVbH4Qsdv4mtF
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294456
etag: "7b6c725ae1e3af92af160df87ba31720"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3678
x-amz-cf-id: eSUHXTaL7E4ibEEI02sl4Bsuvaa1WTutdOhD5b0tp4C8uLBVRFAMWg==

GET
H2 200 32f07f71-whitecheck_100p00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 542 B
961 B 42ms
32ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100p00w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 12:16:30 GMT
x-amz-version-id: ucxnflkTjXkcgQCadLCxzWfaNVYP41qm
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5991723
etag: "4825b4ea0d4c880b6307c2e7132ee9a6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 542
x-amz-cf-id: MBfg4LGi8E06ZL1RW_JQRicX852vsbXZjAAt1G3hEqLW0KF_GoiRBA==

GET
H2 200 95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 42ms
32ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:25:44 GMT
x-amz-version-id: 1RE_Jy5aH0Aby9dXdD_cmp61I1qdhWdE
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22367569
etag: "65bf040063564f89972c66052d155a51"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16499
x-amz-cf-id: D_-6BPX8d97IrR0onW2kmwFqVo0kZtskT9D5uJ2K6ofY1qbDFWibiw==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 3 KB
3 KB 51ms
41ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:26:26 GMT
x-amz-version-id: bRpwNUryBofsnp56CoWvxn0ckWgYytnc
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2373127
etag: "88263fec2db483b6e115f831a65022a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2981
x-amz-cf-id: kOne8Ys7BI6vDC6DdCjO6cHdadjvchIkmdh1uhDt3F2dPU6Vv8l0Kg==

GET
H2 200 ac1a08cd-inflammation-1_108t09u08b09p009005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 44 KB
44 KB 43ms
33ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ac1a08cd-inflammation-1_108t09u08b09p009005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 09:51:25 GMT
x-amz-version-id: b6ar4pKnkp4AlqrtqZ.1UzYroeZieaYE
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5568428
etag: "359ed3bb81729f290b18d9b109cf06a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 44857
x-amz-cf-id: 5IqUTCM3U8WcdKPrx5-X9HJKYyrRqHDEp8ZJ8rDZYopbG0kpwNLh5w==

GET
H2 200 4cac7528-white-215136347-1_10dm0c7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 44ms
34ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/4cac7528-white-215136347-1_10dm0c7000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:43 GMT
x-amz-version-id: hjK9g6o_1SltTDZNyGkcqSm0mNIyb_8t
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294450
etag: "816661072aa7266a68ff0387b3c14c4e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27101
x-amz-cf-id: xNMs4o3D6HePMKKEuT5OS2OEbhz29e9hKsH-PYlTOXvKGnsVTqQ40g==

GET
H2 200 100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 23 KB
23 KB 44ms
34ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id: PU1XtoJ_NKjiY2dzb_v66fhrDoflqkqe
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 13:12:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12985417
etag: "9e943cd62e2bfe0bc4e138564aa93a3e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 23241
x-amz-cf-id: 78QL6XAPVCBBeLMnQ-D2jOUd58vQX3yGAvOdoNVKd0isx5lhoEnEVQ==

GET
H2 200 55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 92 KB
93 KB 46ms
36ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 18 May 2023 13:24:21 GMT
x-amz-version-id: _1flHO.gGAffsNDEnffajxwwfMEa2No5
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2186052
etag: "49e2d3fbfeb102084be57d44c2246bb6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 94271
x-amz-cf-id: dG1X76TiOrdDbhfK0ISAMt3qgbZl_r-gNHcLveHQyiXDoAJrlhPIaQ==

GET
H2 200 d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 22 KB
22 KB 44ms
35ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: 57Z4rctKvSvLXDtNryODFyZ06WhO83xm
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "4b457e95483072fff9080800977a4a8c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22266
x-amz-cf-id: xyl_p4h7UvDb_SFUopCaNeIgs5cRu3MiQlaP52WJJrnDWFJEJ6u1Tg==

GET
H2 200 bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 73 KB
73 KB 47ms
37ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id: cXUtwpU3l2sc7Veu3DhMl39KIvBdMq_a
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 13:12:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12985417
etag: "866a3982d7193270694f5153cacfd6f1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 74374
x-amz-cf-id: KqiNz10JVgeonwwkYv8xfsy-Vua_YrFpq78O2TIb3Ba3teUJe8CTOg==

GET
H2 200 d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 17 KB
18 KB 78ms
69ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: Z4M_LCkc.M8ClC9_zciJCkEqb3ywXWvJ
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "1ec345ee01c3de0754cc0a131de2cc90"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 17818
x-amz-cf-id: FDJvqhTrjWo6jfgUJqm4h5GdZafLcTQSh3xF-6sDoA06R7ow88MvtA==

GET
H2 200 a72f1bbb-lr-283136986-1_109o0en000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 51 KB
51 KB 77ms
68ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a72f1bbb-lr-283136986-1_109o0en000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 04:26:43 GMT
x-amz-version-id: KkyLGPHU8ChAnNTOPPNgkqEuQBnGv4sD
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2131909
etag: "6de55b9cb1893772e0b63bbbfd24d503"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 52060
x-amz-cf-id: vnzWhJtL1f2R_NXuykowbjoJ9un8SkhJbaov5M4XAV5eKPTSHDzHrQ==

GET
H2 200 d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 26 KB
27 KB 70ms
61ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: 8nuDet0zaeGYit7InuYG43BO.ktJdhos
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "e0f67241c0cda7c8283f88e34e2a62b1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 26863
x-amz-cf-id: 1WXwjQUgLcA3ZCayZRg17WE-9LGrSeq_1rt7No5osIT2uex6qd-MhA==

GET
H2 200 da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 45 KB
45 KB 76ms
67ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:06:39 GMT
x-amz-version-id: fwBkXL8dGrCuLZHxPzAJPHJJ1oyGBmCS
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 21022314
etag: "95c55c95d92c456dd43b16b64f4b3ff5"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 45619
x-amz-cf-id: xt_mr0Q0v946ceZSgCw9mGc03IJbNySB6P07xLUvFq8pndTjzXmlpw==

GET
H2 200 5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 69ms
60ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:06:39 GMT
x-amz-version-id: jJFo9RnN8p23UXxRXBVPmegkgFS8vtSp
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 21022314
etag: "6f566bf0ca15c5ac601a04d4b7fb5559"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1092
x-amz-cf-id: 8hGC623WihCurkkX6koqMvUqvxUqWh5tmX8E9UXFQZP-JF8p7HPBew==

GET
H2 200 50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 926 B
1 KB 71ms
62ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: PC7CQy0eDmnyFroGiTD0c1PbMiLbiVUs
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "c4dea36dfe1ed65d42e45c3b855c61e3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 926
x-amz-cf-id: RDAAZgRW1xtG154fmtMLrNYwSEdzav5SyUtj1aGu62WZyu419ejCcQ==

GET
H2 200 56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
16 KB 74ms
66ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:26:23 GMT
x-amz-version-id: Y6wv4afKxwFKQX.Ff5awfzZgL_gP0fyV
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2373130
etag: "8ca90ce9d5610ced95d378903074b5dd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16228
x-amz-cf-id: 5Reh9dM0wsds7mjRKMpV4b03s59RtgeBM7IQ3Y7yh0NfOz3-ksWe1Q==

