www.backtorootshealth.com Open in urlscan Pro
92.205.18.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.backtorootshealth.com/
Effective URL:
https://www.backtorootshealth.com/
Submission: On February 01 via api (February 1st 2024, 3:47:23 am UTC) from US — Scanned from FR

Summary HTTP 119 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 26 domains to perform 119 HTTP transactions. The main IP is 92.205.18.172, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is www.backtorootshealth.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 30th 2023. Valid for: 3 months.

This is the only time www.backtorootshealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	92.205.18.172 92.205.18.172	21499 (GODADDY-SXB) (GODADDY-SXB)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	52.219.108.89 52.219.108.89	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7b0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:faa8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e4a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:599a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
3	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.0.100 104.18.0.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:26d... 2600:9000:26db:3600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:b05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:bb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
119	29

32 92.205.18.172 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: 172.18.205.92.host.secureserver.net

www.backtorootshealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.crwd.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.netflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.108.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7b0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:faa8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:599a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.0.100 (None, )

ASN13335 (CLOUDFLARENET, US)

api.crwd.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:3600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

crwdmarket.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:b05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

7175493.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	crwd.shop app.crwd.shop	2 MB
20	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 3376 f.vimeocdn.com — Cisco Umbrella Rank: 3581 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3504	617 KB
17	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 firebasestorage.googleapis.com — Cisco Umbrella Rank: 6821	6 MB
10	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4876 app.hubspot.com — Cisco Umbrella Rank: 5571 track.hubspot.com — Cisco Umbrella Rank: 2301 forms.hubspot.com — Cisco Umbrella Rank: 5234 js.hubspot.com — Cisco Umbrella Rank: 4796 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4669	52 KB
6	gstatic.com www.gstatic.com	58 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5660	306 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 17043 crwdmarket.matomo.cloud	59 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1876 vimeo.com — Cisco Umbrella Rank: 1792	21 KB
3	netflow.co analytics.netflow.co	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	70 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	69 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4534 forms.hscollectedforms.net — Cisco Umbrella Rank: 4621	26 KB
2	amazonaws.com s3.us-east-2.amazonaws.com
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	171 KB
2	backtorootshealth.com 1 redirects www.backtorootshealth.com	2 MB
1	hubspotusercontent-na1.net 7175493.fs1.hubspotusercontent-na1.net	3 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 5196	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 6564	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3557	1 KB
1	crwd.systems api.crwd.systems	653 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3251	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4841	24 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4975	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2120	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2148	16 KB
119	26

	Domain	Requested by
27	app.crwd.shop	www.backtorootshealth.com app.crwd.shop
14	firebasestorage.googleapis.com	www.backtorootshealth.com
10	i.vimeocdn.com	www.backtorootshealth.com player.vimeo.com f.vimeocdn.com
8	f.vimeocdn.com	player.vimeo.com
6	www.gstatic.com	f.vimeocdn.com www.gstatic.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	crwdmarket.matomo.cloud	cdn.matomo.cloud
3	fonts.googleapis.com	www.backtorootshealth.com
3	analytics.netflow.co	www.backtorootshealth.com analytics.netflow.co
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	api.hubspot.com	js.usemessages.com
2	www.youtube.com	app.crwd.shop www.youtube.com
2	player.vimeo.com	app.crwd.shop
2	s3.us-east-2.amazonaws.com	www.backtorootshealth.com
2	use.fontawesome.com	www.backtorootshealth.com use.fontawesome.com
2	www.backtorootshealth.com	1 redirects
1	7175493.fs1.hubspotusercontent-na1.net
1	perf-na1.hsforms.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hubspot.com	js-na1.hs-scripts.com
1	www.facebook.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	cdn.matomo.cloud	app.crwd.shop
1	vimeo.com	f.vimeocdn.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	api.crwd.systems	app.crwd.shop
1	js.hscollectedforms.net	app.crwd.shop
1	js.hsadspixel.net	app.crwd.shop
1	js.usemessages.com	app.crwd.shop
1	js.hsleadflows.net	app.crwd.shop
1	js.hs-analytics.net	app.crwd.shop
1	js.hs-banner.com	app.crwd.shop
119	37

This site contains no links.

Subject Issuer	Validity	Valid
backtorootshealth.com cPanel, Inc. Certification Authority	`2023-11-30` - `2024-02-28`	3 months	crt.sh
app.crwd.shop cPanel, Inc. Certification Authority	`2024-01-18` - `2024-04-17`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
analytics.netflow.co cPanel, Inc. Certification Authority	`2024-01-11` - `2024-04-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
player.vimeo.com E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
api.crwd.systems E1	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-10` - `2024-02-08`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.backtorootshealth.com/
Frame ID: 2B7B25256BE26E93D56101C249534BD7
Requests: 80 HTTP requests in this frame

Frame: https://player.vimeo.com/video/725141484
Frame ID: F8E07DA913E635BA505BBC2DF0F72B49
Requests: 12 HTTP requests in this frame

Frame: https://player.vimeo.com/video/578093692
Frame ID: 526D68CD834BC7E1EA52C6EF0B169E24
Requests: 15 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/21f3186af3f84ecb8e6f3d102278859f?uuid=d06fd9f44944403e91dccb27ee908133&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 6AEFA97641CA1E2CAEFBCFBB9F06F377
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Back to Roots Health - PureCBD Products

Page URL History Show full URLs

http://www.backtorootshealth.com/ HTTP 301
https://www.backtorootshealth.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

119
Requests

98 %
HTTPS

71 %
IPv6

26
Domains

37
Subdomains

29
IPs

4
Countries

11033 kB
Transfer

14995 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.backtorootshealth.com/ HTTP 301
https://www.backtorootshealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

119 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.backtorootshealth.com/
Redirect Chain

http://www.backtorootshealth.com/
https://www.backtorootshealth.com/

2 MB
2 MB

127ms
70ms

Document
text/html

92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash: 19b71ad68338363023517e33fd7de0d1b509f381648184ba5cbff5ee55d2303a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Feb 2024 03:47:16 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 01 Feb 2024 03:47:16 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.backtorootshealth.com/
Server: Apache

GET
H/1.1 200
OK style.css
app.crwd.shop/builderassets/css/ 64 KB
64 KB 131ms
31ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/style.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

835477fbc54cd5222d3a9e364a8f9ff52f8512a1c8ccfd5693f1161329fc5fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Jan 2023 15:03:16 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 65219
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK form-styles.css
app.crwd.shop/builderassets/css/ 5 KB
6 KB 128ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/form-styles.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

74df122be2a059f7994950a5c8f6262fff8d9763f381fe6a0c7eaf3877209a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:27:57 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5611
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK order-form-styles.css
app.crwd.shop/builderassets/css/ 13 KB
13 KB 129ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/order-form-styles.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

3e2256fdb0682f202b2e5227e2655c1a7cc3e2e5e17426009be1e46650134c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:27:58 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13383
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.css
app.crwd.shop/builderassets/css/jquery/ 38 KB
38 KB 167ms
35ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/jquery/jquery-ui.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:21 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 38638
X-XSS-Protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v6.2.1/css/ 100 KB
23 KB 69ms
29ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 321012
etag: W/"8bb6644125ddeee7a27732e86f65fa05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJFFPkAMmNhVHiANF2wbxs2FWUsxpDyji9ZzWop8TWv8zYf0oJue5uMqU8B43asJtMs8RU4d6GyZBTxRhA48ugtLSBuaVkprwu%2Bi3Cg2G7O%2FcKmUMf9va9qz6VbIQZEtF5o5Zk266njNSGst5RdHhqS9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 84e7364ee951697a-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK bootstrap.min.css
app.crwd.shop/builderassets/css/bootstrap/ 156 KB
156 KB 175ms
43ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/bootstrap/bootstrap.min.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:09 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 159521
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dropborders.css
app.crwd.shop/builderassets/css/ 2 KB
3 KB 193ms
40ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/dropborders.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

c456f6c9217b828f668f4b0ce9f8ae07a72129f19d946106e9442dae7ff5ae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Jan 2023 14:14:06 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2407
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick-theme.css
app.crwd.shop/builderassets/css/slick/ 3 KB
4 KB 193ms
39ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/slick/slick-theme.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:23 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3347
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.css
app.crwd.shop/builderassets/css/slick/ 2 KB
2 KB 194ms
39ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/slick/slick.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:23 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1893
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontello.css
app.crwd.shop/builderassets/css/icon-picker/ 37 KB
37 KB 128ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/icon-picker/fontello.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

5568d7a302a7539f0f5fcd34ca9cc10039c017385e20654de82ed70df4134e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:15 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.min.css
app.crwd.shop/builderassets/css/owlcarousel/ 3 KB
4 KB 126ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/owlcarousel/owl.carousel.min.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:21 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3356
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK quill.bubble.css
app.crwd.shop/builderassets/css/quill/ 27 KB
27 KB 129ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/quill/quill.bubble.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

dd30ebace50c302a53ecb462faca8422cfd87c5bbb1480cde7d685c1f517cd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:22 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27748
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
analytics.netflow.co/js/ 729 B
1 KB 1281ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.netflow.co/js/script.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Dec 2021 00:12:32 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 729
X-XSS-Protection: 1; mode=block
Expires: Fri, 31 Jan 2025 03:47:18 GMT

GET
H/1.1 200
OK chatscript.js Show response
app.crwd.shop/builderassets/js/ 3 KB
3 KB 223ms
27ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/chatscript.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4fa2877587a2dabba4d33a06ce09e86376056a4f8e751e6725b47eaf7ebf8eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 May 2022 10:09:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2886
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
837 B 88ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 03:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 01:58:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 03:47:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
580 B 89ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,700

