www.backtorootshealth.com Open in urlscan Pro
92.205.18.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.backtorootshealth.com/
Effective URL:
https://www.backtorootshealth.com/
Submission: On October 20 via api (October 20th 2023, 8:05:00 pm UTC) from US — Scanned from FR

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 28 domains to perform 126 HTTP transactions. The main IP is 92.205.18.172, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is www.backtorootshealth.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 14th 2023. Valid for: 3 months.

This is the only time www.backtorootshealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	92.205.18.172 92.205.18.172	21499 (GODADDY-SXB) (GODADDY-SXB)
2	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	52.219.176.249 52.219.176.249	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7e0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f8a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:579a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.0.100 104.18.0.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:e05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:3c00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:be59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:eff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
126	33

32 92.205.18.172 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: 172.18.205.92.host.secureserver.net

www.backtorootshealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.crwd.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.netflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.176.249 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f8a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.0.100 (None, )

ASN13335 (CLOUDFLARENET, US)

api.crwd.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:e05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3c00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

crwdmarket.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eff9 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

7175493.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	crwd.shop app.crwd.shop	2 MB
21	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 3607 f.vimeocdn.com — Cisco Umbrella Rank: 3770 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3720	615 KB
17	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 firebasestorage.googleapis.com — Cisco Umbrella Rank: 6327	6 MB
10	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5258 app.hubspot.com — Cisco Umbrella Rank: 6214 track.hubspot.com — Cisco Umbrella Rank: 2658 forms.hubspot.com — Cisco Umbrella Rank: 5406 js.hubspot.com — Cisco Umbrella Rank: 7018 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6556	49 KB
6	gstatic.com www.gstatic.com	58 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6516	306 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 18979 crwdmarket.matomo.cloud	58 KB
4	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 248	2 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2214 vimeo.com — Cisco Umbrella Rank: 2125	41 KB
3	netflow.co analytics.netflow.co	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 456	38 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	68 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5355 forms.hscollectedforms.net — Cisco Umbrella Rank: 5470	26 KB
2	amazonaws.com s3.us-east-2.amazonaws.com
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1214	171 KB
2	backtorootshealth.com 1 redirects www.backtorootshealth.com	2 MB
1	hubspotusercontent-na1.net 7175493.fs1.hubspotusercontent-na1.net	3 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 7501	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 8407	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3870	1 KB
1	crwd.systems api.crwd.systems	653 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3531	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5287	22 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5142	86 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2519	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2528	16 KB
126	28

	Domain	Requested by
27	app.crwd.shop	www.backtorootshealth.com app.crwd.shop
14	firebasestorage.googleapis.com	www.backtorootshealth.com
11	i.vimeocdn.com	www.backtorootshealth.com player.vimeo.com f.vimeocdn.com
8	f.vimeocdn.com	player.vimeo.com
6	www.gstatic.com	player.vimeo.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	bam.nr-data.net	player.vimeo.com
4	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	crwdmarket.matomo.cloud	cdn.matomo.cloud
3	fonts.googleapis.com	www.backtorootshealth.com
3	analytics.netflow.co	www.backtorootshealth.com analytics.netflow.co
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	js-agent.newrelic.com	player.vimeo.com
2	api.hubspot.com	js.usemessages.com
2	www.youtube.com	app.crwd.shop www.youtube.com
2	player.vimeo.com	app.crwd.shop
2	s3.us-east-2.amazonaws.com	www.backtorootshealth.com
2	use.fontawesome.com	www.backtorootshealth.com use.fontawesome.com
2	www.backtorootshealth.com	1 redirects
1	7175493.fs1.hubspotusercontent-na1.net
1	perf-na1.hsforms.com
1	www.facebook.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hubspot.com	js-na1.hs-scripts.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	cdn.matomo.cloud	app.crwd.shop
1	vimeo.com	f.vimeocdn.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	api.crwd.systems	app.crwd.shop
1	js.hscollectedforms.net	app.crwd.shop
1	js.hsadspixel.net	app.crwd.shop
1	js.usemessages.com	app.crwd.shop
1	js.hsleadflows.net	app.crwd.shop
1	js.hs-analytics.net	app.crwd.shop
1	js.hs-banner.com	app.crwd.shop
126	39

This site contains no links.

Subject Issuer	Validity	Valid
backtorootshealth.com cPanel, Inc. Certification Authority	`2023-09-14` - `2023-12-13`	3 months	crt.sh
app.crwd.shop cPanel, Inc. Certification Authority	`2023-08-19` - `2023-11-17`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
analytics.netflow.co cPanel, Inc. Certification Authority	`2023-08-09` - `2023-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
api.crwd.systems E1	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-09-08` - `2023-12-07`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M01	`2023-02-24` - `2023-12-25`	10 months	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-30` - `2023-10-28`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-09-30` - `2024-09-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.backtorootshealth.com/
Frame ID: D45ACD823FB94CCE858214B155126C51
Requests: 80 HTTP requests in this frame

Frame: https://player.vimeo.com/video/725141484
Frame ID: 093BE03787F8CB8C77D4B49E84EF678C
Requests: 17 HTTP requests in this frame

Frame: https://player.vimeo.com/video/578093692
Frame ID: 6ED5D733720D803D36B8488BEC9E93C1
Requests: 17 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/8c4f10aa2fbc4d768d903c06aa45d277?uuid=a5e1ffeea3f34bd186daa17a74c03233&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 029D016652DDB65ACE38BB99E4D1F7D0
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Back to Roots Health - PureCBD Products

Page URL History Show full URLs

http://www.backtorootshealth.com/ HTTP 301
https://www.backtorootshealth.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

126
Requests

98 %
HTTPS

66 %
IPv6

28
Domains

39
Subdomains

33
IPs

4
Countries

11102 kB
Transfer

15189 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.backtorootshealth.com/ HTTP 301
https://www.backtorootshealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.backtorootshealth.com/
Redirect Chain

http://www.backtorootshealth.com/
https://www.backtorootshealth.com/

2 MB
2 MB

517ms
64ms

Document
text/html

92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash: 19b71ad68338363023517e33fd7de0d1b509f381648184ba5cbff5ee55d2303a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 20:04:51 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 20 Oct 2023 20:04:50 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.backtorootshealth.com/
Server: Apache

GET
H/1.1 200
OK style.css
app.crwd.shop/builderassets/css/ 64 KB
64 KB 145ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/style.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

835477fbc54cd5222d3a9e364a8f9ff52f8512a1c8ccfd5693f1161329fc5fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Jan 2023 15:03:16 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 65219
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK form-styles.css
app.crwd.shop/builderassets/css/ 5 KB
6 KB 144ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/form-styles.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

74df122be2a059f7994950a5c8f6262fff8d9763f381fe6a0c7eaf3877209a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:27:57 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5611
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK order-form-styles.css
app.crwd.shop/builderassets/css/ 13 KB
13 KB 145ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/order-form-styles.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

3e2256fdb0682f202b2e5227e2655c1a7cc3e2e5e17426009be1e46650134c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:27:58 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13383
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.css
app.crwd.shop/builderassets/css/jquery/ 38 KB
38 KB 145ms
31ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/jquery/jquery-ui.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:21 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 38638
X-XSS-Protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v6.2.1/css/ 100 KB
23 KB 83ms
42ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 21DYBV0AHXYN6MFR
age: 1273234
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /W8+jAR+A5cAZT/qdwrjUdHnj03o64kLs/kycqJAcCLy4/F9yrqLhMgrUa5NI1FG3CY1MmzUFs0=
last-modified: Mon, 14 Nov 2022 16:32:10 GMT
server: cloudflare
etag: W/"8bb6644125ddeee7a27732e86f65fa05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEpKtqUIrN9%2FcISYyVT9NKxweZwYeK43hNGRGSIlHjtNZuIZRc0cocO7KM%2FIbZ1IqbMYw42d%2BHs%2Bxkk%2BPEf3s%2FhPKm5yWHg3FUlnf6vdNh0tnmADpe99rrLALQV26ZkOWSHB0BFZqcMtL7L7nK%2B5qw%2FS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8193df4d992d60e1-LHR

GET
H/1.1 200
OK bootstrap.min.css
app.crwd.shop/builderassets/css/bootstrap/ 156 KB
156 KB 145ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/bootstrap/bootstrap.min.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:09 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 159521
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dropborders.css
app.crwd.shop/builderassets/css/ 2 KB
3 KB 175ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/dropborders.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

c456f6c9217b828f668f4b0ce9f8ae07a72129f19d946106e9442dae7ff5ae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Jan 2023 14:14:06 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2407
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick-theme.css
app.crwd.shop/builderassets/css/slick/ 3 KB
4 KB 203ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/slick/slick-theme.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:23 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3347
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.css
app.crwd.shop/builderassets/css/slick/ 2 KB
2 KB 209ms
34ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/slick/slick.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:23 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1893
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontello.css
app.crwd.shop/builderassets/css/icon-picker/ 37 KB
37 KB 208ms
33ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/icon-picker/fontello.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

5568d7a302a7539f0f5fcd34ca9cc10039c017385e20654de82ed70df4134e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:15 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 37576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.min.css
app.crwd.shop/builderassets/css/owlcarousel/ 3 KB
4 KB 230ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/owlcarousel/owl.carousel.min.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:21 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3356
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK quill.bubble.css
app.crwd.shop/builderassets/css/quill/ 27 KB
27 KB 238ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/quill/quill.bubble.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

dd30ebace50c302a53ecb462faca8422cfd87c5bbb1480cde7d685c1f517cd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:22 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 27748
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
analytics.netflow.co/js/ 729 B
1 KB 2374ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.netflow.co/js/script.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Dec 2021 00:12:32 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 729
X-XSS-Protection: 1; mode=block
Expires: Sat, 19 Oct 2024 20:04:54 GMT

GET
H/1.1 200
OK chatscript.js Show response
app.crwd.shop/builderassets/js/ 3 KB
3 KB 238ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/chatscript.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4fa2877587a2dabba4d33a06ce09e86376056a4f8e751e6725b47eaf7ebf8eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 May 2022 10:09:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2886
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
655 B 95ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 20:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 19:31:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
580 B 96ms
36ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,700