GET
H2 200 0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 67 KB
67 KB 72ms
63ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 04:26:44 GMT
x-amz-version-id: 9185QkDDIrJGPoHssprR4W6aMZ12aZmt
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2131909
etag: "8a35e1ec124590183b3b65717bbdf858"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 68470
x-amz-cf-id: 0m4tFo2Jq5PcTgq01Hlpc305gty1wFjd2c-_pHrGfVkXR-JIoiJhFg==

GET
H2 200 52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 308 B
701 B 71ms
63ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:25:47 GMT
x-amz-version-id: __G13ZuuJBjbuwqXEUHaUQ9DXsqL09d5
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22367566
etag: "664e0b74b02a5184054577ac4e266e5d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 308
x-amz-cf-id: 7ahXmX-59gR5K04Eflwkme1ZU8zV26ww7w7UqIskzCzn_QnF53XzXA==

GET
H2 200 7f01bac7-five-stars-original_103m012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 778 B
1 KB 76ms
68ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/7f01bac7-five-stars-original_103m012000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: T_eIj8pVjP0mam_BgH3cQxCSHzP_7kjP
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "918ec8903473fef53c9ba0b9cf21cd8b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 778
x-amz-cf-id: MBOkC7z-jSt2dQfEmdAj-0SBpGwnyz2HVxQH9l4hassaj75K7dYDYQ==

GET
H2 200 8c77d1de-rightarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1009 B
1 KB 79ms
71ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8c77d1de-rightarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: LcB.d91X4q7v9W5oMFNrL3MIqDw0oZCv
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "6eeccde26d2dc7f37f4370ec5f7bdef3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1009
x-amz-cf-id: etC3nlYj-lxNJH0O50qidTTvgNHI4GEWloDDPkOBDGd5sbGuVJGOdA==

GET
H2 200 382a6532-leftarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 81ms
74ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: _KOnTR6u5yg_uENEe_gTscmxD1eOdtDj
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "38636c9904e9e46c854a0c55d99255c9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1060
x-amz-cf-id: ONuF1-mBqS66V-N0I2q7o8lTG1pdb8lbbnxYKPhSXTzns1Wq6Mh7WQ==

GET
H2 200 382a6532-leftarrow-angle_1046045000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 2 KB
2 KB 79ms
72ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_1046045000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:03:49 GMT
x-amz-version-id: .Zw3kpL7phu2GR6zNnjuADYt2b1Ja27u
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 21:02:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 18333284
etag: "c1a8b03787621838c3a03591dad5f219"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1875
x-amz-cf-id: LnIAKIc354bcbLUJeiI3YztEDNonAyMGZiBmtvJGkqK2ZwLtiqFVRw==

GET
H2 200 0a4cf109-rightarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1020 B
1 KB 79ms
71ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0a4cf109-rightarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:06:39 GMT
x-amz-version-id: fv0vUPoVHNUL8aLL._iWY0GjxhixSED9
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 21022314
etag: "efe6e12ca3ee76495ec9ae8ee9198ca5"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1020
x-amz-cf-id: _3myYPDqYtSm3-RGVrkud2pnLm1zsKLJILOh2rCPnPdK6YJrz5RNQA==

GET
H2 200 29f0369a-lefftarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
2 KB 80ms
73ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/29f0369a-lefftarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:25:48 GMT
x-amz-version-id: b1D4RUmC9fnmonM6vfCLmVNLXjR9hkLJ
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22367565
etag: "032c54654550e68afaa8897a89466d3b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1155
x-amz-cf-id: gP0kq9dpPdMSgmXa9t_iEXJoT8h-_m0FvNe2YXUj0YDMgNlgamX5lg==

GET
H2 200 32f07f71-whitecheck_100m00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 464 B
881 B 80ms
73ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100m00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 15 May 2023 05:43:26 GMT
x-amz-version-id: nVJe30zHrltHJ2YAcGxvdaF1jO1aOc5v
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 13:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2472907
etag: "a04ce831c57d2ab68e6238b18207182b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 464
x-amz-cf-id: 2h2MdNrP26EeR70VHt4f1dbNhUMdDcWCw8uj4xOmQeENwVaNaR-Csw==

GET
H2 200 70db8b32-gr-charleyhull-color-square1643654151841-1646087587850.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 382 KB
383 KB 82ms
75ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/70db8b32-gr-charleyhull-color-square1643654151841-1646087587850.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 042095a945a89bdee47dce9e27f452ee539aaa495f247e0967ae28ef37ac8d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 00:59:58 GMT
x-amz-version-id: ssynUVKzXkiwRROylJsL4YFw5HbhUVyE
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 13:12:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 13289915
etag: "eebff3d5cbe85e83397993d25c26a739"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 391562
x-amz-cf-id: 8IQWpWChPHH1taftzLvLdtz3h-c_a2PnOObFWPMFVkmxxscwchAQvQ==

GET
H2 200 9e30cf5c-upwellness-marketing-chrissy-oneill-co-south-florida-wedding-photographer60-1-1646922951104_10b10b100000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 86ms
79ms Image
image/jpeg 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/9e30cf5c-upwellness-marketing-chrissy-oneill-co-south-florida-wedding-photographer60-1-1646922951104_10b10b100000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 780dd06801c452a3e54f4c9571c34c58c8de41420e1c94098e122b9b5bf7ebb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id: nfT9OCCYc3WOpeSPjJO8NkoQ5uaZhnRc
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 13:12:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12985417
etag: "e740fdf442268622328ba5ff3657a223"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16570
x-amz-cf-id: HaM6sMHIQXFGldxqcoKbuF65b5FNCH4ioClaPFkygRtMRPXQX3-Ocw==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 11 KB
12 KB 81ms
74ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: olYWBB7sUhrZfiAXN2g0lnQYzSt.t5_t
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294447
etag: "5cb3c3f5b3507c11c9caac73d0935f02"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 11539
x-amz-cf-id: En7reOydu4CkYRPvTxnnaMg6uX5UM2oJuGbCosd-T0vJdemroVnRCA==

GET
H2 200 8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 56 KB
56 KB 85ms
78ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 20:17:43 GMT
x-amz-version-id: BHlwnlpYBIYP7VxO8QvZ00xP27mRrXF8
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28426850
etag: "b1ac86144722d6bb5139c086266e3a29"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 57139
x-amz-cf-id: ADQ0pKSJrlMeZVObXacZPg1ZfH9KhwCSr303CI1XzinCkFiws-AzZA==