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be7a3620aed16001114ce273dbc335f61834f92aa58152b2cb7d56a1577d4d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 03:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 03:20:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 03:47:16 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 90ms
34ms Stylesheet
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Gilroy:300,400,700
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 images%2FWvUEHM6UGV
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 8 KB
9 KB 292ms
222ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FWvUEHM6UGV?alt=media&token=1932bedd-eb3c-4a35-82a0-623954ccb9f7
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d201e290007b210a8f886b9c72091d1d1410e03a03c6346d75ee733dfaa0544d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPrDEshqnJC3J4iK7qjbpiRIyzxugsfbS68s1RDYnjBghYH_vlI4H6xcFXoluOJM18W8k0eeQEwdHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''WvUEHM6UGV
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8491
last-modified: Wed, 08 Jun 2022 12:41:41 GMT
server: UploadServer
etag: "930c239ec4b82eb49170fe3647a8ca34"
x-goog-generation: 1654692101925228
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=5uAoEQ==, md5=kwwjnsS4LrSRcP42R6jKNA==
cache-control: private, max-age=0
x-goog-stored-content-length: 8491
x-goog-meta-firebasestoragedownloadtokens: 1932bedd-eb3c-4a35-82a0-623954ccb9f7
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FwWDCEorPvw
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 586 KB
587 KB 364ms
295ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FwWDCEorPvw?alt=media&token=7f550f83-31d9-48bb-b0a4-ea972013e958
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 684d6df6676839133f4c16e07d40f559312fe9dde305ee157f5cf054b0ee516e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPoVqwEnrL72eooH6a74JTxvCbc6F8O55QJAegIOyod5fDtnuFkdfDnKl3JfQIxWC1saaRP2rc69mg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wWDCEorPvw
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 599989
last-modified: Wed, 08 Jun 2022 11:24:09 GMT
server: UploadServer
etag: "a09e30d38d09f2321f0dd86c84194f6c"
x-goog-generation: 1654687449356484
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=zVpnng==, md5=oJ4w040J8jIfDdhshBlPbA==
cache-control: private, max-age=0
x-goog-stored-content-length: 599989
x-goog-meta-firebasestoragedownloadtokens: 7f550f83-31d9-48bb-b0a4-ea972013e958
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FuBJuvyf0A0
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 251 KB
252 KB 312ms
310ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FuBJuvyf0A0?alt=media&token=b052078c-1f60-4010-857c-6cffa90cb0a8
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5e51e209c44f498e5d7c3a5c35d5454c37b3c2744746954fa9d759d4a6c08391

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPqYLm-oFGK_slqmmcBvmcz8HA1DaSA5CMgXOvLzTPGg1aR5DIIQLHGHqJNh_z1Spq7YDkCXFYmt2Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''uBJuvyf0A0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257340
last-modified: Fri, 10 Jun 2022 17:20:39 GMT
server: UploadServer
etag: "c359640f5fcb286bd68306ffd8d6691e"
x-goog-generation: 1654881639304720
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=FRV2Hg==, md5=w1lkD1/LKGvWgwb/2NZpHg==
cache-control: private, max-age=0
x-goog-stored-content-length: 257340
x-goog-meta-firebasestoragedownloadtokens: b052078c-1f60-4010-857c-6cffa90cb0a8
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2Fxb3UpwJYcp
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 566 KB
567 KB 240ms
237ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fxb3UpwJYcp?alt=media&token=ebcbf229-a33d-480c-affe-e2001c0643fb
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cc8c10ead0e5c334043aac99d78221e7dec39abb3510c45e9ddee8bb2dcd5133

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPrVWAt2y5j5IhOIrk2QwAGlG3dP7NN8R6x4lTxcofUlOeQugnJRO3_I8Q1z9pWr7bskVt-qNILg-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''xb3UpwJYcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579554
last-modified: Fri, 10 Jun 2022 17:20:40 GMT
server: UploadServer
etag: "289fcc256cc9436845ff59ec0f9e8be2"
x-goog-generation: 1654881640306830
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=FrLpmw==, md5=KJ/MJWzJQ2hF/1nsD56L4g==
cache-control: private, max-age=0
x-goog-stored-content-length: 579554
x-goog-meta-firebasestoragedownloadtokens: ebcbf229-a33d-480c-affe-e2001c0643fb
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FM84LeeMiuz
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 742 KB
743 KB 313ms
312ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FM84LeeMiuz?alt=media&token=950f2ee2-f6a6-4228-bbbf-71c6b5f6df84
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c6624c409211922875235c5d6af8b75cc248e400a68d633efad4d5e1f1fafe18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPorW6RGZBR3IdnzmYBgbp2o2aHSR1ENlyvhxt4Z8IR9GfoA52enU3JDJTmpEnGkVZa0c5sVGVgH3A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''M84LeeMiuz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 759803
last-modified: Fri, 10 Jun 2022 17:20:40 GMT
server: UploadServer
etag: "84e40b5bc148876a1b8e9056bcca4787"
x-goog-generation: 1654881640415078
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=KGQoWA==, md5=hOQLW8FIh2objpBWvMpHhw==
cache-control: private, max-age=0
x-goog-stored-content-length: 759803
x-goog-meta-firebasestoragedownloadtokens: 950f2ee2-f6a6-4228-bbbf-71c6b5f6df84
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H/1.1 404
Not Found crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg
s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/ 0
0 367ms
140ms Image
application/xml 52.219.108.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.108.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 images%2FwIjSQ9Rrjc
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 467 KB
467 KB 434ms
433ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FwIjSQ9Rrjc?alt=media&token=8519486f-4e90-4a00-b203-e90aece6150f
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 798932e879a71338df9bf6fb7497c00411a9471695d8575208744e53ff6df07b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPq4zY_87W9UVkHfIJCyhpGY4QEJKvCvcoTdeo-LvhprG-_gi6yWWk2VOPh9w3mPZJteMx5f3v1Rtg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wIjSQ9Rrjc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477884
last-modified: Tue, 07 Jun 2022 14:10:59 GMT
server: UploadServer
etag: "971acf936d74c69bdd785e7d6d6249d8"
x-goog-generation: 1654611059474037
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=pniEgw==, md5=lxrPk210xpvdeF59bWJJ2A==
cache-control: private, max-age=0
x-goog-stored-content-length: 477884
x-goog-meta-firebasestoragedownloadtokens: 8519486f-4e90-4a00-b203-e90aece6150f
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FIvSNRDwu85
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 555 KB
555 KB 290ms
289ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FIvSNRDwu85?alt=media&token=e9f17d70-5db1-4fb7-bd38-7820cce5949a
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fe48befcf69eb9abf495d891db6c8325a4e21364801035e5206a30ca7e4c443

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPowgddbuI0tfKy4ba2EDpXpxVEbvzRr1oVXKrA1x0nybNMoYC3p7XaUS0itHr9ZoYlph6RwRJ2hng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''IvSNRDwu85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 568136
last-modified: Tue, 07 Jun 2022 13:37:14 GMT
server: UploadServer
etag: "092e9c816ac698c9feff64591adcdced"
x-goog-generation: 1654609034382077
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Z/Hueg==, md5=CS6cgWrGmMn+/2RZGtzc7Q==
cache-control: private, max-age=0
x-goog-stored-content-length: 568136
x-goog-meta-firebasestoragedownloadtokens: e9f17d70-5db1-4fb7-bd38-7820cce5949a
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FIhxHKBRA0c
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 342 KB
342 KB 364ms
363ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FIhxHKBRA0c?alt=media&token=9617922e-69a7-4568-b5e9-415f9509af52
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b25e1557bc6f9c8d9457ef7b0f0f7da1db62ab7128971f16dffff77efb411592

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPoegUcFOdHx5EHpVCejhrcpWYgEmTMEQLy4dCHwGzzO7cbGzAcEC5O7ptTYZP0ThWunJANz0t4mIg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''IhxHKBRA0c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349888
last-modified: Mon, 14 Mar 2022 12:41:12 GMT
server: UploadServer
etag: "172a3870375fb95f99ccb6fa17040024"
x-goog-generation: 1647261672630151
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=ZWFqSw==, md5=Fyo4cDdfuV+ZzLb6FwQAJA==
cache-control: private, max-age=0
x-goog-stored-content-length: 349888
x-goog-meta-firebasestoragedownloadtokens: 9617922e-69a7-4568-b5e9-415f9509af52
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FRve22yAjiP
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 42 KB
43 KB 332ms
331ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FRve22yAjiP?alt=media&token=c98bc946-7a5d-45c8-b037-08a5c0740e38
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7f340a2defa886e0fd32def4af9ca322f1136f89338f38bcd5f1d161d60ed07a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPr_d-wHk3TcgGVsV0Th8QslDc-BEccGE1v3akNUBxa6IYp9U1kzp77WWzSDMrmFrVy0A9AdlqnWIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''Rve22yAjiP
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43278
last-modified: Tue, 05 Jul 2022 13:14:14 GMT
server: UploadServer
etag: "297ad51e60176a31a4809426476b1ef0"
x-goog-generation: 1657026854052211
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=WJeLmA==, md5=KXrVHmAXajGkgJQmR2se8A==
cache-control: private, max-age=0
x-goog-stored-content-length: 43278
x-goog-meta-firebasestoragedownloadtokens: c98bc946-7a5d-45c8-b037-08a5c0740e38
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2Fwrgz2x79Rh
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 652 KB
653 KB 312ms
311ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fwrgz2x79Rh?alt=media&token=464e39e7-0014-48fe-a7f2-03fe00343182
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 085ab8bb50dd2328eac5780f7655253e557474db55025d9ff5a3ad221bb3bdc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPqgJkWYplx0vv3NnCge32FU10XCrKgpZD33Grgz2rdTofTX9zYNivDRoxbAZbQgENNrr1U2SnfwDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wrgz2x79Rh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667764
last-modified: Tue, 05 Jul 2022 13:14:38 GMT
server: UploadServer
etag: "89b0e1f528e1da6cb18c59a4d2d5fbd4"
x-goog-generation: 1657026878188135
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=zwwMJw==, md5=ibDh9Sjh2myxjFmk0tX71A==
cache-control: private, max-age=0
x-goog-stored-content-length: 667764
x-goog-meta-firebasestoragedownloadtokens: 464e39e7-0014-48fe-a7f2-03fe00343182
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2FeinIcpx5ZU
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 1 MB
1 MB 365ms
364ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FeinIcpx5ZU?alt=media&token=fc8cfda7-29de-45d7-9317-2df75e73e856
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 01e2e921eca318498b76a61b4bda48169533fb6494744cd2b4c77020b37f50d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPpfeeaKXATH2y59vQSrz5VCVRS-wDrVXC1eDOvxmOVQIvc5J3w760-KXs0wElSiRffOY-aR7QttNA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''einIcpx5ZU
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281555
last-modified: Thu, 13 Oct 2022 15:51:37 GMT
server: UploadServer
etag: "09fb7651c92975b7b43144b9a8efab1a"
x-goog-generation: 1665676297931223
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=HqnHTw==, md5=Cft2Uckpdbe0MUS5qO+rGg==
cache-control: private, max-age=0
x-goog-stored-content-length: 1281555
x-goog-meta-firebasestoragedownloadtokens: fc8cfda7-29de-45d7-9317-2df75e73e856
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 images%2Fu4YDa6wzAx
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 664 B
982 B 330ms
330ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fu4YDa6wzAx?alt=media&token=7e363f81-97ca-466b-9cc8-9f47d4f4f3bc
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0102d04028714c5980ffdb5c6a9abf38ca9a968534caba224dac4d323caa9723