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be7a3620aed16001114ce273dbc335f61834f92aa58152b2cb7d56a1577d4d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 20:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 19:31:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 94ms
34ms Stylesheet
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Gilroy:300,400,700
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 images%2FWvUEHM6UGV
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 8 KB
9 KB 445ms
368ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FWvUEHM6UGV?alt=media&token=1932bedd-eb3c-4a35-82a0-623954ccb9f7
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d201e290007b210a8f886b9c72091d1d1410e03a03c6346d75ee733dfaa0544d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdu-GND48j_bDoJ9dlQpwFXGdZpnaiTKHj3dCSlqp8QUzS_uBx-qEPNfPy2cv3WgJrcQaHVRLtIe1X2n-iymsgPv
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''WvUEHM6UGV
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8491
last-modified: Wed, 08 Jun 2022 12:41:41 GMT
server: UploadServer
etag: "930c239ec4b82eb49170fe3647a8ca34"
x-goog-generation: 1654692101925228
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=5uAoEQ==, md5=kwwjnsS4LrSRcP42R6jKNA==
cache-control: private, max-age=0
x-goog-stored-content-length: 8491
x-goog-meta-firebasestoragedownloadtokens: 1932bedd-eb3c-4a35-82a0-623954ccb9f7
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FwWDCEorPvw
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 586 KB
587 KB 306ms
229ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FwWDCEorPvw?alt=media&token=7f550f83-31d9-48bb-b0a4-ea972013e958
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 684d6df6676839133f4c16e07d40f559312fe9dde305ee157f5cf054b0ee516e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdu4NBchM2uxkbYM8PFSUGEUX9mpa1K7Jf_skxmdErhaM8emt0DY_bSzyvRW4_hFRzQt8djlyX3vofarhWC-fibd
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wWDCEorPvw
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 599989
last-modified: Wed, 08 Jun 2022 11:24:09 GMT
server: UploadServer
etag: "a09e30d38d09f2321f0dd86c84194f6c"
x-goog-generation: 1654687449356484
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=zVpnng==, md5=oJ4w040J8jIfDdhshBlPbA==
cache-control: private, max-age=0
x-goog-stored-content-length: 599989
x-goog-meta-firebasestoragedownloadtokens: 7f550f83-31d9-48bb-b0a4-ea972013e958
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FuBJuvyf0A0
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 251 KB
252 KB 229ms
224ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FuBJuvyf0A0?alt=media&token=b052078c-1f60-4010-857c-6cffa90cb0a8
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5e51e209c44f498e5d7c3a5c35d5454c37b3c2744746954fa9d759d4a6c08391

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdvIBD_rqmWGITpvLYBRgywqEnWRhCTrhGqbsjfmrqrUu-dvNcKYnONArCgtawSAGr65VA9c4rTPbzvpHYk6P8_Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''uBJuvyf0A0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257340
last-modified: Fri, 10 Jun 2022 17:20:39 GMT
server: UploadServer
etag: "c359640f5fcb286bd68306ffd8d6691e"
x-goog-generation: 1654881639304720
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=FRV2Hg==, md5=w1lkD1/LKGvWgwb/2NZpHg==
cache-control: private, max-age=0
x-goog-stored-content-length: 257340
x-goog-meta-firebasestoragedownloadtokens: b052078c-1f60-4010-857c-6cffa90cb0a8
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2Fxb3UpwJYcp
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 566 KB
567 KB 280ms
275ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fxb3UpwJYcp?alt=media&token=ebcbf229-a33d-480c-affe-e2001c0643fb
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cc8c10ead0e5c334043aac99d78221e7dec39abb3510c45e9ddee8bb2dcd5133

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdvNaOzNWb-5Q6CBFOXO887QHSPgm1cKFmsLEQO7OkVnXhFTb5Xg-gOdg21z16SXRpmLWU2PSbWuW1YldRuts2QI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''xb3UpwJYcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579554
last-modified: Fri, 10 Jun 2022 17:20:40 GMT
server: UploadServer
etag: "289fcc256cc9436845ff59ec0f9e8be2"
x-goog-generation: 1654881640306830
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=FrLpmw==, md5=KJ/MJWzJQ2hF/1nsD56L4g==
cache-control: private, max-age=0
x-goog-stored-content-length: 579554
x-goog-meta-firebasestoragedownloadtokens: ebcbf229-a33d-480c-affe-e2001c0643fb
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FM84LeeMiuz
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 742 KB
743 KB 259ms
255ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FM84LeeMiuz?alt=media&token=950f2ee2-f6a6-4228-bbbf-71c6b5f6df84
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c6624c409211922875235c5d6af8b75cc248e400a68d633efad4d5e1f1fafe18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycduC6uf7-PydZirHTKp1O_juXrorwRC0Gp61UAuaR2Q7FsHnZXKRMgpr7YO53-zvUUPZo8Dzf2QOpFrDK2zsWXDt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''M84LeeMiuz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 759803
last-modified: Fri, 10 Jun 2022 17:20:40 GMT
server: UploadServer
etag: "84e40b5bc148876a1b8e9056bcca4787"
x-goog-generation: 1654881640415078
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=KGQoWA==, md5=hOQLW8FIh2objpBWvMpHhw==
cache-control: private, max-age=0
x-goog-stored-content-length: 759803
x-goog-meta-firebasestoragedownloadtokens: 950f2ee2-f6a6-4228-bbbf-71c6b5f6df84
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H/1.1 403
Forbidden crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg
s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/ 0
0 801ms
116ms Image
application/xml 52.219.176.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.176.249 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 images%2FwIjSQ9Rrjc
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 467 KB
467 KB 314ms
311ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FwIjSQ9Rrjc?alt=media&token=8519486f-4e90-4a00-b203-e90aece6150f
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 798932e879a71338df9bf6fb7497c00411a9471695d8575208744e53ff6df07b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdshpONQgLUQ4yNfdy3wR-VJLUHgpofLucCuc4degqZUskxUaY85p-on7WxONZCM_3iy62Rxe-wUgpU4fcs5zGhy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wIjSQ9Rrjc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477884
last-modified: Tue, 07 Jun 2022 14:10:59 GMT
server: UploadServer
etag: "971acf936d74c69bdd785e7d6d6249d8"
x-goog-generation: 1654611059474037
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=pniEgw==, md5=lxrPk210xpvdeF59bWJJ2A==
cache-control: private, max-age=0
x-goog-stored-content-length: 477884
x-goog-meta-firebasestoragedownloadtokens: 8519486f-4e90-4a00-b203-e90aece6150f
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FIvSNRDwu85
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 555 KB
555 KB 271ms
268ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FIvSNRDwu85?alt=media&token=e9f17d70-5db1-4fb7-bd38-7820cce5949a
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fe48befcf69eb9abf495d891db6c8325a4e21364801035e5206a30ca7e4c443

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdvGmdYFL6_G_yRtt61nvIcjWpwl7HqPPPggvxXkHtnr60tfou3-R-uPyeZOnipDGfD0cDiQbCSo1_QthIzDoBTc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''IvSNRDwu85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 568136
last-modified: Tue, 07 Jun 2022 13:37:14 GMT
server: UploadServer
etag: "092e9c816ac698c9feff64591adcdced"
x-goog-generation: 1654609034382077
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Z/Hueg==, md5=CS6cgWrGmMn+/2RZGtzc7Q==
cache-control: private, max-age=0
x-goog-stored-content-length: 568136
x-goog-meta-firebasestoragedownloadtokens: e9f17d70-5db1-4fb7-bd38-7820cce5949a
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FIhxHKBRA0c
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 342 KB
342 KB 240ms
237ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FIhxHKBRA0c?alt=media&token=9617922e-69a7-4568-b5e9-415f9509af52
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b25e1557bc6f9c8d9457ef7b0f0f7da1db62ab7128971f16dffff77efb411592

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdsoPkxDIL5mulNhQ4EwRmgovg17a76PvY_0FFp1H39PamoRzbjiwFvj1uxZFZ3EEX5pVPotEplhmqBrHxRp6JlX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''IhxHKBRA0c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349888
last-modified: Mon, 14 Mar 2022 12:41:12 GMT
server: UploadServer
etag: "172a3870375fb95f99ccb6fa17040024"
x-goog-generation: 1647261672630151
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=ZWFqSw==, md5=Fyo4cDdfuV+ZzLb6FwQAJA==
cache-control: private, max-age=0
x-goog-stored-content-length: 349888
x-goog-meta-firebasestoragedownloadtokens: 9617922e-69a7-4568-b5e9-415f9509af52
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FRve22yAjiP
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 42 KB
43 KB 256ms
254ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FRve22yAjiP?alt=media&token=c98bc946-7a5d-45c8-b037-08a5c0740e38
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7f340a2defa886e0fd32def4af9ca322f1136f89338f38bcd5f1d161d60ed07a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdvmPHQ8kU1BEhCAsl0WQ5w6-xlo5b9KCW7UKAY2EOI4dH_60b_KI7UIjLdWrVl8YCar8s7d0ESYqxPJyqA5pN0N
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''Rve22yAjiP
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43278
last-modified: Tue, 05 Jul 2022 13:14:14 GMT
server: UploadServer
etag: "297ad51e60176a31a4809426476b1ef0"
x-goog-generation: 1657026854052211
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=WJeLmA==, md5=KXrVHmAXajGkgJQmR2se8A==
cache-control: private, max-age=0
x-goog-stored-content-length: 43278
x-goog-meta-firebasestoragedownloadtokens: c98bc946-7a5d-45c8-b037-08a5c0740e38
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2Fwrgz2x79Rh
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 652 KB
653 KB 323ms
320ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fwrgz2x79Rh?alt=media&token=464e39e7-0014-48fe-a7f2-03fe00343182
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 085ab8bb50dd2328eac5780f7655253e557474db55025d9ff5a3ad221bb3bdc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdsmAmTqy91e6huJscyiYS-5hDJdPR-F8fEGG73W3Csq7CUd75PcI91Lg7_sTUoEGlWVsdC2XXDwMZuFScR8GAVO
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wrgz2x79Rh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667764
last-modified: Tue, 05 Jul 2022 13:14:38 GMT
server: UploadServer
etag: "89b0e1f528e1da6cb18c59a4d2d5fbd4"
x-goog-generation: 1657026878188135
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=zwwMJw==, md5=ibDh9Sjh2myxjFmk0tX71A==
cache-control: private, max-age=0
x-goog-stored-content-length: 667764
x-goog-meta-firebasestoragedownloadtokens: 464e39e7-0014-48fe-a7f2-03fe00343182
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2FeinIcpx5ZU
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 1 MB
1 MB 296ms
293ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FeinIcpx5ZU?alt=media&token=fc8cfda7-29de-45d7-9317-2df75e73e856
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 01e2e921eca318498b76a61b4bda48169533fb6494744cd2b4c77020b37f50d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdsbBQiOVFP4HViUXyCIaJnnAM0O64SwuS76SYuW8SUoUh3o3bzSuYK4qEhjH0NUUwV6HkiZ53tQ-q7n0-8pHggr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''einIcpx5ZU
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281555
last-modified: Thu, 13 Oct 2022 15:51:37 GMT
server: UploadServer
etag: "09fb7651c92975b7b43144b9a8efab1a"
x-goog-generation: 1665676297931223
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=HqnHTw==, md5=Cft2Uckpdbe0MUS5qO+rGg==
cache-control: private, max-age=0
x-goog-stored-content-length: 1281555
x-goog-meta-firebasestoragedownloadtokens: fc8cfda7-29de-45d7-9317-2df75e73e856
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 images%2Fu4YDa6wzAx
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 664 B
980 B 239ms
237ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fu4YDa6wzAx?alt=media&token=7e363f81-97ca-466b-9cc8-9f47d4f4f3bc
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0102d04028714c5980ffdb5c6a9abf38ca9a968534caba224dac4d323caa9723