GET
H2 200 2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 62 KB
63 KB 83ms
76ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:45 GMT
x-amz-version-id: K7YKh2rVKtdI_R7tjush7xnrGERPd59L
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20294448
etag: "c20ef03d9c4142b86e99acdee2bda368"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63662
x-amz-cf-id: 6BHxNEFfHubm7WBgNVl9XZqf6o87R9V-6C-f0TVi4friJHn2ZyX8wg==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 41 KB
41 KB 87ms
81ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 20:17:43 GMT
x-amz-version-id: G9sOCdCokvJnPdIwzdpdg2bhrUJfkb1m
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 19:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28426850
etag: "3a2b95d01cb23a2899f17b0099a335ca"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 41717
x-amz-cf-id: aiYmzhs2tphAcZtoQZK9hxw2e85n8gCp9ypg3QKjVzTwpsuIq7xK6g==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_10910h3000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 49 KB
49 KB 88ms
82ms Image
image/png 52.222.250.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_10910h3000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5444b48af5940e46bff886e60bba6fc2c1c6705f30a1c8d0577d710fcb9b5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:34:56 GMT
x-amz-version-id: H0wxkeJZ4SkZWEVSfBb2GhffTpS9zniI
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 13:12:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12985417
etag: "2b195f509b97cf523257ce393cf5e75f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 49713
x-amz-cf-id: DiDVrBFEC_3TrDbkcT2D-erNJ53gCDaQxyYxth8qRYK0ZgmeX17rtw==

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame A025 325 B
814 B 430ms
430ms Document
text/html 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7d64e5e7acea1915-FRA
content-length: 325
content-type: text/html
date: Mon, 12 Jun 2023 20:38:33 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXkWwlpCDShTZTkobWCsmsAHsZ8hznfRuVUgjaeCd%2Bt17dqt3VojzemfVQb9y65JuQNfgFYvt255%2FdIsjDq01QJ7JDpxRiP9SeTDY55%2BeAM%2BvnECNtwBfmxjrF6iwI7D3uyijQjdneDc9HccmKdP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: HELOU+ZeEcYhm/Jx62LWlccf3xFhNY7QRjUx8SFoZRy6uONyYn/mvHrSK5p72y5oILntII7BMnI=
x-amz-request-id: VXCTK27MGD5J9R05
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
108 B 57ms
56ms Image
image/gif 2a00:1450:4007:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1686602312719&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3124349403&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1686602312719&cv=11&fst=1686600000000&bg=ffffff&guid=ON&async=1&gtm=45be3671&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3124349403&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
541 B 171ms
171ms Stylesheet
text/plain 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.03234927682474864&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-2-193.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 67ms
67ms Image
image/gif 2a00:1450:4007:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-28307243-3&cid=1586504115.1686602313&jid=1525057014&_u=YGBAiEABBAAAAEAAI~&z=892989627

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-28307243-3&cid=1586504115.1686602313&jid=1525057014&_u=YGBAiEABBAAAAEAAI~&z=892989627

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 20:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 val.html Show response
d2cli4kgl5uxre.cloudfront.net/js/h/ Frame EF80 15 KB
15 KB 115ms
32ms Document
text/html 2600:9000:211e:4200:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2cli4kgl5uxre.cloudfront.net/js/h/val.html?postM=1
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 81757
content-length: 14955
content-type: text/html
date: Sun, 11 Jun 2023 21:55:57 GMT
etag: "4fe9088bce7cb730680b930054492124"
last-modified: Mon, 10 Oct 2022 09:17:12 GMT
server: AmazonS3
vary: Origin
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-id: yVBQBvcXrHEAykVxYRAJ6kWqJKC4aRNvGhX-hWvpkmSys-5GE2jcOw==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: 5H82oy8DzGfPgn50RaNmMTQosnA7YxRG
x-cache: Hit from cloudfront

GET
H2 200 track
trace.mediago.io/api/log/ 0
197 B 490ms
155ms Image
text/plain 35.208.249.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=101&random_t=1686602313012_38
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 131ms
131ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time: 35
content-length: 935
x-request-id: 4eeffd57-b3ad-4008-aeba-648c6f79d677
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-eddf8230084-FRA
x-runtime: 0.033255
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 114
server: envoy
x-timer: S1686602313.096263,VS0,VE96
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14681, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 28ms
28ms Image
image/gif 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 363
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230084-FRA
x-browser-version: 114
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1686602313.097195,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 13

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 303 KB
87 KB 172ms
171ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0aaec936edeee7d4a096831933623b674f979e2a23de716914a9ef07c01f66f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Jun 2023 20:38:33 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: prjPHIw26/ihK6So5fPPCFTf3+lYGjPZp1fOnCyFPS3X1GH43yw+SYwB4If+hWy7ZKOz65THC3cTsZH/TxcGig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
118 B 136ms
136ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 12 Jun 2023 20:38:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25A8AA51E87B471EBC9739A0ADAE3F29 Ref B: FRA31EDGE0821 Ref C: 2023-06-12T20:38:33Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 53ms
52ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=4372950b-e925-40d1-8cda-a2960d79d759&sid=18ffaae0096111eeb780dd1c0a7232f3&vid=18ffdba0096111ee8730d753ad056b5c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&r=&lt=3065&evt=pageLoad&sv=1&rn=698777

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Jun 2023 20:38:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8585F86E9A81496FB7D1EF7EC3645A56 Ref B: FRA31EDGE0821 Ref C: 2023-06-12T20:38:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.842e148a127be39dcaed.js Show response
script.hotjar.com/ 269 KB
69 KB 173ms
33ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.842e148a127be39dcaed.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

4179ea59ca86f07d474bedf959a49c3f3fce5ccbabb4e0673996bc003a4946fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 13:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 284486
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69977
last-modified: Fri, 09 Jun 2023 13:37:05 GMT
etag: "5d95e6104846f0eff8897a265f973c2e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UOjpMN5hm_uCaXZPhs9F-WxnXV5itmOHrZNmuPk8rbtiMOEZQ3AM2A==

GET
H2 200 a18adcb3fe4d694342677106235399fede11a10f.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 115ms
35ms XHR
application/vnd.apple.mpegurl 2600:9000:21f3:aa00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:16:27 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 73326
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 286
content-length: 13708
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -lMn5Qe6hyrvQFeUPhWEGd3SOHfCqeiVnOAkuK55Xz8Jn-p9_Rr54g==
expires: Tue, 11 Jun 2024 00:16:27 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
24 KB 86ms
31ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3529526
x-amzn-requestid: 4a10d137-c669-4fc8-bc9d-ebb1a3a2b4d4
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcLEEJuoAMFYNw=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a713-5a3dc6fb498279ab2ce1cdeb
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: z4txEUoHqVyd61lZwJNmxK-LVPiBUt6obQcjt3nDTbojFBYz6nHsjQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 131ms
76ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3529371
x-amzn-requestid: a6bcac63-31f7-42a7-a795-a3c79ef7e030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcjQEruIAMFoLw=
content-length: 23041
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a7ae-3b8576e93a2a5a7b6e044029
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RVBy7gy9MCgs7Qan954m83LkrPCeJuSYpeHRDrDxjpQK32mrcOVO8Q==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 105ms
50ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3529525
x-amzn-requestid: 4f676554-5a99-4f9a-9cda-d41b3fd5a3a1
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcLNGdcIAMFslw=
content-length: 22518
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a714-4646b3b76c5600fb1e3965d7
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tV7AHWdN42Om7LSg6VBuGvB8AMZCH4C8YdonIE2JsrN3CnBRE_jzCQ==