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPrFm6bDeJ9vcm6BrX4v7-0NK54vxOxhhpWTJhCkDYq4j06-feqWV0dB_yHK6-Wr6XzwC3ftc-TWZQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''u4YDa6wzAx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664
last-modified: Sat, 12 Mar 2022 11:56:21 GMT
server: UploadServer
etag: "32376b43fcc3e8da72340818b1c6987c"
x-goog-generation: 1647086181014229
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=6T+cjg==, md5=MjdrQ/zD6NpyNAgYscaYfA==
cache-control: private, max-age=0
x-goog-stored-content-length: 664
x-goog-meta-firebasestoragedownloadtokens: 7e363f81-97ca-466b-9cc8-9f47d4f4f3bc
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H/1.1 404
Not Found crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg
s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/ 0
0 358ms
130ms Image
application/xml 52.219.108.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.108.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
app.crwd.shop/builderassets/js/jquery/ 87 KB
88 KB 33ms
31ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/jquery/jquery-3.5.1.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:39 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 89476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.js Show response
app.crwd.shop/builderassets/js/jquery/ 527 KB
527 KB 31ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/jquery/jquery-ui.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:40 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 539419
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK popper.min.js Show response
app.crwd.shop/builderassets/js/bootstrap/ 21 KB
21 KB 30ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/bootstrap/popper.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:30 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21260
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
app.crwd.shop/builderassets/js/bootstrap/ 59 KB
59 KB 29ms
27ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/bootstrap/bootstrap.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:29 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 60016
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.zoom.min.js Show response
app.crwd.shop/builderassets/js/zoom/ 3 KB
3 KB 32ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/zoom/jquery.zoom.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

b732bca54abb8c19181dad21d8323976fad3f16614b26e09be8b502ebc07d987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2621
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.min.js Show response
app.crwd.shop/builderassets/js/slick/ 42 KB
42 KB 31ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/slick/slick.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:41 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 42862
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK countdown.min.js Show response
app.crwd.shop/builderassets/js/countdown/ 7 KB
8 KB 28ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/countdown/countdown.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

effd6d38858ccb5be115f36d992b360a6f8fa07a6ac432c4171a6b49e1c30f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:32 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7329
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.min.js Show response
app.crwd.shop/builderassets/js/owlcarousel/ 43 KB
44 KB 28ms
27ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/owlcarousel/owl.carousel.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:40 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 44348
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK newdropborders.js Show response
app.crwd.shop/builderassets/js/ 69 KB
70 KB 28ms
27ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/newdropborders.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

890a5d365cd857bab0c7a52b27ba68aa0bab64bc4c8f9e88aaacf5bc74d80601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Feb 2023 15:47:20 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 70854
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK affiliate.js Show response
app.crwd.shop/builderassets/js/ 13 KB
13 KB 27ms
27ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/affiliate.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

b6d113a2a54337026f4e3253cb769600f754bfe3122ccd4d4cae1642abfe4ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Jan 2023 16:38:24 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 13272
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK youtube_background.min.js Show response
app.crwd.shop/builderassets/js/ytbg/ 10 KB
11 KB 28ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/ytbg/youtube_background.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

61e91a341f0be6f9c99470775b8c68fcb66d05e6b8dc994a7722b7f5367edc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10638
X-XSS-Protection: 1; mode=block

GET
H2 200 7175493.js Show response
js.hs-banner.com/ 61 KB
16 KB 351ms
310ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7175493.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b93ee922aef4b32a74bb69860099d2e7f7cba817fe6211af7bff9c54e4b769eb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-amz-version-id: ET60Sn38xgJb6fHLF2t7QI1NpxwxfL_j
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: XB8H5HAYBZM7Z7DM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 9fffa1ee-5848-4574-a6de-d9fdf9208ed1
x-envoy-upstream-service-time: 85
x-amz-id-2: Q0bxW/SltzMLi9qTIz5y+xZ1piO2CtBhvnOSpql6hqwSBBgIjmwsoQpSyQo+zNcveCD8zqDv9YM=
x-evy-trace-listener: listener_https
x-request-id: 9fffa1ee-5848-4574-a6de-d9fdf9208ed1
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 19 Jan 2024 14:34:58 GMT
server: cloudflare
etag: W/"df15e13fca7e3904e9f43d5852c923f7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://cosmospawellness.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-97zpv
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 84e73650aeb6701a-CDG
expires: Thu, 01 Feb 2024 03:52:17 GMT

GET
H2 200 7175493.js Show response
js.hs-analytics.net/analytics/1652460000000/ 67 KB
21 KB 180ms
142ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1652460000000/7175493.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29002d6e551b0d284fc7495fa4bdd4fed8f9ea686e152bf6b89e81a379ac929e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 8CW3S3FM1DVSK4JG
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 24ca2317-05cc-4c48-ba73-3d0aaf81ca88
x-envoy-upstream-service-time: 22
x-amz-id-2: bYhZLvEc+FkFBB4M89TT/Lv9hXucMoocaZAhozx/C1gE4JkImdamJ92sKw/Qpdw7fStOvLihiSU=
x-evy-trace-listener: listener_https
x-request-id: 24ca2317-05cc-4c48-ba73-3d0aaf81ca88
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:39:18 GMT
server: cloudflare
etag: W/"65db8721766edd439c16719baba5cc89"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-855d6bfb88-zmvzs
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 84e73650bfdc2a1f-CDG
expires: Thu, 01 Feb 2024 03:52:17 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 262ms
222ms Script
application/javascript 2606:4700::6812:7b0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7b0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49a5d05ca41478b31f51cc2539a75937c3f921540aa90116a8f609e094d1811

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1301/bundle/main/lead-flows-release.js&cfRay=84e73650bb51d36f-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"8a35e91df79ea2127dd121bdbbef865e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1301/bundle/main/lead-flows-release.js
date: Thu, 01 Feb 2024 03:47:17 GMT
x-amz-version-id: z6CxNR7tOyvY9WtgJDh3TL771JIvwERG
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 781d62d2-1b23-4584-ae9b-c5d54ca4f533
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 84
x-evy-trace-route-configuration: listener_https/all
x-request-id: 781d62d2-1b23-4584-ae9b-c5d54ca4f533
last-modified: Wed, 03 Jan 2024 10:02:41 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-lqtcn
cf-ray: 84e73650bb51d36f-CDG
x-amz-cf-id: oVC-9j8aRI4-gU8qsjNtdQUyTObTmf-BuodJt0uv3jd9PLIlF7iMFA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 72ms
25ms Script
application/javascript 2606:4700::6811:faa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f02346ff32981bfd84b583b897bb86929cd0766f3be6edb7955b0cbb6a4486

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-amz-version-id: Z_NdX.Tfh0BDuVC8GbJSkntuE8i.GL_I
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 218
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15266/bundles/project.js&cfRay=84e730fd1867d67a-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 06481269-ea24-41ad-b3eb-ef073825c1fc
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 06481269-ea24-41ad-b3eb-ef073825c1fc
last-modified: Fri, 26 Jan 2024 14:19:32 UTC
server: cloudflare
etag: W/"3c966aa247d07af07df5431d0d68e3ac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-4krzl
cf-ray: 84e73650c8d002dd-CDG
x-amz-cf-id: YfoZOiop1otlAzt8qv8CADtxk5NU8eeOe641RvQKY_Q75lYZ445BSw==
x-hs-target-asset: conversations-embed/static-1.15266/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 66ms
27ms Script
application/javascript 2606:4700::6811:e4a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91d1bde942744d48fec9019c7b87b351f7a165e544d59fcbb4e43f3309be4ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-amz-version-id: gvApL1OxjF_N9vv.KngIIs22vbExO7Ym
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 417
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.514/bundles/pixels-release.js&cfRay=84e72c2228bd7847-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 4fc0c7cc-46a9-452d-98df-26972a2a1856
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4fc0c7cc-46a9-452d-98df-26972a2a1856
last-modified: Tue, 23 Jan 2024 14:51:49 UTC
server: cloudflare
etag: W/"67b4606337c5c72b80dacfb036530227"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-b77s7
cf-ray: 84e73650dfc5d29b-CDG
x-amz-cf-id: 4p3o8F_NpaCwvxX6d6THtwqiPc5BusRPietCm-CXSMq-ydTBCtBVtw==
x-hs-target-asset: adsscriptloaderstatic/static-1.514/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 220ms
162ms Script
application/javascript 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.451/bundles/project.js&cfRay=84e736512d1c018e-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"dc52d8d37d1323196ca91b50795df6c4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.451/bundles/project.js
date: Thu, 01 Feb 2024 03:47:17 GMT
x-amz-version-id: JAkD5shSwdxe4gNEROP8R.wQbdFvcCSE
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 72e6e3b4-5add-4857-a3c0-532909d32f24
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 38
x-evy-trace-route-configuration: listener_https/all
x-request-id: 72e6e3b4-5add-4857-a3c0-532909d32f24
last-modified: Wed, 03 Jan 2024 09:59:36 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-9r7nc
cf-ray: 84e736512d1c018e-CDG
x-amz-cf-id: f_BJuhNSOCgRHSkde1Q3oFoGg2crmW_uMUPA1pDupb8wf0GkmfJWZw==