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycduFkujZII2SjRI7mEiHUtdnSi2TAKXYCBTLrUWy6cweFpBlJCzJiy_-210s3OhPW4T7t3PjuZ8i7DZbhDAAdqLN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''u4YDa6wzAx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664
last-modified: Sat, 12 Mar 2022 11:56:21 GMT
server: UploadServer
etag: "32376b43fcc3e8da72340818b1c6987c"
x-goog-generation: 1647086181014229
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=6T+cjg==, md5=MjdrQ/zD6NpyNAgYscaYfA==
cache-control: private, max-age=0
x-goog-stored-content-length: 664
x-goog-meta-firebasestoragedownloadtokens: 7e363f81-97ca-466b-9cc8-9f47d4f4f3bc
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H/1.1 403
Forbidden crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg
s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/ 0
0 770ms
120ms Image
application/xml 52.219.176.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.176.249 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
app.crwd.shop/builderassets/js/jquery/ 87 KB
88 KB 33ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/jquery/jquery-3.5.1.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:39 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 89476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.js Show response
app.crwd.shop/builderassets/js/jquery/ 527 KB
527 KB 35ms
31ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/jquery/jquery-ui.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:40 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 539419
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK popper.min.js Show response
app.crwd.shop/builderassets/js/bootstrap/ 21 KB
21 KB 34ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/bootstrap/popper.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:30 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 21260
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
app.crwd.shop/builderassets/js/bootstrap/ 59 KB
59 KB 35ms
31ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/bootstrap/bootstrap.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:29 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 60016
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.zoom.min.js Show response
app.crwd.shop/builderassets/js/zoom/ 3 KB
3 KB 34ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/zoom/jquery.zoom.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

b732bca54abb8c19181dad21d8323976fad3f16614b26e09be8b502ebc07d987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2621
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.min.js Show response
app.crwd.shop/builderassets/js/slick/ 42 KB
42 KB 66ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/slick/slick.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:41 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 42862
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK countdown.min.js Show response
app.crwd.shop/builderassets/js/countdown/ 7 KB
8 KB 372ms
371ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/countdown/countdown.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

effd6d38858ccb5be115f36d992b360a6f8fa07a6ac432c4171a6b49e1c30f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:32 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7329
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.min.js Show response
app.crwd.shop/builderassets/js/owlcarousel/ 43 KB
44 KB 30ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/owlcarousel/owl.carousel.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:40 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 44348
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK newdropborders.js Show response
app.crwd.shop/builderassets/js/ 69 KB
70 KB 31ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/newdropborders.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

890a5d365cd857bab0c7a52b27ba68aa0bab64bc4c8f9e88aaacf5bc74d80601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Feb 2023 15:47:20 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 70854
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK affiliate.js Show response
app.crwd.shop/builderassets/js/ 13 KB
13 KB 31ms
31ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/affiliate.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

b6d113a2a54337026f4e3253cb769600f754bfe3122ccd4d4cae1642abfe4ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Jan 2023 16:38:24 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 13272
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK youtube_background.min.js Show response
app.crwd.shop/builderassets/js/ytbg/ 10 KB
11 KB 36ms
36ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/ytbg/youtube_background.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

61e91a341f0be6f9c99470775b8c68fcb66d05e6b8dc994a7722b7f5367edc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 10638
X-XSS-Protection: 1; mode=block

GET
H2 200 7175493.js Show response
js.hs-banner.com/ 61 KB
16 KB 1008ms
358ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7175493.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11da99559f956e2daafd50b61e34cb0012f946f644559f8554308f34779f096f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
x-amz-version-id: 5IGKU254GknWs_F0QQNo2rIAXsk_PzEx
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: DW8XRJK0GB4RMBHH
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8973159a-37d4-4bf1-8efb-a22e2cade9dd
x-envoy-upstream-service-time: 31
x-amz-id-2: Y0zdFTx7E9caE5nI12hbdRN9bKJvw1brbXRFcsnvOSLgpTGGfuX49MX+4ETAfw5bCfIC0D5r+pS/sisyLALfKQ==
x-evy-trace-listener: listener_https
x-request-id: 8973159a-37d4-4bf1-8efb-a22e2cade9dd
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 11 Sep 2023 16:09:19 GMT
server: cloudflare
etag: W/"a877e9c6a1184780158d6b83396060fb"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://alisonsbeautyandwellness-com.crwd.shop
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-mlgh4
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8193df535a450342-CDG
expires: Fri, 20 Oct 2023 20:09:52 GMT

GET
H2 200 7175493.js Show response
js.hs-analytics.net/analytics/1652460000000/ 66 KB
21 KB 791ms
141ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1652460000000/7175493.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08b6fbd4e3afbd3b2d17508d8d1c96baa10eb5c4dd7931f433562f5a172005c8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 5GKQHPXSY7ERW6MG
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 34abb22c-f6c4-4d0f-86bd-f5df71b7dfa8
x-envoy-upstream-service-time: 21
x-amz-id-2: xNrzILH+qVxiEG648U79QeUQ+AlCf05B1RdtGKc5Yc6z6y0JbmcMd642NuAAw+h7N0yNHZnS7Hg=
x-evy-trace-listener: listener_https
x-request-id: 34abb22c-f6c4-4d0f-86bd-f5df71b7dfa8
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:10:55 GMT
server: cloudflare
etag: W/"2fdb9d75f9c2c90dab8b700755dd9d9b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8193df535c13d36b-CDG
expires: Fri, 20 Oct 2023 20:09:52 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 540 KB
86 KB 822ms
178ms Script
application/javascript 2606:4700::6812:7e0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3f1b2d413dc05bebcfe17c104549ac0e31b79d2537605e3c2c92ce65e299ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1271/bundle/main/lead-flows-release.js&cfRay=8193df535e150365-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"91351547057cda60bc18bf73dfa40054"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1271/bundle/main/lead-flows-release.js
date: Fri, 20 Oct 2023 20:04:52 GMT
x-amz-version-id: kynIQz4kS2EcRSsReYWDL4ghReqTd7ZR
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 22476ff4-f6e1-454d-8766-3fd28ebc66ea
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 51
x-evy-trace-route-configuration: listener_https/all
x-request-id: 22476ff4-f6e1-454d-8766-3fd28ebc66ea
last-modified: Thu, 19 Oct 2023 12:04:56 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-cq5v7
cf-ray: 8193df535e150365-CDG
x-amz-cf-id: nKODEOhmbIOy_qdamIujZZkSmOlYpomV5kb7hVxg4ye5gBi4sUti9w==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 680ms
32ms Script
application/javascript 2606:4700::6811:f8a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

091746702ae0e6bf9c2558bb90d25063932f8aaf7d24dfaa31e8059e77fd4547

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
x-amz-version-id: Aw9dQ4JSA0YE0n1WZLeJH0QNF34b_Vwv
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 134
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14560/bundles/project.js&cfRay=8193dc0b99f00275-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 2bf64345-d1ce-4fed-9351-c73daacbc43a
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2bf64345-d1ce-4fed-9351-c73daacbc43a
last-modified: Fri, 20 Oct 2023 16:02:08 UTC
server: cloudflare
etag: W/"94c3cae79c387cc65338cd53d2b7c910"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
cf-ray: 8193df53588dd6f2-CDG
x-amz-cf-id: j7sj787qQLC7VifVfiyzgGd7Zg5tWLemZWwsofN5NVgGIul2za3jdA==
x-hs-target-asset: conversations-embed/static-1.14560/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 653ms
27ms Script
application/javascript 2606:4700::6811:e6a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e6a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413237d22e25097e3cee2595c2cedccc0d680158bd638a421aecaa1a7237321f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
x-amz-version-id: 6Rl00Bao8JSR9sjVJgKGfhCjk_eTdRhI
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 252
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.490/bundles/pixels-release.js&cfRay=8193d92c18070179-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 898236d4-6821-49e0-8451-60bc3b1bc678
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 6
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 898236d4-6821-49e0-8451-60bc3b1bc678
last-modified: Mon, 16 Oct 2023 16:51:04 UTC
server: cloudflare
etag: W/"7e8c6b3c97842ae7b4b13d1465637fd9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray: 8193df535e1a2a11-CDG
x-amz-cf-id: aG3MTnizLibTt_JdSBkOzPhr0UZMSCl5oeJ0eawGJq590oYwnFQ_uA==
x-hs-target-asset: adsscriptloaderstatic/static-1.490/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 495ms
131ms Script
application/javascript 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
x-amz-version-id: 99Y.E0UsJAdqqpubte3vKq3r2MOVQh4K
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 48d59aba-8e0b-44e9-998a-0f6a5725bb34
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.425/bundles/project.js&cfRay=8193df535b53f0ec-CDG
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 48d59aba-8e0b-44e9-998a-0f6a5725bb34
last-modified: Fri, 22 Sep 2023 08:42:59 UTC
server: cloudflare
etag: W/"526bb173ed1384afadfc2b0eb6b0846e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-wh2kt
cf-ray: 8193df535b53f0ec-CDG
x-amz-cf-id: mx9M8vkK_7KkLw20_o7r3gWQmMRdBpSsPghgYiB9uymzb2sFQdb7Lw==
x-hs-target-asset: collected-forms-embed-js/static-1.425/bundles/project.js