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 24 KB
25 KB 103ms
54ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 24448
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3528134
x-amzn-requestid: ee69d049-4b54-4e0a-918f-c1e2e66594c9
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUfkfG_toAMFn2A=
content-length: 24405
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451ac82-38ab5e384aa754c36a4fc3b3
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: auBM9jdrYTXPusy9m1tRMdd7mvScpLz7fWyDkf56blUvlUqjuNrSkQ==

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 25 KB
26 KB 131ms
83ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 25372
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 17323259
x-amzn-requestid: 877691e5-3417-4b49-8163-f0c54f281c49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGQESGUNIAMFSjg=
content-length: 25400
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f2d4e-35b3abcf63b80835248cde86
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xPIJfMOqPS2wytVnZNQsiNmXLB2luUMkdcC6G6T94hDWhQrEGIvKaA==

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 103ms
59ms Font
font/woff2 13.32.99.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-41.fra60.r.cloudfront.net

Software

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic,300%7COswald:700,300
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23236
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3529616
x-amzn-requestid: 3a0d2cdd-479f-4c3e-8818-eafe99421330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUb9BGa1IAMFXQQ=
content-length: 23067
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a6b9-5b9f99b00fd60be724a1d1e2
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dwXrx34-GBxeJCKS1vLRcwC1Ki1nqXe9tMnqLJSujqtLiqqEobq7lw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 113ms
26ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&if=false&ts=1686602313326&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.1.1686602313325.1493708740&it=1686602313089&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 20:38:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 114ms
27ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&if=false&ts=1686602313327&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=30&fbp=fb.1.1686602313325.1493708740&it=1686602313089&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 20:38:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 114ms
28ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&if=false&ts=1686602313327&sw=1600&sh=1200&v=2.9.107&r=stable&ec=2&o=30&fbp=fb.1.1686602313325.1493708740&it=1686602313089&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 20:38:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame A025 389 KB
390 KB 88ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:16:58 GMT
x-content-type-options: nosniff
age: 184895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398319
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jun 2024 17:16:58 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame A025 112 KB
112 KB 33ms
33ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EVYPA0P5Y1F9HAWT
age: 4112719
alt-svc: h3=":443"; ma=86400
content-length: 114404
x-amz-id-2: VamiXOuxmaIy4QVPQOuZ/ivdTLf5+wkLRW8iFuZvVoukauCqZG90aCb6n+Sxpfr33rhB08FkjR4=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMZk4kuHSipsLDG9hxdlSBVB2UzO7U3Pjr9hDZpxCaykYwkCr4T9%2BbOo49a7B0UAmFEbSzRtDnoIYp57NV91NYsgwOOWPqN%2F1nOa21hMoiOekLhssXXMiNJVixY2EXRBUnCSl6%2Ft5bfodN1EhDMw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7d64e5ea7fef1915-FRA

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/ 2 MB
2 MB 37ms
37ms XHR
video/mp2t 2600:9000:21f3:aa00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:16:27 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 73326
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 99
content-length: 1690872
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nCE-vtBVf7gfVoCDvSzHnEhNz3KZW2XpmJh38L7wtKN-92lxgPpgbQ==
expires: Tue, 11 Jun 2024 00:16:27 GMT

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame A025 787 B
1 KB 339ms
259ms XHR
application/json 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 787
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 9ff188c8-dd98-461b-9dfb-840b85f35ff3
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: GbFLkGiVoAMFtNg=
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"313-+rkeP2UpHjKs6MCqLnNipDqgc1I"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgnZaogKYl12cb9PcULau5jZCQ%2FnjqtR07HdVpkoswAQC0KgCqJkbqaqJStHa%2Fj87fyMD8Q7d3s7RCqyHS8uBPpXvPYZtoWoqhQ7neRZYSKp%2BrYD8z2kswJYp2qzqNVIMr3SPYXXJb4LjL1X6XgQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7d64e5ecce8d9174-FRA
x-amzn-remapped-date: Mon, 12 Jun 2023 20:38:33 GMT
x-amz-cf-id: sO9oE294NzXOYi7GHBdIyJd5gplQobhvaXYSd3HCbPmZ8j4JuLVfzA==
expires: 0

GET
H2 200 577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 33ms
32ms XHR
application/vnd.apple.mpegurl 2600:9000:21f3:aa00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:16:30 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 73323
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 120
content-length: 13708
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: l8tfIxpOh9aXuJUY3auFECWghRYUr6Yrvr9VyYVfyRJ2SxKZtiawWw==
expires: Tue, 11 Jun 2024 00:16:30 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 268 KB
269 KB 33ms
32ms XHR
video/mp2t 2600:9000:21f3:aa00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:16:30 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 73323
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 132
content-length: 274104
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: i5_Ta-gj7mDK_jKfkCqeYuQevd4K5LbPo4SU8Y_0JdQ7HAp8v2KwBQ==
expires: Tue, 11 Jun 2024 00:16:30 GMT

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 265 KB
266 KB 33ms
32ms XHR
video/mp2t 2600:9000:21f3:aa00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:16:31 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 73322
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
content-length: 271096
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: K0YRizDPowHVCX5vo6WHUn2s08986oJUeJZ9o5VnMRpvaDZTg6BeWQ==
expires: Tue, 11 Jun 2024 00:16:31 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 29ms
29ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49346853cc2e6977ee68d66e7570bf0ee87557175da6aa945c3c5405091fbab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:33 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 336
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18132
x-served-by: cache-iad-kjyo7100097-IAD, cache-fra-eddf8230084-FRA
x-browser-version: 114
last-modified: Mon, 12 Jun 2023 20:31:54 GMT
server: AmazonS3
x-timer: S1686602314.800758,VS0,VE0
etag: "3c9ff72c0246f73c89d5e66fa6974b63"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf3a2a821da091c6300b7f877a801b58b5437548
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 5