GET
H2 200 images%2F7mDGNENEg5
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 273 KB
274 KB 266ms
266ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2F7mDGNENEg5?alt=media&token=db6addb3-de38-429a-aaa3-7c6f52ef3870
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f5a7a05a543488f228e50c889218780c81d47197955218934dc3d980f23d0ac8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPrtx6iyTldXRYidyXxhk2xAdiYXiALbNDNBzZCc3Xb4HyplEAzrNDv_dl8qmzsq0SU2zDGe7xY7bw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''7mDGNENEg5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279873
last-modified: Tue, 07 Jun 2022 13:28:39 GMT
server: UploadServer
etag: "efb313177f22e88320d743d1d6d75e98"
x-goog-generation: 1654608519252916
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=QuH+og==, md5=77MTF38i6IMg10PR1tdemA==
cache-control: private, max-age=0
x-goog-stored-content-length: 279873
x-goog-meta-firebasestoragedownloadtokens: db6addb3-de38-429a-aaa3-7c6f52ef3870
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d_640
i.vimeocdn.com/video/ 18 KB
18 KB 607ms
563ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d_640
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e32d0e21562d2e3246d10b05162357b6534bae3aeca593784b15c5e2f006b31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: MISS, MISS
content-length: 17939
x-served-by: cache-dfw-kdfw8210031-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759237.227395,VS0,VE545
etag: "0af9fc193b3d0db7aef3a4b048025501"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 images%2FsLLvuNVvZ0
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 358 KB
358 KB 352ms
352ms Image
image/jpeg 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FsLLvuNVvZ0?alt=media&token=2cc4c93a-a7f9-42f2-bfc7-1ad61e8ad668
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 03b48669dd18b1daa29541e38abc183a5c9f8b8aa8b8906a9da8a3522d6d7f45

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
x-guploader-uploadid: ABPtcPpGZAFMFH3MWNVCzvjNOF6kSZiIFqE2m71OUQkFz2M8YQRZM1AfSm0VxmkkwGMYnkC-Lc58GwrQ5Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''sLLvuNVvZ0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366145
last-modified: Thu, 10 Mar 2022 16:52:18 GMT
server: UploadServer
etag: "c2f96ebea5d08c788bc91c0dc6c3a5dd"
x-goog-generation: 1646931138821842
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=Z2WL2w==, md5=wvluvqXQjHiLyRwNxsOl3Q==
cache-control: private, max-age=0
x-goog-stored-content-length: 366145
x-goog-meta-firebasestoragedownloadtokens: 2cc4c93a-a7f9-42f2-bfc7-1ad61e8ad668
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H/1.1 200
OK Gilroy-Regular.ttf
app.crwd.shop/builderassets/css/fonts/ 142 KB
142 KB 198ms
28ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Gilroy-Regular.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:11 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 145148
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Gilroy-Bold.ttf
app.crwd.shop/builderassets/css/fonts/ 134 KB
134 KB 386ms
64ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Gilroy-Bold.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:11 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 137256
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat.ttf
app.crwd.shop/builderassets/css/fonts/ 43 KB
43 KB 485ms
27ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Montserrat.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

8a255170935ba96644a0f7e53c60652300087d4a2799c274e94c1d6a4dba4767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:12 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 43924
X-XSS-Protection: 1; mode=block

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.2.1/webfonts/ 147 KB
148 KB 190ms
152ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "328a9d0f59f0ebb55cddac6f39995bea"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKWrE4tuAThBovbAmDuJlHNlG14B75yWnjcjXrvMF%2BBPllrGZU8LnaYHLe0%2B5BcDcoCPCxnKpNginlUvJYy%2FDUvlKaIHxPPxEy2%2FUhYCacX5mI7DBnUcqHZJwBpCCICzzncNJ%2FgKDX0dG6twNXQr5CLH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84e736509fc4d65a-CDG
alt-svc: h3=":443"; ma=86400
content-length: 150516

GET
H/1.1 200
OK Roboto-Slab-Regular.ttf
app.crwd.shop/builderassets/css/fonts/ 118 KB
119 KB 510ms
27ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Roboto-Slab-Regular.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

6d7d7d8806cc310d0fc693af61c94b8ad69d1825b1abc86d4c137d32f8b70212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:12 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 121060
X-XSS-Protection: 1; mode=block

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d_640
i.vimeocdn.com/video/ 35 KB
35 KB 261ms
261ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d_640
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 56c34e5cfdbdc3f561556d18e4398f117cf938c7feb99ceaa67c21b9cead99f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 1926053
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 35480
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120095-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759237.274231,VS0,VE224
etag: "d8da011304aaa9735bd8fc99d09ababd"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 59, 0

GET stepsTracker.php
app.crwd.shop/builderassets/php/ 0
0

POST funnelfavicon
app.crwd.shop/builder/ 0
0

GET
H/1.1 200
OK 725141484 Show response
player.vimeo.com/video/ Frame F8E0 20 KB
10 KB 668ms
623ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/725141484

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/newdropborders.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7efe6e57752a0100b359eeb0299ec9efb9043a4cb916e59b024c8fe2ccc82e2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84e736518bb902a5-CDG
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Feb 2024 03:47:17 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-mad22044-MAD
X-Timer: S1706759237.383568,VS0,VE577
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-7bb6c4d99-zhrjb
x-content-type-options: nosniff
x-host: player-backend-7bb6c4d99-zhrjb
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 578093692 Show response
player.vimeo.com/video/ Frame 526D 20 KB
10 KB 281ms
235ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/578093692

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/newdropborders.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

178987f9a593186afd3e5dee03350d397514259a4aaaf0b6c5cdc7f567f4e1f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84e736518b317910-CDG
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Feb 2024 03:47:17 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-mad2200086-MAD
X-Timer: S1706759237.385557,VS0,VE178
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-7bb6c4d99-x5xp7
x-content-type-options: nosniff
x-host: player-backend-7bb6c4d99-x5xp7
x-player-backend: g
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
api.crwd.systems/v1/ 155 B
653 B 637ms
514ms Fetch
application/json 104.18.0.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.crwd.systems/v1/graphql

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/affiliate.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.0.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

164fc1aff1b68513a51cfc4a06365e46bcbf14c196c961d4092c1c5fb847a5b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 0
x-request-id: e3e7f5729070d3f39b80af207a61ecc9
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
access-control-expose-headers: X-Hasura-Query-Cache-Key,X-Hasura-Query-Family-Cache-Key,Warning
access-control-allow-credentials: true
cf-ray: 84e736522e3d02c7-CDG

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 128ms
72ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/ytbg/youtube_background.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

276af2b9ae1b1daae8bcd2166ed84ad35f28c870cc050e31afa80b309c0faf50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 01 Feb 2024 03:47:17 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 192ms
145ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7175493&conversations-embed=static-1.15266&mobile=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&traceId=21f3186af3f84ecb8e6f3d102278859f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.backtorootshealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.backtorootshealth.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 84e73651ad0a2a0a-CDG
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 01 Feb 2024 03:47:17 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGggznKIHHrJnZJEDcjYnC0g0pGSfRa1248rDji5AkgFKyPaBS1ClL4c1fXq4XmOAv0OqoeVmP99vEDq5k0xmGrLLNue1gZQp0QBhNk%2FqHcVAZdU2n7oTa2ENaRSjFKVhGKRJ7Nb6%2FFj2mDdgw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-rgs8h
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: b26c8221-20f8-4366-b6a9-67ccef5dc373
x-request-id: b26c8221-20f8-4366-b6a9-67ccef5dc373
x-trace: 2B9FAE2C09D5F5185F5B4D8E6EF03A1CFE55AC990D000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 488ms
487ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cca2e2306f0358c887b2f91bb006023ca4425cae8be7005cebca141bb3fecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
X-HubSpot-Messages-Uri: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e06cb18f-d91d-4202-90e9-84e2181ae3d6
x-envoy-upstream-service-time: 139
content-length: 1348
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e06cb18f-d91d-4202-90e9-84e2181ae3d6
server: cloudflare
x-trace: 2B78144CBEBFC1F57A951EC8332057CC2461697001000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-dmjph
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQ%2B%2FnrEcXraxTctzFdWplmXxVGNeTFjxVRwtotGQX7awxSzUgPjcXeARMq%2BUsdzjqHkz4CdqbCT%2B2Y55IQv49est2e84WjVWCkc2NCsPYEMESjojMtIpAiNeK1s0q8VmYwhznrIBkAvkHJAe1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84e736540e452a0a-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/a1d7d0f8/www-widgetapi.vflset/ 216 KB
67 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a1d7d0f8/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bed34862194969206abb50c773289cfa769f3e34f4a96e6d2c1291b5e87d58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 08:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68450
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 05:17:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Jan 2025 08:33:21 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
417 B 121ms
112ms XHR
application/json 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7175493&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb39ee2e75cd39e84fd60931d906431f35101b375b54b8524d699c3a6c50341

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fdbe842a-26af-4b46-9f1d-6aa442f1cd22
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fdbe842a-26af-4b46-9f1d-6aa442f1cd22
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-p98rp
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 84e73652be0f018e-CDG