GET
H2 200 images%2F7mDGNENEg5
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 273 KB
274 KB 276ms
275ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2F7mDGNENEg5?alt=media&token=db6addb3-de38-429a-aaa3-7c6f52ef3870
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f5a7a05a543488f228e50c889218780c81d47197955218934dc3d980f23d0ac8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdtkKqoRobTlvRmjrlfhkiZ4ty_ImGOgHSwBpKsNsSqpeQ6fAI6nVBwmTHPWYQVtHokKuFZTG5tqlMec8g9rRGXi
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''7mDGNENEg5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279873
last-modified: Tue, 07 Jun 2022 13:28:39 GMT
server: UploadServer
etag: "efb313177f22e88320d743d1d6d75e98"
x-goog-generation: 1654608519252916
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=QuH+og==, md5=77MTF38i6IMg10PR1tdemA==
cache-control: private, max-age=0
x-goog-stored-content-length: 279873
x-goog-meta-firebasestoragedownloadtokens: db6addb3-de38-429a-aaa3-7c6f52ef3870
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d_640
i.vimeocdn.com/video/ 15 KB
15 KB 783ms
132ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d_640
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c86b101780e386faf6feb276d1b3617ca64b82d3618df24d533f21f1a5ecde9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 842057
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 14890
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210031-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832292.371855,VS0,VE112
etag: b9a015737aed03ae768c413de6812b58
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H/1.1 200
OK Gilroy-Regular.ttf
app.crwd.shop/builderassets/css/fonts/ 142 KB
142 KB 1297ms
30ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Gilroy-Regular.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:11 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 145148
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Gilroy-Bold.ttf
app.crwd.shop/builderassets/css/fonts/ 134 KB
134 KB 1298ms
31ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Gilroy-Bold.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:11 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 137256
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat.ttf
app.crwd.shop/builderassets/css/fonts/ 43 KB
43 KB 1409ms
30ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Montserrat.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

8a255170935ba96644a0f7e53c60652300087d4a2799c274e94c1d6a4dba4767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:12 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43924
X-XSS-Protection: 1; mode=block

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.2.1/webfonts/ 147 KB
148 KB 442ms
405ms Font
font/woff2 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "328a9d0f59f0ebb55cddac6f39995bea"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Deb80fCgkt19TnhMFIiKFpKsh6kHRTpKf4QDonHHQWiZLF0uJY0egXuv%2BFrWF4NI%2FTu5dEyKLeQO%2BK67%2Blps7FXy0XZELqxNWw76CuOPesuhzq09Cfm%2FTVLJAPnQQXAb1PCalitYu5Woe50yzrdWGvd"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8193df4f6dfc71b1-LHR
alt-svc: h3=":443"; ma=86400
content-length: 150516

GET
H/1.1 200
OK Roboto-Slab-Regular.ttf
app.crwd.shop/builderassets/css/fonts/ 118 KB
119 KB 1402ms
29ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Roboto-Slab-Regular.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

6d7d7d8806cc310d0fc693af61c94b8ad69d1825b1abc86d4c137d32f8b70212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:12 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 121060
X-XSS-Protection: 1; mode=block

GET
H2 200 images%2FsLLvuNVvZ0
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 358 KB
358 KB 262ms
262ms Image
image/jpeg 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FsLLvuNVvZ0?alt=media&token=2cc4c93a-a7f9-42f2-bfc7-1ad61e8ad668
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 03b48669dd18b1daa29541e38abc183a5c9f8b8aa8b8906a9da8a3522d6d7f45

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:51 GMT
x-guploader-uploadid: ADPycdurRPs7AGU2thkyie89z1Jmdb5m3Ucu1hg5Gx6_OVrHOu6WHFxD6yE1p0YJjmrCF4pcx2Sgh3XyZC1FNlJ4SLVr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''sLLvuNVvZ0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366145
last-modified: Thu, 10 Mar 2022 16:52:18 GMT
server: UploadServer
etag: "c2f96ebea5d08c788bc91c0dc6c3a5dd"
x-goog-generation: 1646931138821842
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=Z2WL2w==, md5=wvluvqXQjHiLyRwNxsOl3Q==
cache-control: private, max-age=0
x-goog-stored-content-length: 366145
x-goog-meta-firebasestoragedownloadtokens: 2cc4c93a-a7f9-42f2-bfc7-1ad61e8ad668
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:51 GMT

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d_640
i.vimeocdn.com/video/ 29 KB
29 KB 375ms
135ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d_640
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b72676d49eb96f3f58aaed334f20b5258aee9fe7769cb4c7de2cf39a2d5ff33e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 859227
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 29580
viewmaster-server: viewmaster-us-central1-djlm
x-served-by: cache-dfw-kdal2120095-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832292.372515,VS0,VE112
etag: 33ce3a2e692d252695e12358955e5fca
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 31, 1

GET stepsTracker.php
app.crwd.shop/builderassets/php/ 0
0

POST funnelfavicon
app.crwd.shop/builder/ 0
0

GET
H/1.1 200
OK 725141484 Show response
player.vimeo.com/video/ Frame 093B 51 KB
20 KB 439ms
384ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/725141484

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/newdropborders.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248741ebce79abec3e0b056f3479be99050e73c6c2f93f5e62ebc11bd9d65527

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 8193df540b93f128-CDG
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 20:04:52 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-mad22067-MAD
X-Timer: S1697832293.511079,VS0,VE319
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-69bf476d99-68gpw
x-content-type-options: nosniff
x-host: player-backend-69bf476d99-68gpw
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 578093692 Show response
player.vimeo.com/video/ Frame 6ED5 50 KB
20 KB 245ms
191ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/578093692

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/newdropborders.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f80170d4062da04443fca513846269a1a2a3b72ee18b862bbf51e93892b2baf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 8193df541d5f02d7-CDG
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 20:04:52 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230076-FRA
X-Timer: S1697832293.507445,VS0,VE146
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-69bf476d99-7wq54
x-content-type-options: nosniff
x-host: player-backend-69bf476d99-7wq54
x-player-backend: g
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
api.crwd.systems/v1/ 155 B
653 B 924ms
429ms Fetch
application/json 104.18.0.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.crwd.systems/v1/graphql

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/affiliate.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

164fc1aff1b68513a51cfc4a06365e46bcbf14c196c961d4092c1c5fb847a5b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 0
x-request-id: 606f47106f221e94d5653ed3b8515463
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
access-control-expose-headers: X-Hasura-Query-Cache-Key,X-Hasura-Query-Family-Cache-Key,Warning
access-control-allow-credentials: true
cf-ray: 8193df56f9d102e1-CDG

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 120ms
51ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/ytbg/youtube_background.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9561327d88b1af3a3af6e817b60fc0e7da524b543dd0e8122bed75878f6885e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 20 Oct 2023 20:04:52 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 209ms
162ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7175493&conversations-embed=static-1.14560&mobile=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&traceId=8c4f10aa2fbc4d768d903c06aa45d277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.backtorootshealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.backtorootshealth.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8193df544e7a0153-CDG
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 20 Oct 2023 20:04:52 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE2RhSlJBdtVdsu5fhDZxSdskskqT2t9C229YJI4btQGyc7b2t6sfgXsj51TwiXC%2FAHInfqJh0HtI%2FS82GRaMz95E%2Bm3b%2BZYQP8x%2B5IjOcNGIqZHjqjBCdYYQ3Weq4YtuHpfnoir0Gvkwh1FGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-dz5lh
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 973dc096-988f-478b-b2cf-dcdbb591d39c
x-request-id: 973dc096-988f-478b-b2cf-dcdbb591d39c
x-trace: 2B6677AD9D34A07EE2B20B5D20526BE18649A1C447000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 239ms
237ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba9f1d947ec96deedbc3cf41c48c86f84d10265f93171b8567170e644a200ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
X-HubSpot-Messages-Uri: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9d947ac1-f038-484e-be7e-d98496615759
x-envoy-upstream-service-time: 107
content-length: 1315
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9d947ac1-f038-484e-be7e-d98496615759
server: cloudflare
x-trace: 2B1288AA8BCAB9605D8CBF7F2AE693249B97D1C96A000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-nvx4k
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccm7p38VjCVc9unXGTchhF0P81gYu6nlLmViVetET6rgWbl5GCymbiWu6LAw8VUUic3qvHnhBZmeHGXgNyx75%2ByRVPaXWPBYhpIjx%2BhRWAJ20UVLs4jIOHCqpf0ByTi%2Bh1OiTKVkPUBnL5g5Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8193df55484b0153-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/dd34ec3d/www-widgetapi.vflset/ 213 KB
66 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270c8f402a1eb1fe4617d33b37944b6e59c50d0aeb4605500f38f08cefc03191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67282
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 19:29:36 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
441 B 130ms
120ms XHR
application/json 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7175493&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb39ee2e75cd39e84fd60931d906431f35101b375b54b8524d699c3a6c50341

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 99d68a54-0a57-41d2-8abc-38b3e9222034
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 99d68a54-0a57-41d2-8abc-38b3e9222034
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-cq5v7
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8193df553e33f0ec-CDG

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.25.14/js/ Frame 6ED5 545 KB
132 KB 123ms
41ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.14/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44fdbaf8124833190133f5ec3804a920b62ca7eb1e63e8ac0b519828d94d3d5c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100140-IAD, cache-fra-etou8220098-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 6459
x-timer: S1697832293.774035,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 134656
x-cache-hits: 0, 2597

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.25.14/js/ Frame 6ED5 412 KB
100 KB 107ms
26ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.14/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a84c8ca31a1e84ff53569dfcadc07f07513ea1c1d5b66041737d43ee153135d

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-etou8220098-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 100664
x-timer: S1697832293.773497,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101671
x-cache-hits: 6, 37234

GET
H2 200 player.css
f.vimeocdn.com/p/4.25.14/css/ Frame 6ED5 215 KB
22 KB 109ms
27ms Stylesheet
text/css 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.14/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75c3eb7451cc019dd355b5b1dfb7c7694bc721d2883318c4a92efa52c64571f1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000140-IAD, cache-fra-etou8220077-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 100663
x-timer: S1697832293.775206,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22515
x-cache-hits: 6, 37454

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 6ED5 2 KB
2 KB 25ms
24ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 54159cdebaebd108c249a74c8405c384cff764e489e4e01a93c37c5cfa576c1c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 812608
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1886
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210023-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.708999,VS0,VE3
etag: 916bb83300e1b311fe2cdb323f1a92d2
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 217ms
169ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7175493

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3356fc08932d03ae05a815019ef02a3d28b3174eae447e59a976f8b7f75e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c11183e9-ad81-4be0-a2f7-389e27c3d992
content-encoding: br
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c11183e9-ad81-4be0-a2f7-389e27c3d992
server: cloudflare
x-trace: 2BAB66A90C3FB39BC9E06DAF8FF04C7541938FA153000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wp4hz
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUObiNVuSJ0ZKoSTWEEedopUqqsWHyH3jT1atrfTHOd1t6yzTHkSMmVElO%2BLxRS7iWHLQNJn3WkxZ4T3ATWhWECQk%2FJsfNQuzCdq4carZOmEE1JXyZpipyhqY69TePHpH0GS9wQPmYDY5Xx9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8193df55f8f4008c-CDG
access-control-allow-headers: *