GET
H2 200 seg-4-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 276 KB
278 KB 32ms
32ms XHR
video/mp2t 2600:9000:21f3:aa00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 25 May 2023 22:20:10 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 1549103
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
content-length: 283128
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0i_h6US0ohvOBR58lb81FjskOVC3eP1nrmv-DeSpKVa5T5dp4lbZNg==
expires: Fri, 24 May 2024 22:20:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
26ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&if=false&ts=1686602313852&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40id%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fe8xcaqkjm4%22%2C%22%40type%22%3A%22VideoObject%22%2C%22duration%22%3A%22PT7M34S%22%2C%22name%22%3A%22GRP_FPS_MINIVSL1%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2F9c999aa0107b556d5cd5f59d9dd7e014.jpg%3Fimage_crop_resized%3D640x360%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Fe8xcaqkjm4%3Fwseektoaction%3Dtrue%22%2C%22uploadDate%22%3A%222021-09-22%22%2C%22description%22%3A%22an%20UpWellness%20video%22%2C%22contentUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2Fa18adcb3fe4d694342677106235399fede11a10f.m3u8%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SeekToAction%22%2C%22target%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608%26wtime%3D%7Bseek_to_second_number%7D%22%2C%22startOffset-input%22%3A%22required%20name%3Dseek_to_second_number%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.107&r=stable&ec=3&o=30&fbp=fb.1.1686602313325.1493708740&it=1686602313089&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 20:38:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 511ms
121ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Jun 2023 20:38:34 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame A025 0
200 B 188ms
119ms XHR
text/plain 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Mon, 12 Jun 2023 20:38:34 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame A025 87 B
715 B 218ms
137ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25221c417719-40ee-4d78-8e07-58fc998ce299%2522%252C%2522captureIds%2522%253A%255B%2522-LOTAsTUT3N4RJrbQ3gp%2522%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522notificationId%2522%253A%2522-LOTAsTUT3N4RJrbQ3gp%2522%252C%2522campaignVariant%2522%253A%2522-MnloSbpswbbq1Mjqbrx%2522%252C%2522campaignVersion%2522%253A18%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102f1797f89ff657c363441211b3f9%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D2_revgoldrevfs0608%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-fps%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522activityNotifications%2522%253Atrue%252C%2522liveVisitorCount%2522%253Atrue%252C%2522hotStreaks%2522%253Atrue%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102f1797f89ff657c363441211b3f9%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D2_revgoldrevfs0608%2522%252C%2522actionBlurb%2522%253A%2522Purchased%2520Golden%2520Revive%2520%252B%2522%252C%2522activityLimit%2522%253A10%252C%2522restartActivityList%2522%253Atrue%252C%2522visitorThreshold%2522%253A2%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 70ad47f54b499da7b9c9bb3c86b05ddfbb8db9fbd5331742997e84131f0f3bdb

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:34 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"57-gewy2r2BF+hzoapUxcCF0TV1JWY"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL98dYQG%2FOjgdgF%2FFkonwltFhF0nTDAYmHevj64oEFglBlIw8SBCcBLlkdpMUYPptC%2Bu71VKtG52Y9bwsU2IU4Jg5V3nKJBbA6n%2FsDJvm7ZVA6GRnCzPx7xIH2GYunUHyB5TsGX%2BhHxt4STKjGspyoBxMZhm"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7d64e5eefa9935f3-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-fps&partner_id=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86
https://a.clickcertain.com/px/smart/a/?partner_id=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86&c=24a3d6f0fe7dd9c&seg=uc-grplus-fps
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

4 KB
2 KB

154ms
154ms

Script
text/javascript

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eaa4a30ed1a5c527ca51d4705f70bfddf7ae4027da05d1df67b7b009263b79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:34 GMT
content-encoding: br
x-frontend: cc-nginx-6fcd456cd5-5566f:cc-nginx-6fcd456cd5-5566f
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 1d12de1f-1940-48d0-bb52-9c4653c8a4ef
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lbfMITjQE5slMtmZ04qy6DjgPVo11t9WNXjK%2BoqTj4Ql1nNPda7AA9tTwiotDLcmZFoEq4WCsubMOKre3r1TW9DK3tgydEBkUe05zGblqsK8UzQsx3JpEZ0VDO%2FCPA0Wp6HYhpEWbgrEuFdnquHWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7d64e5f22bc418da-FRA

Redirect headers

date: Mon, 12 Jun 2023 20:38:34 GMT
x-frontend: cc-nginx-6fcd456cd5-kcxd5:cc-nginx-6fcd456cd5-kcxd5
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 23eac661-7c14-4185-a155-a5e2aca7ffbb
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8HN%2BR3sVKcscrIbh58kWGNS%2FfEnQmtuIfm8mJp2WhxDzzb1SrQsKhacuGEFimYw01oE77uRdC%2BzxTWdDvUu13BydfY0JkGpl619vCr5rezfnAHpXlBVoIgWyvP%2Bpb6fDX1S0haH7lvRPcEUY%2BOTyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
cf-ray: 7d64e5f11ad018da-FRA

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 478ms
175ms Image
application/json 18.207.44.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86&id=cl4975ot4arrr6&uid=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.44.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-44-109.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 109ms
35ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1582&scd=0&ssd=1&est=1686602312584&ver=36&isls=true&src=i&invt=1500&msa=16030&rv=1&tim=1686602314167&vi=1686602312581&ri=f63f37e0321ae7a5133aa21d3098bf23&ref=null&cv=20230611-5-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 12 Jun 2023 20:38:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 109ms
36ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1583&scd=0&ssd=1&est=1686602312584&ver=36&isls=true&src=i&invt=1500&msa=16030&rv=1&tim=1686602314168&vi=1686602312581&ri=84095f12c84de47a1111d0a8376c1b29&ref=null&cv=20230611-5-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 12 Jun 2023 20:38:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/reporting/captures/ Frame A025 2 B
477 B 328ms
327ms XHR
application/json 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/reporting/captures/trtc0limNRYJwhvfi9uRqUFQo0w1?pixelId=trtc0limNRYJwhvfi9uRqUFQo0w1&integrationId=-LOTAsTUT3N4RJrbQ3gp&limit=10
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:34 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: a620f479-06c8-47f2-84c9-a7c1bb63dc3a
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: GbFLrGy7oAMFusQ=
content-length: 2
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDJkRKWm8Ajos2yUjKoPJ0bTqLyDOSswAG616QxtOZGk6o3MBfY%2Fy%2BZVKhJ9PxQBA0ZXk3dB%2Bq1nFo8QmicCbBtIRlepoiV0P2kV%2F1Hw9OXLte%2F1GZ5%2Fkp9%2F%2FqPf%2FIB%2BvQfaPVDsNNyYLaWDJD8b"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7d64e5efe9c09174-FRA
x-amzn-remapped-date: Mon, 12 Jun 2023 20:38:34 GMT
x-amz-cf-id: TlymCSWMDZNME5jU7jGMxDsS9GzpCahXru1_gqOT2cAl6nhqQ58A_g==
expires: 0

POST
H/1.1 200
OK domain Show response
live-visitor-counts.herokuapp.com/lvc/ Frame A025 24 B
272 B 123ms
123ms XHR
application/json 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/domain
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 6af097e94d8788c9a71540c2a2fd961673895e4a61076758b10daecbb142b81e

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 12 Jun 2023 20:38:34 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cdn.useproof.com
Connection: keep-alive
Content-Length: 24