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 183ms
126ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7175493

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3356fc08932d03ae05a815019ef02a3d28b3174eae447e59a976f8b7f75e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b74e670c-2139-422d-8612-f8a1f7336287
content-encoding: br
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b74e670c-2139-422d-8612-f8a1f7336287
server: cloudflare
x-trace: 2B01C259B914AF718A5DB91210B0B2F8026C7C9EAB000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-dmjph
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkXOfPSJ0MqJik7qRC1bgn%2B%2Fdkzq6Z1bVEfZP1H2tnDIb6t7tluJTR69dwcgQFlwyLbuoqIt%2FeaI2UrDzVVf6YHnZ%2FsU%2BBfz883Jt7SRcRKkND%2FBcu7zf8lNmW%2Fn72IA8HegeWlF6ZTPRoOn"}],"group":"cf-nel","max_age":604800}
cf-ray: 84e7365348282a6e-CDG
access-control-allow-headers: *

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.27.5/js/ Frame 526D 549 KB
133 KB 104ms
51ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.5/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 637f9a3aef13ddf5d31a8054a606a266b733f76652be7b5b43ea9a5449851248

Request headers

Referer
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000140-IAD, cache-fra-etou8220075-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 25841
x-timer: S1706759238.752797,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135666
x-cache-hits: 8, 3722

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.27.5/js/ Frame 526D 413 KB
100 KB 75ms
22ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 142a9d9b04c9eb12bd12845a2ff866ce1cdee5b78c33fb1bbdf07bdfc27e708e

Request headers

Referer
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100176-IAD, cache-fra-etou8220075-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 25841
x-timer: S1706759238.752671,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101629
x-cache-hits: 8, 4456

GET
H2 200 player.css
f.vimeocdn.com/p/4.27.5/css/ Frame 526D 207 KB
22 KB 74ms
21ms Stylesheet
text/css 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.5/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b76b53ee205ac89303aecdfe358d3fec6f952c066b57f190f2ef8728e7b972e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200140-IAD, cache-fra-etou8220066-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 25841
x-timer: S1706759238.752622,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21863
x-cache-hits: 8, 4288

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 526D 2 KB
2 KB 126ms
126ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6daa20307a8faab300c4b2eb2aad676122aaf5bf270f09e4d3354e5507aa157f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 213950
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 2132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210023-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.698366,VS0,VE108
etag: "a7fba177c525c062060f0aa1bfba4880"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 526D 2 KB
1 KB 22ms
22ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220066-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 946851
x-timer: S1706759238.855858,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 8, 216826

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 526D 4 KB
2 KB 88ms
32ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 526D 14 KB
15 KB 151ms
151ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=300&mh=300
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 742a5257f5d3141756d0aa7435f70ad178f47aac857d071e1653a0d2cecce0d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 738084
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 14791
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120076-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.887851,VS0,VE119
etag: "ce6c596cc227502cb67475ea9dc7e5d3"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 17, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 526D 0
142 B 336ms
293ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=6cfbb979cea5e399a42d641812fc84ba21d6ebe61706759237
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Thu, 01 Feb 2024 03:47:17 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 526D 0
926 B 334ms
290ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=6cfbb979cea5e399a42d641812fc84ba21d6ebe61706759237

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 31 Jan 2024 15:47:17 GMT
Date: Thu, 01 Feb 2024 03:47:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000138-IAD, cache-lcy-eglc8600039-LCY
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1706759238.942001,VS0,VE115
x-backend-proxy: webproxy12
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-57cb9cc7d4-bnkqm
Accept-Ranges: bytes
CF-RAY: 84e736550d08d410-CDG
X-Cache-Hits: 0, 0

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 526D 35 KB
12 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:17 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ Frame 526D 50 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:03:11 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/crwdmarket.matomo.cloud/ 199 KB
58 KB 407ms
141ms Script
application/javascript 2600:9000:26db:3600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/affiliate.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:3600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

70523fd01ca03a2bb5d179f31f8e0fe7a7c05c95ae9af830cfc918cc8f035013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:19 GMT
x-amz-version-id: x3RKO2CvDaMcl_I7DRk1Sa1ibwGZ8Ruu
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 08 Dec 2023 00:03:33 GMT
server: CloudFront
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"b42383cb729acd26dbc6859d570009f1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: _4sUZHpDvBdZyoEmz6H34HUVKxj3YrEVWqkXsidaB4QwWV5LkJtzMw==

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.27.5/js/ Frame F8E0 549 KB
133 KB 22ms
22ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.5/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 637f9a3aef13ddf5d31a8054a606a266b733f76652be7b5b43ea9a5449851248

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000140-IAD, cache-fra-etou8220075-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 25841
x-timer: S1706759238.993815,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 135666
x-cache-hits: 8, 3723

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.27.5/js/ Frame F8E0 413 KB
99 KB 22ms
22ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 142a9d9b04c9eb12bd12845a2ff866ce1cdee5b78c33fb1bbdf07bdfc27e708e

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100176-IAD, cache-fra-etou8220075-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 25841
x-timer: S1706759238.993893,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 101629
x-cache-hits: 8, 4457

GET
H2 200 player.css
f.vimeocdn.com/p/4.27.5/css/ Frame F8E0 207 KB
21 KB 23ms
22ms Stylesheet
text/css 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.27.5/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b76b53ee205ac89303aecdfe358d3fec6f952c066b57f190f2ef8728e7b972e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200140-IAD, cache-fra-etou8220066-FRA
date: Thu, 01 Feb 2024 03:47:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 25841
x-timer: S1706759238.993912,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21863
x-cache-hits: 8, 4289

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame F8E0 2 KB
2 KB 507ms
507ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f53b467c880d31529344cfdacf57caa39853030de281f24789fb7b5d2cf8972

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: MISS, MISS
content-length: 1559
x-served-by: cache-dfw-kdal2120055-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.996263,VS0,VE479
etag: "d5fab6481e2a3f2143449b6382190e61"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 21f3186af3f84ecb8e6f3d102278859f Show response
app.hubspot.com/conversations-visitor/7175493/threads/utk/ Frame 6AEF 53 KB
20 KB 461ms
252ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/7175493/threads/utk/21f3186af3f84ecb8e6f3d102278859f?uuid=d06fd9f44944403e91dccb27ee908133&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b30c526d6302c3791d908a45a1e3d9081b5979afb3b240f3597952d8baa872d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: false
age: 2694
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 84e73656f97a2a58-CDG
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.17719/html/index.html&cfRay=84e73656f97a2a58&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7175493%2Fthreads%2Futk%2F21f3186af3f84ecb8e6f3d102278859f%3Fuuid%3Dd06fd9f44944403e91dccb27ee908133%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dbacktorootshealth.com%26inApp53%3Dfalse%26messagesUtk%3D21f3186af3f84ecb8e6f3d102278859f%26url%3Dhttps%253A%252F%252Fwww.backtorootshealth.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.backtorootshealth.com%2F&cfenv=prod&pdt=2024-02-01&csp=ro
content-type: text/html; charset=utf-8
date: Thu, 01 Feb 2024 03:47:18 GMT
etag: W/"7c40c1460a2b527dfdfefa96bce190d6"
last-modified: Fri, 26 Jan 2024 14:19:32 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=84e73656f97a2a58&resource=conversations-visitor-ui/static-1.17719/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-amz-cf-id: VcUpKg9F4N_f_YcUwPwFdonP9fEZfx3w--hr_35X9nSvzx64FolIQg==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: YP6Dcu3CK8AZwZUV4AcaLmQWEo2MsaHf
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-lqtcn
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.17719/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: d2cb1e06-79a6-48c1-8982-3ad5468b84a2
x-request-id: d2cb1e06-79a6-48c1-8982-3ad5468b84a2

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 526D 14 KB
15 KB 20ms
20ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=300&mh=300
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 742a5257f5d3141756d0aa7435f70ad178f47aac857d071e1653a0d2cecce0d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 738084
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 14791
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdal2120076-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.219775,VS0,VE0
etag: "ce6c596cc227502cb67475ea9dc7e5d3"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 17, 1

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 526D 2 KB
2 KB 30ms
30ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6daa20307a8faab300c4b2eb2aad676122aaf5bf270f09e4d3354e5507aa157f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 213950
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 2132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210023-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.236390,VS0,VE0
etag: "a7fba177c525c062060f0aa1bfba4880"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 51965547_60x60
i.vimeocdn.com/portrait/ Frame 526D 449 B
631 B 34ms
34ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/51965547_60x60?subrect=878%2C137%2C3610%2C2869&r=cover
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b0ef2d38cf8ce549261bdc5b889c4d3daed15564cd73a9ea88c603fca6bed49f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 156405
x-viewmaster-lossless-format: automatic
x-cache: HIT, HIT
content-length: 449
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210175-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.236515,VS0,VE1
etag: "70ad5fd60eca7e02346deff2106ecd89"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame F8E0 2 KB
1 KB 22ms
22ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220066-FRA
date: Thu, 01 Feb 2024 03:47:18 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 946851
x-timer: S1706759238.252056,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 8, 216827

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F8E0 4 KB
2 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:18 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame F8E0 17 KB
17 KB 244ms
243ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=600&mh=346
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 039842bb3f6ede7b1bd847238ccffa8a2576cdd4fde7d0c5b363ff05f23b3ab6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 467299
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 17132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210028-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759238.257826,VS0,VE217
etag: "9f7de964504e1e55534326181b1297b8"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame F8E0 0
40 B 108ms
108ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=d47bfe95c61a8a3f1942810d9f3ce90c9df8a79e1706759237
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.27.5/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Thu, 01 Feb 2024 03:47:18 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame F8E0 35 KB
12 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 01 Feb 2024 03:47:18 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ Frame F8E0 50 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 19:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:03:11 GMT