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ Frame 6ED5 49 KB
19 KB 75ms
24ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Fri, 20 Oct 2023 20:04:52 GMT
strict-transport-security: max-age=300
x-amz-request-id: 32QZAFNB5SVEDAK5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: QdjbB5rbOORH7k3Lyf0L/Zmt7PVvYElZFlZSaBLuFz6xOy404DckTE+COLFPHOXFJ13m9W9kuL8=
x-served-by: cache-lcy-eglc8600032-LCY
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
x-timer: S1697832293.865613,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 115587

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.25.14/js/ Frame 093B 545 KB
132 KB 44ms
27ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.14/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44fdbaf8124833190133f5ec3804a920b62ca7eb1e63e8ac0b519828d94d3d5c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100140-IAD, cache-fra-etou8220098-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 6459
x-timer: S1697832293.901495,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 134656
x-cache-hits: 0, 2599

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.25.14/js/ Frame 093B 412 KB
99 KB 50ms
33ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.14/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a84c8ca31a1e84ff53569dfcadc07f07513ea1c1d5b66041737d43ee153135d

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-etou8220098-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 100664
x-timer: S1697832293.902182,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101671
x-cache-hits: 6, 37235

GET
H2 200 player.css
f.vimeocdn.com/p/4.25.14/css/ Frame 093B 215 KB
22 KB 36ms
28ms Stylesheet
text/css 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.25.14/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75c3eb7451cc019dd355b5b1dfb7c7694bc721d2883318c4a92efa52c64571f1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000140-IAD, cache-fra-etou8220077-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 100663
x-timer: S1697832293.903267,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22515
x-cache-hits: 6, 37455

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame 093B 1 KB
2 KB 133ms
133ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9fc45702710de3e1b646bec46d5e4f6eed47d3cf571bcf024ca7b7927bd5a82c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 310051
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1368
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120055-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.912588,VS0,VE115
etag: 49f82a31147e10ad5dec16d209d5c60e
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 6ED5 2 KB
1 KB 32ms
31ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220077-FRA
date: Fri, 20 Oct 2023 20:04:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2387905
x-timer: S1697832293.985022,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 38, 325591

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6ED5 4 KB
2 KB 111ms
50ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:53 GMT

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 6ED5 12 KB
13 KB 23ms
23ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=300&mh=300
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee18470dc8e94477f5f57d92bad8e945701199481e4e4ac1ded391758b1f46a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2035374
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 12722
viewmaster-server: viewmaster-us-east1-z8f6
x-served-by: cache-dfw-kdal2120076-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.017988,VS0,VE3
etag: c4ae90606473f5b37bfa6c4b467c226f
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 28, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 6ED5 0
142 B 161ms
111ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f7be1197cdb0107d6d01f9573cc7bb0559d95d7a1697832292
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 20 Oct 2023 20:04:53 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 8c4f10aa2fbc4d768d903c06aa45d277 Show response
app.hubspot.com/conversations-visitor/7175493/threads/utk/ Frame 029D 53 KB
20 KB 252ms
199ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/7175493/threads/utk/8c4f10aa2fbc4d768d903c06aa45d277?uuid=a5e1ffeea3f34bd186daa17a74c03233&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e96eca26d29def4d4cae47b95f11d12890edae50c304b2d66b61a31115f2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: false
age: 980
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8193df57c8972a31-CDG
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.17012/html/index.html&cfRay=8193df57c8972a31&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7175493%2Fthreads%2Futk%2F8c4f10aa2fbc4d768d903c06aa45d277%3Fuuid%3Da5e1ffeea3f34bd186daa17a74c03233%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dbacktorootshealth.com%26inApp53%3Dfalse%26messagesUtk%3D8c4f10aa2fbc4d768d903c06aa45d277%26url%3Dhttps%253A%252F%252Fwww.backtorootshealth.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.backtorootshealth.com%2F&cfenv=prod&pdt=2023-10-20&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 20 Oct 2023 20:04:53 GMT
etag: W/"dbf16bb2d313ea6a3a75073c78156ae1"
last-modified: Fri, 20 Oct 2023 16:02:08 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8193df57c8972a31&resource=conversations-visitor-ui/static-1.17012/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-amz-cf-id: dBrE-bAo5CUOstrvNfntPToc-138tcT_QbpVCE_Ic0VQ1ZX0iKJ5AQ==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: YwQgKqc0pAB680NvtVXaiTxICJ0_JYmW
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hjsqm
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.17012/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 6c114042-c823-4c74-9435-f4077183278e
x-request-id: 6c114042-c823-4c74-9435-f4077183278e

GET
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/1/ Frame 6ED5 56 B
627 B 257ms
161ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/689d5b4562?a=621065044&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=614&ck=1&ref=https://player.vimeo.com/video/578093692&be=262&fe=377&dc=280&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1697832292427,%22n%22:0,%22f%22:1,%22dn%22:12,%22dne%22:12,%22c%22:12,%22s%22:31,%22ce%22:55,%22rq%22:55,%22rp%22:246,%22rpe%22:248,%22dl%22:250,%22di%22:272,%22ds%22:280,%22de%22:280,%22dc%22:377,%22l%22:377,%22le%22:378%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8193df582d20029a-CDG

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ Frame 093B 49 KB
19 KB 18ms
18ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Fri, 20 Oct 2023 20:04:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 32QZAFNB5SVEDAK5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: QdjbB5rbOORH7k3Lyf0L/Zmt7PVvYElZFlZSaBLuFz6xOy404DckTE+COLFPHOXFJ13m9W9kuL8=
x-served-by: cache-lcy-eglc8600032-LCY
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
x-timer: S1697832293.076762,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 115588

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 6ED5 0
926 B 209ms
159ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=f7be1197cdb0107d6d01f9573cc7bb0559d95d7a1697832292

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 08:04:53 GMT
Date: Fri, 20 Oct 2023 20:04:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200066-IAD, cache-lcy-eglc8600070-LCY
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1697832293.145211,VS0,VE118
x-backend-proxy: webproxy10
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-67b75db7b8-vj4wm
Accept-Ranges: bytes
CF-RAY: 8193df580f16f180-CDG
X-Cache-Hits: 0, 0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 093B 2 KB
1 KB 27ms
27ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220077-FRA
date: Fri, 20 Oct 2023 20:04:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2387905
x-timer: S1697832293.103514,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 38, 325592

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 093B 4 KB
2 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:53 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame 093B 14 KB
14 KB 150ms
150ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=600&mh=346
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37aae93ea7f02076671f2d300a5ae3ee69240d1e0d01e6c3bcb3fdcc6a1cd254

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1370331
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 14278
viewmaster-server: viewmaster-us-central1-2j40
x-served-by: cache-dfw-kdfw8210028-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.111962,VS0,VE128
etag: e93da708492cc6524fc93fb94b6a6259
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 4, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 093B 0
40 B 115ms
115ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=247f3e1c8caa5183ea60e8e418a783fb75c89cdb1697832292
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 20 Oct 2023 20:04:53 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 6ED5 12 KB
12 KB 19ms
18ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=300&mh=300
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee18470dc8e94477f5f57d92bad8e945701199481e4e4ac1ded391758b1f46a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2035374
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 12722
viewmaster-server: viewmaster-us-east1-z8f6
x-served-by: cache-dfw-kdal2120076-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.138633,VS0,VE0
etag: c4ae90606473f5b37bfa6c4b467c226f
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 28, 2

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 6ED5 2 KB
2 KB 19ms
18ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 54159cdebaebd108c249a74c8405c384cff764e489e4e01a93c37c5cfa576c1c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 812608
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1886
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210023-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.170940,VS0,VE1
etag: 916bb83300e1b311fe2cdb323f1a92d2
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 4, 2

GET
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/1/ Frame 093B 56 B
627 B 233ms
148ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/689d5b4562?a=621065044&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=776&ck=1&ref=https://player.vimeo.com/video/725141484&be=460&fe=641&dc=590&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1697832292426,%22n%22:0,%22f%22:0,%22dn%22:13,%22dne%22:13,%22c%22:13,%22s%22:31,%22ce%22:55,%22rq%22:55,%22rp%22:439,%22rpe%22:443,%22dl%22:445,%22di%22:480,%22ds%22:590,%22de%22:590,%22dc%22:640,%22l%22:640,%22le%22:642%7D,%22navigation%22:%7B%7D%7D&fp=663&fcp=663&jsonp=NREUM.setToken
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:53 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8193df592b713d0d-CDG

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 6ED5 35 KB
12 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:53 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame 6ED5 50 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 15:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 21 Oct 2023 15:57:06 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 093B 35 KB
12 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 20 Oct 2023 20:04:53 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame 093B 50 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 15:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 21 Oct 2023 15:57:06 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame 093B 14 KB
14 KB 18ms
18ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=600&mh=346
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37aae93ea7f02076671f2d300a5ae3ee69240d1e0d01e6c3bcb3fdcc6a1cd254

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1370331
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 14278
viewmaster-server: viewmaster-us-central1-2j40
x-served-by: cache-dfw-kdfw8210028-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.308839,VS0,VE0
etag: e93da708492cc6524fc93fb94b6a6259
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame 093B 1 KB
1 KB 19ms
18ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.25.14/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9fc45702710de3e1b646bec46d5e4f6eed47d3cf571bcf024ca7b7927bd5a82c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 310051
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1368
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120055-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.324368,VS0,VE1
etag: 49f82a31147e10ad5dec16d209d5c60e
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 60078268_60x60
i.vimeocdn.com/portrait/ Frame 093B 1 KB
2 KB 132ms
132ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/60078268_60x60?subrect=170%2C164%2C1971%2C1965&r=cover
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0797ed81895fd659aa5e37d745ed3c44b53b4d5835e764b334e392a6af07309a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 310050
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1337
viewmaster-server: viewmaster-us-central1-6j4m
x-served-by: cache-dfw-kdfw8210041-DFW, cache-lcy-eglc8600031-LCY
x-timer: S1697832293.324728,VS0,VE113
etag: 3e5d40a7068d022c61070de098c9024c
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 9, 0