OPTIONS
H/1.1 204
No Content domain
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 401ms
121ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/domain
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Jun 2023 20:38:34 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H2 200 cl
io.v2.customerlabs.co/ 0
206 B 125ms
125ms Ping
text/plain 18.207.44.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.44.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-44-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 12 Jun 2023 20:38:34 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 firstVisit
io.v2.customerlabs.co/cl/ 0
206 B 157ms
157ms Ping
text/plain 18.207.44.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.44.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-44-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 12 Jun 2023 20:38:34 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 cl
io.v2.customerlabs.co/ 0
206 B 125ms
125ms Ping
text/plain 18.207.44.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.44.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-44-109.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 12 Jun 2023 20:38:34 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 28ms
27ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&if=false&ts=1686602314529&sw=1600&sh=1200&v=2.9.107&r=stable&ec=4&o=30&fbp=fb.1.1686602313325.1493708740&it=1686602313089&coo=false&eid=cl4975ot4arrr66198072c-c178-4aec-8c4a-85b705b77ea3&tm=1&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 20:38:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 28ms
28ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608&rl=&if=false&ts=1686602314532&cd[start_time]=2023-06-12T20%3A38%3A34.530Z&cd[customerlabs_user_id]=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86&sw=1600&sh=1200&v=2.9.107&r=stable&ec=5&o=30&fbp=fb.1.1686602313325.1493708740&it=1686602313089&coo=false&eid=cl4975ot4arrr60f3e9dab-c6fe-4cf0-9c4b-e9f439befb79&tm=2&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 20:38:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 192ms
191ms Image
application/json 18.207.44.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1686602313325.1493708740&customerlabs_user_id=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86&id=cl4975ot4arrr6&uid=cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86&t=0&sc=1600%20x%201200
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102f1797f89ff657c363441211b3f9&n=tune&AFFID=477232&subid=2_revgoldrevfs0608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.44.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-44-109.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 429ms
120ms Fetch
text/plain 3.88.95.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.95.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-95-86.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 12 Jun 2023 20:38:37 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 35ms
35ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4584&scd=0&ssd=1&est=1686602312584&ver=36&isls=true&src=i&invt=3000&msa=16030&rv=1&tim=1686602317169&vi=1686602312581&ri=f63f37e0321ae7a5133aa21d3098bf23&ref=null&cv=20230611-5-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 12 Jun 2023 20:38:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 36ms
35ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4585&scd=0&ssd=1&est=1686602312584&ver=36&isls=true&src=i&invt=3000&msa=16030&rv=1&tim=1686602317170&vi=1686602312581&ri=84095f12c84de47a1111d0a8376c1b29&ref=null&cv=20230611-5-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102f1797f89ff657c363441211b3f9%26n%3Dtune%26AFFID%3D477232%26subid%3D2_revgoldrevfs0608
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 12 Jun 2023 20:38:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 22 KB
6 KB 53ms
53ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cb020419d8670323588a5982eb9421538c3c474186c1fea3fd8de096eaf1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:37 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 340
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5665
x-served-by: cache-iad-kiad7000115-IAD, cache-fra-eddf8230084-FRA
x-browser-version: 114
last-modified: Mon, 12 Jun 2023 20:31:53 GMT
server: AmazonS3
x-timer: S1686602318.799804,VS0,VE0
etag: "f54e46db7629001fd15d04d689f324fc"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: cf3a2a821da091c6300b7f877a801b58b5437548
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 12

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 35ms
35ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 20:38:37 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 5
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time: 35
content-length: 935
x-request-id: 4eeffd57-b3ad-4008-aeba-648c6f79d677
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-eddf8230084-FRA
x-runtime: 0.033255
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 114
server: envoy
x-timer: S1686602318.827641,VS0,VE0
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14681, 2

POST
H2 204 x
distillery.wistia.com/ 0
0 401ms
117ms Fetch 3.220.126.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.126.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-126-149.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 12 Jun 2023 20:38:38 GMT