POST
H/1.1 200
OK event Show response
analytics.netflow.co/api/ 3 B
410 B 275ms
274ms XHR
text/html 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.netflow.co/api/event
Requested by: Host: analytics.netflow.co
URL: https://analytics.netflow.co/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 01 Feb 2024 03:47:19 GMT
Server: Apache
X-RateLimit-Remaining: 59
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.backtorootshealth.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked

OPTIONS
H/1.1 204
No Content event
analytics.netflow.co/api/ Frame 0
0 1306ms
237ms Preflight 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.netflow.co/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.backtorootshealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.backtorootshealth.com
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: Keep-Alive
Date: Thu, 01 Feb 2024 03:47:19 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 204 matomo.php
crwdmarket.matomo.cloud/ 0
175 B 176ms
94ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/matomo.php?action_name=Back%20to%20Roots%20Health%20-%20PureCBD%20Products&idsite=8&rec=1&r=553786&h=4&m=47&s=18&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&_id=23275f6a1b9409df&_idn=0&send_image=0&_refts=0&pv_id=NN4GsL&pf_net=57&pf_srv=70&pf_tfr=197&pf_dm1=434&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.backtorootshealth.com
date: Thu, 01 Feb 2024 03:47:18 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
crwdmarket.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 111ms
36ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=8&trackerid=YoJTVK&url=https%3A%2F%2Fwww.backtorootshealth.com%2F
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 2d8c47c9fd43128d829bf0e2c5004cf04a3c0873ef6d776b2e9ebb1545c5d578

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.368/ Frame 6AEF 44 KB
16 KB 108ms
60ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/21f3186af3f84ecb8e6f3d102278859f?uuid=d06fd9f44944403e91dccb27ee908133&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
x-amz-version-id: wWLMJ6qW0lXJfco2m026CzodYMop32jV
via: 1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 600569
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=84e73658db416f6f-CDG
last-modified: Tue, 11 Jul 2023 18:31:41 GMT
server: cloudflare
etag: W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGaoce3s%2Bg7fn1T9EgOmznNqCY1cpj3KLf1TQBlZbW6auyw%2FBV%2BpcaMinNBZtbZnf%2FmTVSx7FClkVKlEFvQUv1WAtmUGDDsz3qDdJb%2F7XSaRlNrYiw%2F0Kd7cUq3641FnXnBL1QoR%2BPQIG1sZi027ZZPpUa4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 84e73658db416f6f-CDG
x-amz-cf-id: m2yKvB2moMLM8Hd6hCb4JGepjobMG2GKwz5WK3e5sIDa5fTb1atItw==
expires: Fri, 31 Jan 2025 03:47:18 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/ Frame 6AEF 19 KB
4 KB 77ms
29ms Stylesheet
text/css 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
x-amz-version-id: 8JK3Qs8SBE2zTXCiSEFRAiP414rxQpaa
via: 1.1 e5b75c92aeb08b72d17d5fe9dd0647e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 2079033
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=84e73658de8a0299-CDG
last-modified: Thu, 02 Nov 2023 14:28:10 GMT
server: cloudflare
etag: W/"686ebda4c47b0bdb5d9460221c8036d1"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqDVdJV31Qjmjf124%2BMTYPuHdVPnROGeI%2FCLo3Clc6laiRhDPEKBYKM%2BzMkeas7CVzUHPcGnN%2Bt4qLphKX4XvemM5IKwpz7kS5ff%2BPd1tUgIsU93%2BdlRbHSEpwaf55Gh0IJdQXpKsRcEqZg5keObG1Cma1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 84e73658de8a0299-CDG
x-amz-cf-id: WJ5lbnAJ9g4DyfjWWdqzM5JL0HhPgnsjZrwzGE7C9v2s87p1Fj0E7g==
expires: Fri, 31 Jan 2025 03:47:18 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.522/ Frame 6AEF 295 KB
95 KB 80ms
32ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.522/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f6d8db6a6b4d9aa01991c751c30e4b6aef7a4197da21be7e61a41448c5ae69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
x-amz-version-id: rKh51R63oxz5N3dfuB2VkIuksUjUA_yy
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 1860174
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=84e73658db426f6f-CDG
last-modified: Mon, 08 Jan 2024 19:59:33 GMT
server: cloudflare
etag: W/"7625f1a8376f1cb513c308136c837d2d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATrj4AbE11G0eMbWOvyfU0ruXRI1RuD%2BaetVR7MQuw5PZBeEMqYtijDwSbSwhlhYOTKvIhY9tLqndDATTklU%2BZMWA%2B1XoJImmwIm88TF6f2bB4yI%2BCDk0THNTXshBuOH2oEPDbXnHuGciAIMsePo1uwH95k%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 84e73658db426f6f-CDG
x-amz-cf-id: Ghzk0kCWMbb_9zWGvmhUOpVmMgPpZMDQQLHYWbiQEJRQkcA1qGlXfQ==
expires: Fri, 31 Jan 2025 03:47:18 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17719/bundles/ Frame 6AEF 643 KB
190 KB 82ms
34ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17719/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

136102a05a410bcead0fcad06ca6c315376d0e6a493675edd10f4e747f494eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
x-amz-version-id: _NjYyULIAAHJ6AAoAvHescExBYgmfA5G
via: 1.1 4eac31fa332b238427dad87ea3716264.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 480457
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=84e73658db446f6f-CDG
last-modified: Thu, 25 Jan 2024 18:54:45 GMT
server: cloudflare
etag: W/"ba9f1daf6286f76b8539a9e1bd318dcc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O78hj7QubAJWvWmb6uiuyEkjHiZtyWUU0rSFRFtzhoIZCKbobtHNPEApBKnrVDcCDdlZqTT7tqqU5bdPyibm6v3tA4Gmoi%2Fwm81ZM2bXNuvuQIMH5%2F%2BSYbUQZf5hMROf93%2FRzJOWLSPHjBlx5C7NHS08ZtM%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 84e73658db446f6f-CDG
x-amz-cf-id: Cenm1K6HnSxPaFcFGjG7R8WWNBOVDcgsTF62hUG-XeAyO83jk62uuw==
expires: Fri, 31 Jan 2025 03:47:18 GMT

GET
H2 200 60078268_60x60
i.vimeocdn.com/portrait/ Frame F8E0 1 KB
2 KB 1085ms
1084ms Image
image/avif 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/60078268_60x60?subrect=170%2C164%2C1971%2C1965&r=cover
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 867b3a461019a9c39cd64d8799c21bc73f1f9a838809c20c10d5c335fe65418a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:19 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1516
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210041-DFW, cache-lcy-eglc8600036-LCY
x-timer: S1706759239.517802,VS0,VE1066
etag: "78dc2645b1f7883fb6d6aab1358c77f1"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17636/ Frame 6AEF 841 B
929 B 32ms
32ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17636/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17719/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631f23436af8fe9e571e1e531b5fd6ab376dfd49541663db9c7d580c557e9bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
x-amz-version-id: 573dfp2NqS6Vz._7ajEh3xf8bEynLLyM
via: 1.1 5b23e906a0b30aeeaaccd141aadaa56c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 742645
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=84e73659bb906f6f-CDG
last-modified: Wed, 17 Jan 2024 17:47:48 GMT
server: cloudflare
etag: W/"7c1a5625e964f0048674357f4aaf42d5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiO1ho2Ed%2FlXd5Gg2drhl%2BSCGcZMGqW%2BRhk2uKdrOP0qmirENcYjf7tarBqnbNPgGl3FiCnh33139tJliGA5odx7HJaMR1h2quyEuOEvmURETjoPdgKQNHL4y8KRYy7UY5%2FD11DYVFjX9%2FYRe2W3i3irDYg%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 84e73659bb906f6f-CDG
x-amz-cf-id: 5MtNOBmPDM8cmKtgTRwzEqyaATi00hYuOBODEioxcxXJpkE-94go6Q==
expires: Fri, 31 Jan 2025 03:47:18 GMT

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 6AEF 0
1 KB 130ms
130ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17719

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17719/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/21f3186af3f84ecb8e6f3d102278859f?uuid=d06fd9f44944403e91dccb27ee908133&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 191fd4b9-48f8-499e-9796-92f594f04a21
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 191fd4b9-48f8-499e-9796-92f594f04a21
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgdU54cDtiHtlRlBIa4LtGf%2BhvCo6K4ugMer48gw5Ue68bcMINdkbz2V%2FPR5EeEaX%2BafDcwRcHqtArnfsqw68VauzDfdHAVCkNIhq3ylWhzhdI4suB7mWu8pP4mP2zjjOXZOM4sKOu0lagCWng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-8jdch
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 84e7365a1b7a2a58-CDG
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Dpl-Correlation-Group-Id, X-HubSpot-Dpl-Parent-Log-Id
timing-allow-origin: *

GET
H2 200 1 Show response
app.hubspot.com/api/livechat-public/v1/feedback/survey/ Frame 6AEF 17 B
710 B 143ms
142ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/feedback/survey/1?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17719&conversations-visitor-ui=static-1.17719&traceId=21f3186af3f84ecb8e6f3d102278859f&sessionId=AMOaWbKatQAjBcdpKkD2SNq2EwrrdNxTtGVKco-MKR5YW6laFEsAy1IQpEt-dBGg2Mj4EMRllE2ZMn6KpaHdEim4tZMzZQ0Jpp6h43pkeyAiTjn5EO9WVgXur9hmGVn4JJvln5S2eODMTdA0Kbs2ajK81WBoOr3BC2ZRgGJKhehX64vcwE8LvwI