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.368/ Frame 029D 44 KB
16 KB 83ms
29ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/8c4f10aa2fbc4d768d903c06aa45d277?uuid=a5e1ffeea3f34bd186daa17a74c03233&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
x-amz-version-id: wWLMJ6qW0lXJfco2m026CzodYMop32jV
via: 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 1470326
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=8193df59a98fd70a-CDG
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jul 2023 18:31:41 GMT
server: cloudflare
etag: W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pHpvqeCHnN45jN6cS6b8w5q51hCKxC7%2FlDAhaZYX0eVigesdtCFyI3nKWizLo8YP7sGOqp90tKJIX51vBDrR73wH4i%2B6vZFSugSnRCaOPs6sNR5HhOl4uKLqNQEMInYWJL6kElYGyQaHC64WVmFOM4kXso%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8193df59a98fd70a-CDG
x-amz-cf-id: Hkr0e5sVaiuLzABh96MaoKhSz_vuzgygn4tOdSHvzojGmQrrQkTj0A==
expires: Sat, 19 Oct 2024 20:04:53 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.16739/sass/ Frame 029D 19 KB
4 KB 89ms
36ms Stylesheet
text/css 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.16739/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5378554e87e3ca5bf5814c807c57c8b5b03769cb252de7a36523f0ccb3de6417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
x-amz-version-id: KvYReuCP2inqlK_SBKZk5q5oqXwYV.Wh
via: 1.1 a1e152cd91a0e624aecabbad581ffcb2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 1559640
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=8193df59a869d598-CDG
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Oct 2023 13:13:59 GMT
server: cloudflare
etag: W/"605f1152f9ec93a0118808b7cec5f7e6"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=km%2FOFAWBsvdLhe%2Bbg6l%2FP6XZQ%2F3NE%2BxQ4w8TCHljnoqCknYqE%2FHk43MddfUdD%2FKOuldA9hOziyiQ0hoHBLh7jMzaXkwLBnzIURN98QVebJvJ6JifnUvCnq5LEBkqGwJBzK7GzgswY8I2Hxud4%2BB0hVI9y%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8193df59a869d598-CDG
x-amz-cf-id: 1oCl4TwKn8f2t9aPP_d77j-YHYZbMAsnR_a9D31ZnwdRNTrXlqRVGg==
expires: Sat, 19 Oct 2024 20:04:53 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.486/ Frame 029D 295 KB
94 KB 83ms
30ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.486/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd71f4fb37229dbdec8d1f0ac68279c3ca75ef139c5c13b3cd7dc7bd556550d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
x-amz-version-id: 1H.GX9zp_AREjaA8oaNRTIyhLkZUd.2i
via: 1.1 d0229dbe69f77738f3ccab386a045ad8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 179638
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=8193df59a98dd70a-CDG
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Oct 2023 17:50:27 GMT
server: cloudflare
etag: W/"2e7cc44968faafb72dd2b1fd707e3e6f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFZfKfEfu%2BID30qZqRITOB2mhnv6pLjDli0%2BIw%2BK7ShN63apSYcQgIBpJrEqgvA5n%2F%2BSzgiTQCouCCzm3Ld8brbEZGLtcGBsMC9xlHQ2SHnT9b%2BI4nZ1TkXHl5N%2B8x2zRiRMe101pg0XTr7VXOPQcmjpHh4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8193df59a98dd70a-CDG
x-amz-cf-id: bXFGnhsEcC24FVjM6fyyUJ2dDvRsAFWkviFfai3zNtmzmPife8nY9Q==
expires: Sat, 19 Oct 2024 20:04:53 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17012/bundles/ Frame 029D 640 KB
190 KB 82ms
29ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17012/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893d3d9d25d14f4cf85ad29a90f62470e64e592a2b4e2470b47fe7b6e3895bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
x-amz-version-id: sardu0X57O.JGptef7uZH5oe6MROReEg
via: 1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 14555
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=8193df59a98cd70a-CDG
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 20 Oct 2023 15:47:01 GMT
server: cloudflare
etag: W/"9ebaf543742b76160ce7582896ceba7b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDbzVjVEHAIUWtGdiUw%2Fvfj19kFawxBWU2yHl69qmmdubaKpgVZcT9YckwqDJlvhJvg4JYNj6Kl3YDHgdUVDtugOd%2BVaDGtPPDuMAJ1G8RrIdXx9yFzXuDb8DQIaSG1xUfnqnpkLIoLW9PLjjWgjX9yIMLs%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8193df59a98cd70a-CDG
x-amz-cf-id: V828BELjYHiKP6LqjVONG5-_NehNTWmIKcdZOQLLl4-TyaqdHHSiDA==
expires: Sat, 19 Oct 2024 20:04:53 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/crwdmarket.matomo.cloud/ 199 KB
58 KB 97ms
31ms Script
application/javascript 2600:9000:2156:3c00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/affiliate.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 18:14:15 GMT
x-amz-version-id: .5F04BbD1K3D4uO1qPXwDcf0_w0D7jqz
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 6639
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 04 Oct 2023 05:37:33 GMT
server: AmazonS3
etag: W/"3e98a39e2d8f2b464999b40df3c2172d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: tVXZ3dQH8Zp0iw1IDcpuxYUvmyTcHJfAoxdLOCb-KgJh0ikXapGVcg==

POST
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/events/1/ Frame 6ED5 24 B
404 B 159ms
158ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/689d5b4562?a=621065044&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=978&ck=1&ref=https://player.vimeo.com/video/578093692
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 20 Oct 2023 20:04:53 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://player.vimeo.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8193df59df58029a-CDG
Content-Length: 24

POST
H/1.1 200
OK 689d5b4562 Show response
bam.nr-data.net/events/1/ Frame 093B 24 B
404 B 157ms
156ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/689d5b4562?a=621065044&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1022&ck=1&ref=https://player.vimeo.com/video/725141484
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 20 Oct 2023 20:04:53 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://player.vimeo.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 8193df5a1cd13d0d-CDG
Content-Length: 24

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.16907/ Frame 029D 776 B
889 B 32ms
32ms Script
application/javascript 2606:4700::6810:e05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.16907/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17012/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:e05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df722a7fd19ec510a5a26790663be85339b02fe8d2f514818b06643cdcf83b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
x-amz-version-id: .tjzwIcYmUGOEwsX8GrUVVL6VFwybRpe
via: 1.1 da68614307a40db3dcbe53959fc92288.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 92506
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=8193df5abb2cd70a-CDG
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 17:09:45 GMT
server: cloudflare
etag: W/"eb0ee9f6166e0bbf29c977cac91cd9b7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBtVg4E47WKVzLhOiKiZeU3pScodrA9eJEEvEg%2FLrY09H%2B7XIQdn6DiK31iGBEwGyd6b%2BhRlHqRksSPy1qPMXLmWSsDOy0KPooZTNaJafC7JE3tQ0Sq2lWZncYo%2BlF1HCMUuELfsztictQaFtDJbVnNZvZE%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8193df5abb2cd70a-CDG
x-amz-cf-id: H2yIanBSwpmo8IpRCcBP3mdh5w8DTOwZwwP5cOfN7pXaaoWjxzeXAQ==
expires: Sat, 19 Oct 2024 20:04:53 GMT

POST
H2 204 matomo.php
crwdmarket.matomo.cloud/ 0
175 B 132ms
64ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/matomo.php?action_name=Back%20to%20Roots%20Health%20-%20PureCBD%20Products&idsite=8&rec=1&r=293736&h=22&m=4&s=53&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&_id=5d490acb40444780&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=SRcfcA&pf_net=453&pf_srv=64&pf_tfr=176&pf_dm1=1040&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.backtorootshealth.com
date: Fri, 20 Oct 2023 20:04:53 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
crwdmarket.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 80ms
31ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=8&trackerid=0l1zHH&url=https%3A%2F%2Fwww.backtorootshealth.com%2F
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 253d5d90a80bdef269ded77176e3e8e7a1b16f4e76f96ff40edddeec63153213

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 029D 0
1 KB 149ms
148ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17012

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17012/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/8c4f10aa2fbc4d768d903c06aa45d277?uuid=a5e1ffeea3f34bd186daa17a74c03233&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b4c11f02-f2bd-4832-a5d1-c35d2c977045
x-envoy-upstream-service-time: 21
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b4c11f02-f2bd-4832-a5d1-c35d2c977045
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWxCH5w9H8bTNy7dneSt3Asb2ffcSoO9aDyK1I1g8vu7UeMWcQ2bUvtJ13tSeQ%2FeLLcQBlU9%2Bpzixnajy2SlORdWhm74Qtm3hoDoiiqYGrTufVGdJZBXSpw%2Bk5q5vZHa1j%2BskDdaED3%2BYCwrFw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-f2ktm
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8193df5bbe2b2a31-CDG
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 1 Show response
app.hubspot.com/api/livechat-public/v1/feedback/survey/ Frame 029D 17 B
705 B 139ms
138ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/feedback/survey/1?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17012&conversations-visitor-ui=static-1.17012&traceId=8c4f10aa2fbc4d768d903c06aa45d277&sessionId=AMOaWbI_aIfFDYKVr0U21fi_K_SraMh4QWuXu50sbJuDz_QLIfRTIlsEylRDA8OX5rcnqikTKQ6SqNnvm-xpC83FNfRmQ8uhh8P6hHLrYQ0a7HeVFLSMSOvGPcBYb0UM-0pE3sEviSoeaF65ejCoJhnV7v-xTf4E7bSS6gA88kYTesqIRV7Ij44

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5acf3ff77b4420677b5923071f303facaba7a9273a346284a667a275df325146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/8c4f10aa2fbc4d768d903c06aa45d277?uuid=a5e1ffeea3f34bd186daa17a74c03233&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 246c4f8f-1038-4307-aecd-f2dfa22ebc6f
x-envoy-upstream-service-time: 15
content-length: 17
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 246c4f8f-1038-4307-aecd-f2dfa22ebc6f
server: cloudflare
x-trace: 2BF5B052780B722B694F18017237EEA69226DDD3AE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-kz7hh
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeSrXfuIwOoAq6z3XjeLtdQ88eNatb7mZioKm4CRby2wz2JDhH1TDrMGojA8ve2zf6bbpeL%2BXlljpn7FLItxtrhQkib2fkXMojEmYX86ES9q9w%2B27LnAS7Ogogp5T5V9vwoKHxEvTbgxTDcajQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8193df5bce432a31-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1673853/ Frame 029D 1 KB
1 KB 172ms
171ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1673853/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17012&conversations-visitor-ui=static-1.17012&traceId=8c4f10aa2fbc4d768d903c06aa45d277&sessionId=AMOaWbI_aIfFDYKVr0U21fi_K_SraMh4QWuXu50sbJuDz_QLIfRTIlsEylRDA8OX5rcnqikTKQ6SqNnvm-xpC83FNfRmQ8uhh8P6hHLrYQ0a7HeVFLSMSOvGPcBYb0UM-0pE3sEviSoeaF65ejCoJhnV7v-xTf4E7bSS6gA88kYTesqIRV7Ij44