cache-control: max-age=0, private, must-revalidate

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-fps/	1970-01-20 16:54:59	Name: ubpv Value: an%2C6d2c7105-ebae-455a-91f2-47af4209ed5f
links.revealedtoday.info/	1970-01-20 12:30:45	Name: _session_id Value: 094d9a7a6a6deb52c13788de6df59977
go.welldaily.com/	1970-01-20 12:40:07	Name: enc_aff_session_67 Value: ENC03fef922f623aeb9af244eb31fcd7f4e63d1538d1d2d9e06fc085bb76bea9eec28b46a9b5ed66a0dde8e8cc8b0765f5a89e92508100ac40d98b0f79814dcefdf205190addb36367045dad5c05662e783638886241b1c7962f4ddc16952fd85ddae85a888ee2ba824cc74663ef5d6b5f5f5e03343b8a75c20e02507f42952e83e281cc04cc3
go.welldaily.com/	1970-01-20 22:06:02	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTA2IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-20 16:49:14	Name: ubvs Value: d481d07d-e9c9-428b-8ba7-0c8eef6f8125
.upwellness.com/	1970-01-20 12:34:21	Name: ubvt Value: v2%7Cd481d07d-e9c9-428b-8ba7-0c8eef6f8125%7C6d2c7105-ebae-455a-91f2-47af4209ed5f%3Aan%3Aweighted
.upwellness.com/	1970-01-20 14:39:38	Name: _gcl_au Value: 1.1.286511323.1686602312
.criteo.com/	1970-01-20 21:51:38	Name: uid Value: d56f54f6-2ab8-43e5-8a61-a957e086e7a7
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 22:06:02	Name: _lc2_fpi Value: f0f26c15fa8f--01h2rn9tm1d5y24wb81csnakhe
.upwellness.com/	1970-01-20 22:06:02	Name: __nbpix_uid Value: 1-9vimw0ja-litbgxa2
.upwellness.com/	1970-01-20 21:59:26	Name: cto_bundle Value: 1U3awF8zczdQZUJBTUpOUHIxajM3MUJBamJLNWtBQk03TjR3R2dyNGJpN2U0U3FpbzhiYWNPTkF2eDdWMUF4dWkyRVRkSkplZ1k5JTJCbmtmbGRmOUdGcWN5NTRIRk83Qk55bG5MUkRsMGhqU1NYd1FWQTJnRG1EN0JiRFRZbk1wZFpRcjdpR3BzeSUyQnVIMkxOOWI0OUlDZ2llV3h3JTNEJTNE
.doubleclick.net/	1970-01-20 21:51:38	Name: IDE Value: AHWqTUmmmZ5hXcMyrqrNU3DVeLhuwRr1FiWRpM4oGRyXeLLUYlfgV4MKiLwDoy4G
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: F90FC16BC9C3670188B154EBDF1F9600
.upwellness.com/	1970-01-20 22:06:02	Name: ucacid Value: 121997823.943190
.store.upwellness.com/	1970-01-20 22:06:02	Name: ucacid Value: 121997823.943190
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcYLGWyAVktQ883O2FLU
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcYLGWyAVktQ883O2FLU.n276
.upwellness.com/	1970-01-20 22:06:02	Name: _ga Value: GA1.2.1586504115.1686602313
.upwellness.com/	1970-01-20 12:31:28	Name: _gid Value: GA1.2.828741028.1686602313
.upwellness.com/	1970-01-20 12:30:02	Name: _dc_gtm_UA-28307243-3 Value: 1
.liadm.com/	1970-01-20 22:06:02	Name: lidid Value: ebebf5c5-6beb-47cb-8fd8-336532cb2516
.pages.upwellness.com/	1970-01-20 21:15:38	Name: _pin_unauth Value: dWlkPVpUY3lOVFZrTnpBdE4ySmpOQzAwTURjMkxXSTVNMk10Wm1RME9HUXlabVl6Tm1WbQ
.yahoo.com/	1970-01-20 21:15:59	Name: A3 Value: d=AQABBEmCh2QCEFnrv5FajQKzIBC6qUzU_8oFEgEBAQHTiGSRZOANyiMA_eMAAA&S=AQAAAki0qZDjkA1ucno2UoYQ0tg
pages.upwellness.com/	1970-01-20 12:30:02	Name: outbrain_cid_fetch Value: true
.upwellness.com/	1970-01-20 12:31:28	Name: _uetsid Value: 18ffaae0096111eeb780dd1c0a7232f3
.upwellness.com/	1970-01-20 21:51:38	Name: _uetvid Value: 18ffdba0096111ee8730d753ad056b5c
.bing.com/	1970-01-20 21:51:38	Name: MUID Value: 3960F0995C7B6D50249AE3B75DD76CEC
.unsplash.com/	1970-01-20 21:15:38	Name: ugid Value: b210d04a3acd7fc110d00148f0a67d855622007
store.upwellness.com/	1970-01-20 12:40:07	Name: AWSALB Value: BDwakkp9LnEHzQMfNMixqkr6ZJBLldu/j0Rqy4JT1TGX79x5LIqLXX010a8Q2ceiyNDs8etC0n+RdXJDGYrq0J9tKW5Gcwn6F4vvsuHewg+WqAUsb+TM4WPVcEy7
store.upwellness.com/	1970-01-20 12:40:07	Name: AWSALBCORS Value: BDwakkp9LnEHzQMfNMixqkr6ZJBLldu/j0Rqy4JT1TGX79x5LIqLXX010a8Q2ceiyNDs8etC0n+RdXJDGYrq0J9tKW5Gcwn6F4vvsuHewg+WqAUsb+TM4WPVcEy7
.store.upwellness.com/	1970-01-20 21:15:38	Name: UPWEL-ANP Value: 6141
.upwellness.com/	1970-01-20 14:39:38	Name: _fbp Value: fb.1.1686602313325.1493708740
.upwellness.com/	1970-01-20 21:15:38	Name: _hjSessionUser_795540 Value: eyJpZCI6IjEyMjAxYjUzLTBkYzctNTgxMi1iZGJlLTVhNmYwNDI3ZWY5ZSIsImNyZWF0ZWQiOjE2ODY2MDIzMTMzNTYsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 12:30:04	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 12:30:02	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 12:30:04	Name: _hjSession_795540 Value: eyJpZCI6IjNiNDFjOWZiLTk1NTQtNGEyNi04OThjLTJlMjUxM2Q0NjI0MSIsImNyZWF0ZWQiOjE2ODY2MDIzMTMzNjQsImluU2FtcGxlIjp0cnVlfQ==
.upwellness.com/	1970-01-20 12:30:04	Name: _hjAbsoluteSessionInProgress Value: 0
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: Direct
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1686602313519
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.upwellness.com/	1970-01-20 21:15:38	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr689812d97-4d10-44b0-821c-ff0eb27d6d86
.upwellness.com/	1970-01-20 21:15:38	Name: cl4975ot4arrr6_sid Value: CL-5cd8b6a8-69bc-4164-ba34
.upwellness.com/	1970-01-20 21:15:38	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr640aa381d-609e-4ea1-9ca5-aa39251d8cf0
.mediago.io/	1970-01-20 21:15:38	Name: __mguid_ Value: 980f432dbae6d55b3d07a194a6219335
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1686604114531
a.clickcertain.com/	1970-01-20 21:15:38	Name: _ccpx_u Value: ee551a99%2d8a2e%2d4839%2d8c29%2d198d03e40268
a.clickcertain.com/	1970-01-20 21:15:38	Name: _ccpx_24a3d6f0fe7dd9c Value: 1
a.clickcertain.com/	1970-01-20 21:15:38	Name: _ccpx Value: 24a3d6f0fe7dd9c
.upwellness.com/	1970-01-20 21:15:38	Name: cl4975ot4arrr6_eidsTracked Value: true