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5acf3ff77b4420677b5923071f303facaba7a9273a346284a667a275df325146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/21f3186af3f84ecb8e6f3d102278859f?uuid=d06fd9f44944403e91dccb27ee908133&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fa1d43fe-463f-4108-b6b4-47614aea527f
x-envoy-upstream-service-time: 21
content-length: 17
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fa1d43fe-463f-4108-b6b4-47614aea527f
server: cloudflare
x-trace: 2B94C2AE001FDBEF6D7A3FBB3E1E29DCC4516DB67F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-5rbs5
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp99RNwdmOzjTp7PJRd6xFN7HjrvSxCsYrAZXqn7EfbZA8b7OtSxgtLQAWtMdKIq07MXtVHakYYvc4SsniAgW9iKVri%2FLdK7cJ2U%2FPKp4tpXjweqwcvyTL6iGqo9PrmPKLE17y%2F%2FuwjuwIEaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84e7365a1b7d2a58-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1673853/ Frame 6AEF 1 KB
1 KB 313ms
312ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1673853/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17719&conversations-visitor-ui=static-1.17719&traceId=21f3186af3f84ecb8e6f3d102278859f&sessionId=AMOaWbKatQAjBcdpKkD2SNq2EwrrdNxTtGVKco-MKR5YW6laFEsAy1IQpEt-dBGg2Mj4EMRllE2ZMn6KpaHdEim4tZMzZQ0Jpp6h43pkeyAiTjn5EO9WVgXur9hmGVn4JJvln5S2eODMTdA0Kbs2ajK81WBoOr3BC2ZRgGJKhehX64vcwE8LvwI

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d1caff3fb57166ba3aa83f4936db33aa5527cbef7476fcc0dc65a1a72c350d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/21f3186af3f84ecb8e6f3d102278859f?uuid=d06fd9f44944403e91dccb27ee908133&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=21f3186af3f84ecb8e6f3d102278859f&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7cc9f468-6e34-43ab-8cfa-dc37921c78d4
content-encoding: br
x-envoy-upstream-service-time: 25
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7cc9f468-6e34-43ab-8cfa-dc37921c78d4
server: cloudflare
x-trace: 2BCDAA9C1BBA6C69AA8F6129B2EF1BE532346937A7000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-5pmnd
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BLohvGw5ORHd8VrK9aUFQrnh0LPS96W7GjrAvvsHz2IlRKVLA%2F0TAIlf9QhCNGr0OeJgOMQY0SHFTkf%2FUJPbRXNGo9sd%2Fwm7zaZJnbExq934L%2F0VtpgWuduaJvnVnQ66zh1%2F6387RJzk3QXVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84e7365a2b7e2a58-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Feb 2024 03:47:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: cBY7pR5KczkCxaMcVYHC1RpHWvlSO/OMF043gn/tCGgi0TNCxGi03UeXMf+rHi7QIQh4VpCoAxJvwflRtq4sEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 7175493.js Show response
js-na1.hs-scripts.com/ 3 KB
1 KB 325ms
277ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/7175493.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1652460000000/7175493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70ebbd9a9cd0bec822c83fb3692dbc1bae66339f73e5dbcf9933926733e5691e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 265886e1-4a67-47e9-961b-3bc854dea563
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 265886e1-4a67-47e9-961b-3bc854dea563
last-modified: Thu, 01 Feb 2024 03:47:19 GMT
server: cloudflare
x-trace: 2BF97EB33FFF8C99E9A2254AEBADFF4D31A3AEEC2B000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
cache-control: max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-fcdc68c87-5pmnd
cf-ray: 84e7365fdba86f05-CDG

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
594 B 126ms
125ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2032787945&v=1.1&a=7175493&pu=https%3A%2F%2Fwww.backtorootshealth.com%2F&t=Back+to+Roots+Health+-+PureCBD+Products&cts=1706759239599&vi=c051f95898bffe235a558709d3d294ff&nc=true&u=3073967.c051f95898bffe235a558709d3d294ff.1706759239597.1706759239597.1706759239597.1&b=3073967.1.1706759239598&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c9b4763c-780f-4ad8-9a8b-02edc17f3fb0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c9b4763c-780f-4ad8-9a8b-02edc17f3fb0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Bzbsp2rHi0Q90Rgp8ZqwAD8JV3%2Bc3CuZ9pqt0SH%2BJdZB8XbFzbGc5X%2F%2F2rrv8sLdXfI0cBYXa67HXufFKsaVfSgmXhRFLGc%2Fj%2B40ICy8Qjqj8j8CrDYKp0hYTmosR%2F4Ntw1U0sqNCzDthLhGx1a"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-865d96945d-b74qc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 84e7365f8e5b2a58-CDG
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 157ms
148ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7175493&utk=c051f95898bffe235a558709d3d294ff&__hstc=3073967.c051f95898bffe235a558709d3d294ff.1706759239597.1706759239597.1706759239597.1&__hssc=3073967.1.1706759239598&currentUrl=https%3A%2F%2Fwww.backtorootshealth.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6941f70b4932b11b21ee8ef010d97eedf8dafd276df1e2f44d2421b3a5a97bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b48170b8-ccf5-471c-8a54-35a9b2e39617
content-encoding: br
x-envoy-upstream-service-time: 31
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b48170b8-ccf5-471c-8a54-35a9b2e39617
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMrzjp1Z%2FjMwMaq%2Fr0eKg0Jfv401YjaFBwJ9JFGFavntmem1R4krEaOsZvKMi8726SRSBvQJGDpgmNXTlQhltVab1YYmor4DL1ftpaw727N6trjw1omrN2U3a6Y0kOjjQDpkadhlOd%2BrPKshSowv"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 84e736600e6e2a0a-CDG
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-547b899f8d-96qjp

GET
H2 200 621921788454574 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 122ms
122ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/621921788454574?v=2.9.143&r=stable&domain=www.backtorootshealth.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

813f8ba0051202757d6c661ef5c3f9c901ea0f9b809bb50b608af5093dcc4526

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Feb 2024 03:47:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: m7nXVGJ5eaPfYhu/XZPYfgICdKkc+fOtQqjMYvjeUERTkfyoR71w+YxWx4NRnQnFOj58MgsVWsac0uulPNs4kg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=621921788454574&ev=PageView&dl=https%3A%2F%2Fwww.backtorootshealth.com%2F&rl=&if=false&ts=1706759239858&sw=1600&sh=1200&ud[external_id]=c051f95898bffe235a558709d3d294ff&v=2.9.143&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1706759239857.1703783521&cs_est=true&ler=empty&cdl=API_unavailable&it=1706759239724&coo=false&exp=e1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Feb 2024 03:47:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 81 KB
24 KB 118ms
118ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/7175493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b70634bb1c5bda93960600a82964726e7bfe85fd468ae4a915c2f568daf9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.842/bundles/project.js&cfRay=84e736619f702a0a-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2120f825f9edce300d3921b82541873d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.842/bundles/project.js
date: Thu, 01 Feb 2024 03:47:20 GMT
x-amz-version-id: wZR75LYe2D_STv3GuvaRDmHc4AFfAh.H
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 7cba370b-76a9-46d4-94b2-aebedfc9fe86
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7cba370b-76a9-46d4-94b2-aebedfc9fe86
last-modified: Tue, 30 Jan 2024 12:51:30 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydJ%2BSFio5BtjndtD8flzLXCV3wTC93fllnRUW4%2BPRDWx484aVXM3U%2F3YMW9ZPaRH1VI3WeI6QNycTfkp8PH8UNJHOmsqvzlF2DMBADmA3iMOXNXsgFsRYcNOPhLFNc1AGYBZ3XQG9%2F5sZIjO"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-bf946f66b-4lfdc
cf-ray: 84e736619f702a0a-CDG
x-amz-cf-id: 6djdZla6EhbUoXQLrVGaS1LU2pdRwZw8UYIUEd3e-5e0Pw6mkuNJVA==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 369 B
1 KB 123ms
122ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7175493&currentUrl=https%3A%2F%2Fwww.backtorootshealth.com%2F&utk=c051f95898bffe235a558709d3d294ff&__hstc=3073967.c051f95898bffe235a558709d3d294ff.1706759239597.1706759239597.1706759239597.1&__hssc=3073967.1.1706759239598

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9b9d365c-0cf7-47e0-a936-2df1666ef92a
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9b9d365c-0cf7-47e0-a936-2df1666ef92a
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZN5wvhLo7H089SFfomw5Ji7hDah1Q1yR1Kwc800E8c9aK494DY9LN%2B8sIaMhOyLG8%2FyCcL29mz8tT%2BLDlfiOj7XBk7wOmlm2QNOuI0t4GpitRltP1Ug3n2%2FqmoVIg%2FjbIjX4qrKpQ0yQo8z3FfaqUFyuf8jM2Q7%2Fvk%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 84e7366268022a0a-CDG
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-547b899f8d-zzq87

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 162ms
116ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 03:47:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 2ca1969a-482b-4848-a67e-6c8c453235cb
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2ca1969a-482b-4848-a67e-6c8c453235cb
Last-Modified: Thu, 01 Feb 2024 03:47:20 GMT
Server: cloudflare
X-Trace: 2B6E2292065AF4D12F302668F55929B4F19C1C1DC1000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-547b899f8d-9qpsf
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 84e736637f10027c-CDG

POST
H2 204 matomo.php
crwdmarket.matomo.cloud/ 0
175 B 118ms
118ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/matomo.php
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.backtorootshealth.com
date: Thu, 01 Feb 2024 03:47:21 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 crwd_market.png
7175493.fs1.hubspotusercontent-na1.net/hub/7175493/hubfs/ Frame 6AEF 2 KB
3 KB 221ms
172ms Image
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7175493.fs1.hubspotusercontent-na1.net/hub/7175493/hubfs/crwd_market.png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48caccda9f544c59672d2251e0c7f50b5c3aba885d2642f6ded832dce7a9c870

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 03:47:21 GMT
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-73540437539,P-7175493,FLS-ALL
content-length: 2130
cf-resized: internal=ok/m q=0 n=328+0 c=0+7 v=2024.1.1 l=2130
last-modified: Fri, 13 May 2022 17:00:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfycx960Wfk4a8AsnGVyelHn-wUn9Bg2vL7Sxl6y2PDQ:b5254a5ee7cf91458b235ab00fa79a68"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 84e7366d48ec6fde-CDG