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88b5915a7d3c361f4c8798ea79a5607e28c390d18a7d8ed61d337dd7fcb464f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/8c4f10aa2fbc4d768d903c06aa45d277?uuid=a5e1ffeea3f34bd186daa17a74c03233&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=8c4f10aa2fbc4d768d903c06aa45d277&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 31815743-612f-423f-bfa5-0818f8695921
content-encoding: br
x-envoy-upstream-service-time: 28
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 31815743-612f-423f-bfa5-0818f8695921
server: cloudflare
x-trace: 2BD07343D446A938D13951676CB7F922E94E33BD02000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-6tlpj
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQdT6YZYGLdrZYul98Vk0Yv1h5T9wNg9YVy0P2LZZ%2BZEcFWW%2B6dRslWjxTnKPU7PBM5QC7PeWqRsNK4%2FCWDewkCTXmIaeX3u%2FftaaaLd0EtYtJ2jr%2FIYv0FRXFou8GPH3aqPz7mTZvZJz2%2B1Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8193df5bce452a31-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

POST
H/1.1 200
OK event Show response
analytics.netflow.co/api/ 3 B
410 B 268ms
267ms XHR
text/html 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.netflow.co/api/event
Requested by: Host: analytics.netflow.co
URL: https://analytics.netflow.co/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 20 Oct 2023 20:04:55 GMT
Server: Apache
X-RateLimit-Remaining: 59
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.backtorootshealth.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked

OPTIONS
H/1.1 204
No Content event
analytics.netflow.co/api/ Frame 0
0 1535ms
213ms Preflight 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.netflow.co/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.backtorootshealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.backtorootshealth.com
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: Keep-Alive
Date: Fri, 20 Oct 2023 20:04:55 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 87ms
24ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 20 Oct 2023 20:04:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ysuM8b1k871d4te2ozGrN7QOgftdr/xpd8mRiZkRJ5yZHeD6NbFi08+Prv4IkgU1xJ6qdK0GqvJ6gqQa/gbg9w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 7175493.js Show response
js-na1.hs-scripts.com/ 3 KB
1 KB 183ms
129ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/7175493.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1652460000000/7175493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cede88c562588ef7b7772082be99a1e50615ff04264f73e00d14b887f0a2eff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c962d441-54c8-42ba-b354-cc046f08926d
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c962d441-54c8-42ba-b354-cc046f08926d
last-modified: Fri, 20 Oct 2023 20:04:54 GMT
server: cloudflare
x-trace: 2BCED15854E48D2D7952946A53A7020F45FF5D399A000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-dmm4c
cf-ray: 8193df5e4d401546-CDG

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
610 B 144ms
135ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1768103610&v=1.1&a=7175493&pu=https%3A%2F%2Fwww.backtorootshealth.com%2F&t=Back+to+Roots+Health+-+PureCBD+Products&cts=1697832294066&vi=30d88c4c60c3d3acc424ba49ccaa06a5&nc=true&u=3073967.30d88c4c60c3d3acc424ba49ccaa06a5.1697832294063.1697832294063.1697832294063.1&b=3073967.1.1697832294064&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b34c7536-a95a-4a89-a0c0-975d8e9402f2
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b34c7536-a95a-4a89-a0c0-975d8e9402f2
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSAz5GWcu1n6xfujd7CrfIhH1Ng%2FFmczrdJmmltoDFgLEb4dzQSbEtzUQXyqSNpKUWgCXDQQsBFvDrSoahQepWxssqB5aBWQdD2tT0ZF6%2Br04GI2fj0Ui6kpjwLdhUUoGyNK7tXmQisPjDd5D4Fb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-d9b87
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8193df5e09eb2a31-CDG
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
958 B 170ms
160ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7175493&utk=30d88c4c60c3d3acc424ba49ccaa06a5&__hstc=3073967.30d88c4c60c3d3acc424ba49ccaa06a5.1697832294063.1697832294063.1697832294063.1&__hssc=3073967.1.1697832294064&currentUrl=https%3A%2F%2Fwww.backtorootshealth.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93aae5e5904494b5b9243e69690838e810e9f8709bee61742158746c5ed211b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0f339d05-f767-45a2-8a9d-c2bf1db7be68
content-encoding: br
x-envoy-upstream-service-time: 24
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0f339d05-f767-45a2-8a9d-c2bf1db7be68
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3a%2BvyYqngEc0iDpMTDGHnSPIG9LYllu0fMhZ%2BfeSCwuoE9DiM6xy%2F7hVatqXjHEN1z7ONJZU5sEXkspd92J%2BKMxfRC12n9vEVCiKop96EqCaOmvZ%2BhQXmIVvkljN25EJmkIG4yNjTJRAkZlK1ac"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8193df5e1dfd0153-CDG
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-r4cs8

GET
H2 200 621921788454574 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 225ms
224ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/621921788454574?v=2.9.135&r=stable&domain=www.backtorootshealth.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd32983d49e17b973fc686f42603191a94e0cc27c4b19c558d11337106ad2698

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 20 Oct 2023 20:04:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: gVOgBbPPD/mhTmbO0qcUoqjPhASJDo8hdMOqzSjT2e2ZzSAS4PwQekyfticPMCzPCvOGXr73fJ1o+m232956oQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 75 KB
22 KB 138ms
128ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/7175493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98b24a13ed7317d6ca8bd2dd7537e00e79e46ad18299fdd72d73f44125e3948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.638/bundles/project.js&cfRay=8193df5f3fce0153-CDG
x-amz-replication-status: PENDING
x-evy-trace-listener: listener_https
etag: W/"13935e5dbc7f59aaf1d420ec577b4cec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.638/bundles/project.js
date: Fri, 20 Oct 2023 20:04:54 GMT
x-amz-version-id: RNaDbAeNBIuwQW8s9K0YaC8gHFUvEgb6
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 2bf4793d-a6cc-47a1-82ba-026984b8691b
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2bf4793d-a6cc-47a1-82ba-026984b8691b
last-modified: Thu, 19 Oct 2023 09:37:18 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUsr4eUMa0qMBWDdSTrfUkrHQDrCC0jU5bY2SHnC1yfHL3XL%2BefuTcbVHGnEiaYpgtZ8d2yf3oEvRCoTY8TtH5G80k3%2BVyf5mjVYt5ehp9j0FVO%2FoAar9P2wJLdwu5H7rD46WgIl70Rswmub"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hgw6b
cf-ray: 8193df5f3fce0153-CDG
x-amz-cf-id: hGsQrxtSXCSwu6sBdu9aROL0NdnaWjxgGNiCgy-j69UDrSsNQN9xKA==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 207 B
1 KB 136ms
126ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7175493&currentUrl=https%3A%2F%2Fwww.backtorootshealth.com%2F&utk=30d88c4c60c3d3acc424ba49ccaa06a5&__hstc=3073967.30d88c4c60c3d3acc424ba49ccaa06a5.1697832294063.1697832294063.1697832294063.1&__hssc=3073967.1.1697832294064

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2b4c6ee7-2f77-4d7f-8b3c-3c2152ecb9b7
content-encoding: br
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2b4c6ee7-2f77-4d7f-8b3c-3c2152ecb9b7
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts3f4LZW%2BHhGzhiOrycAeROsVrIOivjnsTlZEqJd5rqgam5cjOe8yVadZw25PNqx44Dh%2BdbvyorhKSlPAuktheUtozvfl%2B3uK7D8hcvMblMf8etTZK%2Fwl0x5tUMdjNG%2FC0cFop7RSFC5WlcejmSpvTT9Y95Ri%2BscNeM%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8193df6049a20153-CDG
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-48whc

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 79ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=621921788454574&ev=PageView&dl=https%3A%2F%2Fwww.backtorootshealth.com%2F&rl=&if=false&ts=1697832294498&sw=1600&sh=1200&ud[external_id]=30d88c4c60c3d3acc424ba49ccaa06a5&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1697832294491.1272043215&cs_est=true&ler=empty&it=1697832294222&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 20 Oct 2023 20:04:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 175ms
122ms Image
image/gif 2606:4700::6811:eff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 20:04:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 1afbef6f-7a4b-4228-af0b-cc0cd3bd31cb
x-envoy-upstream-service-time: 5
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1afbef6f-7a4b-4228-af0b-cc0cd3bd31cb
Last-Modified: Fri, 20 Oct 2023 20:04:54 GMT
Server: cloudflare
X-Trace: 2BBFA43660EAC20825880AF370E111A294562D9C63000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8193df616dbe2a49-CDG

POST
H2 204 matomo.php
crwdmarket.matomo.cloud/ 0
175 B 55ms
54ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/matomo.php
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.backtorootshealth.com
date: Fri, 20 Oct 2023 20:04:56 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 crwd_market.png
7175493.fs1.hubspotusercontent-na1.net/hub/7175493/hubfs/ Frame 029D 2 KB
3 KB 180ms
125ms Image
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7175493.fs1.hubspotusercontent-na1.net/hub/7175493/hubfs/crwd_market.png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48caccda9f544c59672d2251e0c7f50b5c3aba885d2642f6ded832dce7a9c870

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:04:56 GMT
via: 1.1 753abf75c4fb02577e3748ad81a5ead0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-73540437539,P-7175493,FLS-ALL
content-length: 2130
cf-resized: internal=ok/m q=0 n=340+0 c=0+7 v=2023.9.8 l=2130
last-modified: Fri, 13 May 2022 17:00:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfycx960Wfk4a8AsnGVyelHn-wUn9Bg2vL7Sxl6y2PDQ:b5254a5ee7cf91458b235ab00fa79a68"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8193df6efc060161-CDG

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.crwd.shop
URL: https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534