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.remarketstats.com
ads.nextdoor.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
business.newsbreak.com
cdn.js.customerlabs.co
cdn.mediago.io
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
d2cli4kgl5uxre.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
distillery.wistia.com
dynamic.criteo.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events.ub-analytics.com
fast.wistia.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gum.criteo.com
io.v2.customerlabs.co
links.revealedtoday.info
live-visitor-counts.herokuapp.com
live.upwellness.com
mug.criteo.com
pages.upwellness.com
pipedream.wistia.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
tr.outbrain.com
trace.mediago.io
trc-events.taboola.com
trc.taboola.com
views.unsplash.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
analytics.tiktok.com
108.138.17.27
13.32.27.118
13.32.99.41
13.32.99.8
141.226.228.48
151.101.1.44
151.101.193.131
151.101.193.181
178.250.1.11
178.250.1.9
18.207.44.109
18.214.96.110
18.66.137.164
18.66.97.37
2001:4860:4802:38::178
212.82.100.181
216.58.212.130
23.206.208.183
23.35.237.86
2600:1f18:730:b110:4a5:1251:7b86:2622
2600:9000:20e1:f400:1d:11cf:5800:93a1
2600:9000:211e:4200:11:9be7:da80:93a1
2600:9000:21f3:5200:1e:c86:4140:93a1
2600:9000:21f3:aa00:1e:c86:4140:93a1
2600:9000:225e:9c00:8:8845:1500:93a1
2606:4700:20::ac43:4549
2606:4700:20::ac43:4acf
2606:4700:3035::6815:2f0c
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4007:80c::2004
2a00:1450:400c:c0c::9a
2a02:2638:3::e
2a02:2638:d::d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::622
2a04:4e42:8d::84
2a06:98c1:3121::3
3.210.192.5
3.220.126.149
3.69.136.55
3.88.95.86
3.93.168.254
34.213.130.140
35.208.249.213
35.238.129.105
44.210.2.193
52.1.91.70
52.210.234.44
52.222.174.124
52.222.236.43
52.222.250.38
54.200.49.94
64.202.112.159
74.119.119.150
0063ead0fc6b4ddafaf004c17771309a5931249b36c40781ced840a776b9755b
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
016f3089be3cd58baa9552819c60b18f61d081222a9962614917b6f19180a772
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29
024d63c477b3b71469863111d6a816069106911108b2f6362f78a9354694602e
042095a945a89bdee47dce9e27f452ee539aaa495f247e0967ae28ef37ac8d42
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b779cc02a6edea8c2d87a0d7f63d0180400c6f8a4924866a85f560c51276c29
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f475e7e1b6a0880db2523554814a82c89bdf1c1f3f947856b111f6f06999f02
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
10418b9b694f65ea9322fd88b0acd517d139fb68fdf6c8e72af892136a54996d
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
129569645cb4787068726c1d1f16696f98dfe81dfa08439cb6a9674479e05314
13d55c54af12b15b6999e715e67b91da9abaceee5b40a136fbae2df9ef1cf11d
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1ba9ac8b06365638433cb55f70742ffcb72b341e0ea19f517c3f91c359e8ef67
1be59d642b7d9e29f5da63faaa060bb9315a8bc1d57727bcf0339ed4de6c68df
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
205853c0ef45d0842feba60b08786717cd443f0a650010e36a0fb3a91a067062
24840dc0e1ed69e48a3c4e17d720e029740b1023a35ead2470c51a1aa1fb9a7a
26d8ea7222ae63e278879992c7ffa36458a34e0de21a94b53de90363908eab09
29cb020419d8670323588a5982eb9421538c3c474186c1fea3fd8de096eaf1c4
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
2f5f858f8a827eb5932b60db8ae14a20d131ab64186a47df2a2ad23188d8bd48
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4
30662b8aafa46372630fad1767f4a9a340ec2b5a0246a194e7a5e342ed63f5e7
32f2b593d1ec97c6855a4f2c8bbcac21ce02a6fd94213cfcc2f8cb7d7b2ac22c
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
36840f8fd89d5d9ebc1598072e2051e976121e16b5e4126240ae029f5081d7bd
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37b976ac6a9338da3b8c6cdd8906ddd14add06bbea122629c956ca331f653cc0
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b
3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f
3e476c17d38ac4239d3c4651cfdec091040a48ff75515129e8cc350507419d8f
3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0
416b14ea1899b3fa714c295a7a3051dcf5419fdeace40f69a9f8f5691d470c25
4179ea59ca86f07d474bedf959a49c3f3fce5ccbabb4e0673996bc003a4946fc
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
431164b04e3765e1b2594997f08ec62297da883c6482e2b995478ed6e9080233
4487716d5d8ea3d1e886f2451c6e14f3611cb19b7f6e6932da2907e2bf32a265
44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883
480cb73f513c9df5ad6d42b78410b89ea8a9461d49d583fbad84e8a7a8a1c51c
49346853cc2e6977ee68d66e7570bf0ee87557175da6aa945c3c5405091fbab1
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9
4bc4d761ffc88a4167dec06196d1c85a68b2a0c979b92d872555c416c227ddf5
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3
5b59589532474b277aae70bf17979e97ac0c335e7f633e0148b8a5f6e259a3cb
5b6b6338b41654102a12bb2fbb69d5ed53d6fbed1378d125b1e77a05a1f7c0e7
5e7da82e3b134182524c06afc63fc24b907e44ebcd4ffa26bfc355b8b53120bb
5ec6fa4c10a264e6b3322120a6744b1239fc56abb1be2c35beceeb4805265770
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf
6af097e94d8788c9a71540c2a2fd961673895e4a61076758b10daecbb142b81e
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d9536ab13f4ab5624884f06523a452596ef56247e74143b0af7b6a4f161407e
700ee4f0e5008ffacae2947ee3ecf5dc90b0d3937aec33f6e5145b959354d86f
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
70ad47f54b499da7b9c9bb3c86b05ddfbb8db9fbd5331742997e84131f0f3bdb
75c3b9ffd05b79e3d802d05a92a07258fe29e97ab1bc2820f13de7cabbe163ae
77a0b3d00b12c8520ffc0340505a63f2c24ecab1740147640d26132b9ec2e39d
780dd06801c452a3e54f4c9571c34c58c8de41420e1c94098e122b9b5bf7ebb9
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23
7eaa4a30ed1a5c527ca51d4705f70bfddf7ae4027da05d1df67b7b009263b79a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
89f8ffe9473e26b24906479aefd78e22ef55680ea2579d74d420549fca787ac1
8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d
90d181c72600ede987fa9d4579da027538f3ee8fe539f2e68675b51c29494c44
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99b45c780c3978925e824b8be4ad2fb8b99f2dbc9b758ca025fb90a4b4de4abe
9b7faeb2f0321c335f50a280d9bf7caeb782e747952d8c0c91d16973563879c2
9d6906f5c886e20cb01d1712aed2fc973075b91074bb5ee153c2b45927126c78
9ec3e8323e0737223c3f78f5c420210fd8bac9f541914efe642f21762e930ef7
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67
a1fc8420705b69db0c5c0e2248e79b2f8c33506580b296202c3965870ab9adf5
a2a18d0b33ea40329eda9a58c5d3a5163c465c96bd0cb67c8b728bf4a7e3b9dd
a3a7da94016ef3d6f3d393f030aa833a74c4022b67050ea8859a0dcac3ad2537
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aabed7300c8f2c3abe0951684ad67bacd4758e1b0bb3953257909605897995f8
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
ac98a0f805e1bfa5f9f9304a4723c312a0e53c00ce8ff685d04753a21d9e5a2b
aed7d31637ff613850bfb62f758fa28981199998819ced712e7c2345676869b2
b49930c3d02891d24e32e4861d709780513e5280a83e1dbcd9218d4381ea1638
b685acc67243349316cd30c8bbc966a9193ccae008826b890f1a7dc4e5e55973
b8b5efcda45690e3fcba53f110d190a58af14a80c0bbefedd4fd2e9fe575861a
b9cdc6a807b83ca53db77d57f58a2e265774e2fc1356ad863ebcc56c546cfaa8
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8
bc05b045c53817a90a09ee715feda4a7a83f1503bc6d805bd1dd18e5b87249c9
bd50003422f29c72626e570befd7164972ee953510534332addded40a4eb9978
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
bf9a4fb40ff7e16d83a4c7ceee4d57331a75ca629f42d303c3d011fdbf011c90
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5444b48af5940e46bff886e60bba6fc2c1c6705f30a1c8d0577d710fcb9b5b0
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
c67226c4f4029abbab42bff4669f1b2f45918c814466caa74f2f55eeb5b5ba8f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019
ceb0e395828c8fecc0f7d56064fab4c7330b83f20a011587d825e89a7961c492
cfdc9706fe9b9ba84f87bb05a4c67a4c8dcc52297179fd44e00052e835cc9196
d2b4c981d258d38be720817b04e02e768bcf88eaff940dd5e076d18e2867024d
d300f0e7fd80d3826ae192195a0cf6362345b48f4748b9e0a6e43e0d32ce219e
d3a68575df410bc51a704527a749d5494ed65798304954b369c5ba91a2258650
d4509fd2c3140101b9cabb07cdf2d5bff08cc81f0c10e70116b002fa11d46bc7
d4c165deb7000d457fa1459bd15d5e3503ccab7948d4d6751c38e3eddb451c38
df418ecf12c321d6a010e44652d4a33ad8785abf2a5e3f0d64d1a1f728f0412e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f05df9c043c84ba716c31985f1b91cfeb53960e1673cc20755cefabbeab5069a
f0aaec936edeee7d4a096831933623b674f979e2a23de716914a9ef07c01f66f
f207a6dbdda4e9fcf5396a56b17d615f76eba8c2151dc32b3835970e5547ea9a
f21e3a7eb4ab64052ab4c1938aa95e536d67c62e4c0b10bbb6140a1ede240fdb
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8cb3417715e1f98e281c70c4a0cfa4d8b2934bea25ac91bc9f0682259a8f3e1
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

pages.upwellness.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

96 %HTTPS

43 %IPv6

40 Domains

65 Subdomains

57 IPs

7 Countries

7800 kBTransfer

11372 kBSize

50 Cookies

0 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

96 %
HTTPS

43 %
IPv6

40
Domains

65
Subdomains

57
IPs

7
Countries

7800 kB
Transfer

11372 kB
Size

50
Cookies

180 HTTP transactions
2 data transactions