Domain: app.crwd.shop
URL: https://app.crwd.shop/builder/funnelfavicon

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: V9ka0D6Kyaw
.youtube.com/	1970-01-20 19:56:24	Name: VISITOR_INFO1_LIVE Value: -seW93GLaKo
.vimeo.com/	1970-01-20 15:37:14	Name: __cf_bm Value: NXH7i4zFofKWFnvwHRdbPdQx5cAAhXsppo9IX3uKYC8-1697832292-0-AQGD1qfsEguT5Yp4NRgtkIbWuVec14P19RabNnzqNrEOZXzIaNIYuFeJyJg1xggBFdml9L+H/P/doAjP5/vg25g=
.vimeo.com/	1970-01-21 01:13:12	Name: vuid Value: pl1832108363.1524587379
.hubspot.com/	1970-01-20 15:37:14	Name: __cf_bm Value: nB4v7.VRKe4LJDFsfxA3te6YdnanIGWqASJ16tcxHjs-1697832293-0-Ae/xDxDZe+ZZx6iV7RnbpOMQxos5NRcbngqTA2yozJ3EZc7d9A3l3ItZM5M9oZA+GpFwcJP1Y2X3NDyf1iLdba4=
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 24fc7efc91b86160
www.backtorootshealth.com/	1970-01-21 01:03:07	Name: _pk_id.8.092f Value: 5d490acb40444780.1697832294.
www.backtorootshealth.com/	1970-01-20 15:37:14	Name: _pk_ses.8.092f Value: 1
.backtorootshealth.com/	1970-01-20 19:56:24	Name: messagesUtk Value: 8c4f10aa2fbc4d768d903c06aa45d277
www.backtorootshealth.com/	1970-01-20 19:56:24	Name: __hstc Value: 3073967.30d88c4c60c3d3acc424ba49ccaa06a5.1697832294063.1697832294063.1697832294063.1
www.backtorootshealth.com/	1970-01-20 19:56:24	Name: hubspotutk Value: 30d88c4c60c3d3acc424ba49ccaa06a5
www.backtorootshealth.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.backtorootshealth.com/	1970-01-20 15:37:14	Name: __hssc Value: 3073967.1.1697832294064
.backtorootshealth.com/	1970-01-20 17:46:48	Name: _fbp Value: fb.1.1697832294491.1272043215

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=Gilroy:300,400,700 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://app.crwd.shop/builderassets/js/newdropborders.js(Line 1024) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: https://www.backtorootshealth.com/ Message: Access to XMLHttpRequest at 'https://app.crwd.shop/builder/funnelfavicon' from origin 'https://www.backtorootshealth.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.crwd.shop/builder/funnelfavicon Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.backtorootshealth.com/ Message: Access to XMLHttpRequest at 'https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534' from origin 'https://www.backtorootshealth.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7175493.fs1.hubspotusercontent-na1.net
analytics.netflow.co
api.crwd.systems
api.hubapi.com
api.hubspot.com
app.crwd.shop
app.hubspot.com
bam.nr-data.net
cdn.matomo.cloud
connect.facebook.net
crwdmarket.matomo.cloud
cta-service-cms2.hubspot.com
f.vimeocdn.com
firebasestorage.googleapis.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hubspot.com
fresnel.vimeocdn.com
i.vimeocdn.com
js-agent.newrelic.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
player.vimeo.com
s3.us-east-2.amazonaws.com
static.hsappstatic.net
track.hubspot.com
use.fontawesome.com
vimeo.com
www.backtorootshealth.com
www.facebook.com
www.gstatic.com
www.youtube.com
app.crwd.shop
104.18.0.100
146.75.122.109
151.101.128.217
151.101.130.137
162.159.128.61
162.159.138.60
162.247.241.14
2600:9000:2156:3c00:c:7d55:b3c0:93a1
2606:4700:4400::6812:297c
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:be59
2606:4700::6810:e05d
2606:4700::6811:579a
2606:4700::6811:cacc
2606:4700::6811:e6a3
2606:4700::6811:eff9
2606:4700::6811:f8a8
2606:4700::6812:7e0c
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e0::ac40:670b
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:831::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.126.133.169
34.120.202.204
52.219.176.249
92.205.18.172
0102d04028714c5980ffdb5c6a9abf38ca9a968534caba224dac4d323caa9723
01e2e921eca318498b76a61b4bda48169533fb6494744cd2b4c77020b37f50d7
03b48669dd18b1daa29541e38abc183a5c9f8b8aa8b8906a9da8a3522d6d7f45
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
0797ed81895fd659aa5e37d745ed3c44b53b4d5835e764b334e392a6af07309a
085ab8bb50dd2328eac5780f7655253e557474db55025d9ff5a3ad221bb3bdc9
08b6fbd4e3afbd3b2d17508d8d1c96baa10eb5c4dd7931f433562f5a172005c8
091746702ae0e6bf9c2558bb90d25063932f8aaf7d24dfaa31e8059e77fd4547
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
11da99559f956e2daafd50b61e34cb0012f946f644559f8554308f34779f096f
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
164fc1aff1b68513a51cfc4a06365e46bcbf14c196c961d4092c1c5fb847a5b2
19b71ad68338363023517e33fd7de0d1b509f381648184ba5cbff5ee55d2303a
248741ebce79abec3e0b056f3479be99050e73c6c2f93f5e62ebc11bd9d65527
253d5d90a80bdef269ded77176e3e8e7a1b16f4e76f96ff40edddeec63153213
270c8f402a1eb1fe4617d33b37944b6e59c50d0aeb4605500f38f08cefc03191
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87
2ad3356fc08932d03ae05a815019ef02a3d28b3174eae447e59a976f8b7f75e9
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
37aae93ea7f02076671f2d300a5ae3ee69240d1e0d01e6c3bcb3fdcc6a1cd254
3e2256fdb0682f202b2e5227e2655c1a7cc3e2e5e17426009be1e46650134c6c
413237d22e25097e3cee2595c2cedccc0d680158bd638a421aecaa1a7237321f
44fdbaf8124833190133f5ec3804a920b62ca7eb1e63e8ac0b519828d94d3d5c
48caccda9f544c59672d2251e0c7f50b5c3aba885d2642f6ded832dce7a9c870
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
4f80170d4062da04443fca513846269a1a2a3b72ee18b862bbf51e93892b2baf
4fa2877587a2dabba4d33a06ce09e86376056a4f8e751e6725b47eaf7ebf8eb6
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
5378554e87e3ca5bf5814c807c57c8b5b03769cb252de7a36523f0ccb3de6417
54159cdebaebd108c249a74c8405c384cff764e489e4e01a93c37c5cfa576c1c
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5568d7a302a7539f0f5fcd34ca9cc10039c017385e20654de82ed70df4134e0e
5a84c8ca31a1e84ff53569dfcadc07f07513ea1c1d5b66041737d43ee153135d
5acf3ff77b4420677b5923071f303facaba7a9273a346284a667a275df325146
5e51e209c44f498e5d7c3a5c35d5454c37b3c2744746954fa9d759d4a6c08391
61e91a341f0be6f9c99470775b8c68fcb66d05e6b8dc994a7722b7f5367edc1f
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
684d6df6676839133f4c16e07d40f559312fe9dde305ee157f5cf054b0ee516e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d7d7d8806cc310d0fc693af61c94b8ad69d1825b1abc86d4c137d32f8b70212
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9
74df122be2a059f7994950a5c8f6262fff8d9763f381fe6a0c7eaf3877209a17
75c3eb7451cc019dd355b5b1dfb7c7694bc721d2883318c4a92efa52c64571f1
798932e879a71338df9bf6fb7497c00411a9471695d8575208744e53ff6df07b
7c86b101780e386faf6feb276d1b3617ca64b82d3618df24d533f21f1a5ecde9
7f340a2defa886e0fd32def4af9ca322f1136f89338f38bcd5f1d161d60ed07a
7fe48befcf69eb9abf495d891db6c8325a4e21364801035e5206a30ca7e4c443
835477fbc54cd5222d3a9e364a8f9ff52f8512a1c8ccfd5693f1161329fc5fd4
86e96eca26d29def4d4cae47b95f11d12890edae50c304b2d66b61a31115f2fd
890a5d365cd857bab0c7a52b27ba68aa0bab64bc4c8f9e88aaacf5bc74d80601
893d3d9d25d14f4cf85ad29a90f62470e64e592a2b4e2470b47fe7b6e3895bd2
8a255170935ba96644a0f7e53c60652300087d4a2799c274e94c1d6a4dba4767
8cb39ee2e75cd39e84fd60931d906431f35101b375b54b8524d699c3a6c50341
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
93aae5e5904494b5b9243e69690838e810e9f8709bee61742158746c5ed211b2
93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab
9561327d88b1af3a3af6e817b60fc0e7da524b543dd0e8122bed75878f6885e3
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9e3f1b2d413dc05bebcfe17c104549ac0e31b79d2537605e3c2c92ce65e299ff
9fc45702710de3e1b646bec46d5e4f6eed47d3cf571bcf024ca7b7927bd5a82c
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a88b5915a7d3c361f4c8798ea79a5607e28c390d18a7d8ed61d337dd7fcb464f
b25e1557bc6f9c8d9457ef7b0f0f7da1db62ab7128971f16dffff77efb411592
b6d113a2a54337026f4e3253cb769600f754bfe3122ccd4d4cae1642abfe4ae1
b72676d49eb96f3f58aaed334f20b5258aee9fe7769cb4c7de2cf39a2d5ff33e
b732bca54abb8c19181dad21d8323976fad3f16614b26e09be8b502ebc07d987
b98b24a13ed7317d6ca8bd2dd7537e00e79e46ad18299fdd72d73f44125e3948
ba9f1d947ec96deedbc3cf41c48c86f84d10265f93171b8567170e644a200ae9
bd71f4fb37229dbdec8d1f0ac68279c3ca75ef139c5c13b3cd7dc7bd556550d4
be7a3620aed16001114ce273dbc335f61834f92aa58152b2cb7d56a1577d4d47
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c456f6c9217b828f668f4b0ce9f8ae07a72129f19d946106e9442dae7ff5ae71
c6624c409211922875235c5d6af8b75cc248e400a68d633efad4d5e1f1fafe18
c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5
cc8c10ead0e5c334043aac99d78221e7dec39abb3510c45e9ddee8bb2dcd5133
cede88c562588ef7b7772082be99a1e50615ff04264f73e00d14b887f0a2eff9
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
d201e290007b210a8f886b9c72091d1d1410e03a03c6346d75ee733dfaa0544d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd
dd30ebace50c302a53ecb462faca8422cfd87c5bbb1480cde7d685c1f517cd47
df722a7fd19ec510a5a26790663be85339b02fe8d2f514818b06643cdcf83b4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee18470dc8e94477f5f57d92bad8e945701199481e4e4ac1ded391758b1f46a3
effd6d38858ccb5be115f36d992b360a6f8fa07a6ac432c4171a6b49e1c30f7b
f5a7a05a543488f228e50c889218780c81d47197955218934dc3d980f23d0ac8
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fd32983d49e17b973fc686f42603191a94e0cc27c4b19c558d11337106ad2698
fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

www.backtorootshealth.com Open in urlscan Pro 92.205.18.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

98 %HTTPS

66 %IPv6

28 Domains

39 Subdomains

33 IPs

4 Countries

11102 kBTransfer

15189 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.backtorootshealth.com Open in urlscan Pro
92.205.18.172 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

98 %
HTTPS

66 %
IPv6

28
Domains

39
Subdomains

33
IPs

4
Countries

11102 kB
Transfer

15189 kB
Size

14
Cookies

126 HTTP transactions
0 data transactions