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.crwd.shop
URL: https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534

Domain: app.crwd.shop
URL: https://app.crwd.shop/builder/funnelfavicon

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Fo42ciMnjeA
.youtube.com/	1970-01-20 22:25:11	Name: VISITOR_INFO1_LIVE Value: 3Z0SE0Vi-7w
.vimeo.com/	1970-01-21 03:41:59	Name: vuid Value: pl192942670.1812655783
.vimeo.com/	1970-01-20 18:06:01	Name: __cf_bm Value: gB9nJX9wjrhmyw7uaQdzxHlQeZT.cG9hCH68_Bi3RkI-1706759237-1-AaT6TRZf2XLNtD/hUFN1xVFLKAGotbXU7hm5j8PFDm/0Djbqs3tTdnI5sPsXGwZfOtCIpVftAlkyAo3AUJrQe00=
www.backtorootshealth.com/	1970-01-21 03:31:54	Name: _pk_id.8.092f Value: 23275f6a1b9409df.1706759238.
www.backtorootshealth.com/	1970-01-20 18:06:01	Name: _pk_ses.8.092f Value: 1
.hubspot.com/	1970-01-20 18:06:01	Name: __cf_bm Value: oLsfDuRf4s40M.dPwlTsZGcV72YGxLlkIzYOSHTzaNQ-1706759238-1-AS+nc6CuS2SvRZld5Ic/K6RVuMu4pX8pxEk9QFU7zrz2m8C8N8wZt+gm4mFpu8bMXfBO3HvN+i9EFtlwyp0+8i4=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: OavZf3ZhdrEEiJT8K7KmSsbUbHRQBfYySrsyNCVzm7o-1706759238468-0-604800000
.backtorootshealth.com/	1970-01-20 22:25:11	Name: messagesUtk Value: 21f3186af3f84ecb8e6f3d102278859f
www.backtorootshealth.com/	1970-01-20 22:25:11	Name: __hstc Value: 3073967.c051f95898bffe235a558709d3d294ff.1706759239597.1706759239597.1706759239597.1
www.backtorootshealth.com/	1970-01-20 22:25:11	Name: hubspotutk Value: c051f95898bffe235a558709d3d294ff
www.backtorootshealth.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.backtorootshealth.com/	1970-01-20 18:06:01	Name: __hssc Value: 3073967.1.1706759239598
.backtorootshealth.com/	1970-01-20 20:15:35	Name: _fbp Value: fb.1.1706759239857.1703783521

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=Gilroy:300,400,700 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://app.crwd.shop/builderassets/js/newdropborders.js(Line 1024) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.backtorootshealth.com/ Message: Access to XMLHttpRequest at 'https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534' from origin 'https://www.backtorootshealth.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.backtorootshealth.com/ Message: Access to XMLHttpRequest at 'https://app.crwd.shop/builder/funnelfavicon' from origin 'https://www.backtorootshealth.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.crwd.shop/builder/funnelfavicon Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/621921788454574?v=2.9.143&r=stable&domain=www.backtorootshealth.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 105) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7175493.fs1.hubspotusercontent-na1.net
analytics.netflow.co
api.crwd.systems
api.hubapi.com
api.hubspot.com
app.crwd.shop
app.hubspot.com
cdn.matomo.cloud
connect.facebook.net
crwdmarket.matomo.cloud
cta-service-cms2.hubspot.com
f.vimeocdn.com
firebasestorage.googleapis.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hubspot.com
fresnel.vimeocdn.com
i.vimeocdn.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
player.vimeo.com
s3.us-east-2.amazonaws.com
static.hsappstatic.net
track.hubspot.com
use.fontawesome.com
vimeo.com
www.backtorootshealth.com
www.facebook.com
www.gstatic.com
www.youtube.com
app.crwd.shop
104.18.0.100
146.75.122.109
151.101.128.217
162.159.128.61
2600:9000:26db:3600:c:7d55:b3c0:93a1
2606:4700:4400::6812:22e5
2606:4700:4400::6812:297c
2606:4700::6810:4eba
2606:4700::6810:bb59
2606:4700::6811:599a
2606:4700::6811:cbcc
2606:4700::6811:e4a3
2606:4700::6811:faa8
2606:4700::6812:7b0c
2606:4700::6812:b05d
2606:4700::6812:c07d
2606:4700::6813:9b53
2606:4700:e6::ac40:cf26
2a00:1450:4001:81c::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.126.133.169
34.120.202.204
52.219.108.89
92.205.18.172
0102d04028714c5980ffdb5c6a9abf38ca9a968534caba224dac4d323caa9723
01e2e921eca318498b76a61b4bda48169533fb6494744cd2b4c77020b37f50d7
039842bb3f6ede7b1bd847238ccffa8a2576cdd4fde7d0c5b363ff05f23b3ab6
03b48669dd18b1daa29541e38abc183a5c9f8b8aa8b8906a9da8a3522d6d7f45
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
085ab8bb50dd2328eac5780f7655253e557474db55025d9ff5a3ad221bb3bdc9
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
0f53b467c880d31529344cfdacf57caa39853030de281f24789fb7b5d2cf8972
136102a05a410bcead0fcad06ca6c315376d0e6a493675edd10f4e747f494eeb
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
142a9d9b04c9eb12bd12845a2ff866ce1cdee5b78c33fb1bbdf07bdfc27e708e
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
164fc1aff1b68513a51cfc4a06365e46bcbf14c196c961d4092c1c5fb847a5b2
178987f9a593186afd3e5dee03350d397514259a4aaaf0b6c5cdc7f567f4e1f8
19b71ad68338363023517e33fd7de0d1b509f381648184ba5cbff5ee55d2303a
276af2b9ae1b1daae8bcd2166ed84ad35f28c870cc050e31afa80b309c0faf50
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
29002d6e551b0d284fc7495fa4bdd4fed8f9ea686e152bf6b89e81a379ac929e
29b70634bb1c5bda93960600a82964726e7bfe85fd468ae4a915c2f568daf9ae
29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87
2ad3356fc08932d03ae05a815019ef02a3d28b3174eae447e59a976f8b7f75e9
2d8c47c9fd43128d829bf0e2c5004cf04a3c0873ef6d776b2e9ebb1545c5d578
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
37f02346ff32981bfd84b583b897bb86929cd0766f3be6edb7955b0cbb6a4486
3bed34862194969206abb50c773289cfa769f3e34f4a96e6d2c1291b5e87d58b
3e2256fdb0682f202b2e5227e2655c1a7cc3e2e5e17426009be1e46650134c6c
3e32d0e21562d2e3246d10b05162357b6534bae3aeca593784b15c5e2f006b31
405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8
48caccda9f544c59672d2251e0c7f50b5c3aba885d2642f6ded832dce7a9c870
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
4fa2877587a2dabba4d33a06ce09e86376056a4f8e751e6725b47eaf7ebf8eb6
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
5568d7a302a7539f0f5fcd34ca9cc10039c017385e20654de82ed70df4134e0e
56c34e5cfdbdc3f561556d18e4398f117cf938c7feb99ceaa67c21b9cead99f3
59f6d8db6a6b4d9aa01991c751c30e4b6aef7a4197da21be7e61a41448c5ae69
5acf3ff77b4420677b5923071f303facaba7a9273a346284a667a275df325146
5e51e209c44f498e5d7c3a5c35d5454c37b3c2744746954fa9d759d4a6c08391
61e91a341f0be6f9c99470775b8c68fcb66d05e6b8dc994a7722b7f5367edc1f
631f23436af8fe9e571e1e531b5fd6ab376dfd49541663db9c7d580c557e9bcf
637f9a3aef13ddf5d31a8054a606a266b733f76652be7b5b43ea9a5449851248
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
684d6df6676839133f4c16e07d40f559312fe9dde305ee157f5cf054b0ee516e
6941f70b4932b11b21ee8ef010d97eedf8dafd276df1e2f44d2421b3a5a97bfa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d7d7d8806cc310d0fc693af61c94b8ad69d1825b1abc86d4c137d32f8b70212
6daa20307a8faab300c4b2eb2aad676122aaf5bf270f09e4d3354e5507aa157f
70523fd01ca03a2bb5d179f31f8e0fe7a7c05c95ae9af830cfc918cc8f035013
7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9
70ebbd9a9cd0bec822c83fb3692dbc1bae66339f73e5dbcf9933926733e5691e
71cca2e2306f0358c887b2f91bb006023ca4425cae8be7005cebca141bb3fecf
742a5257f5d3141756d0aa7435f70ad178f47aac857d071e1653a0d2cecce0d9
74df122be2a059f7994950a5c8f6262fff8d9763f381fe6a0c7eaf3877209a17
798932e879a71338df9bf6fb7497c00411a9471695d8575208744e53ff6df07b
7c326f96b9af470b51c887a189b1f81d241d6beef4844b37c8add5144fa6f55d
7d1caff3fb57166ba3aa83f4936db33aa5527cbef7476fcc0dc65a1a72c350d5
7efe6e57752a0100b359eeb0299ec9efb9043a4cb916e59b024c8fe2ccc82e2b
7f340a2defa886e0fd32def4af9ca322f1136f89338f38bcd5f1d161d60ed07a
7fe48befcf69eb9abf495d891db6c8325a4e21364801035e5206a30ca7e4c443
813f8ba0051202757d6c661ef5c3f9c901ea0f9b809bb50b608af5093dcc4526
835477fbc54cd5222d3a9e364a8f9ff52f8512a1c8ccfd5693f1161329fc5fd4
867b3a461019a9c39cd64d8799c21bc73f1f9a838809c20c10d5c335fe65418a
890a5d365cd857bab0c7a52b27ba68aa0bab64bc4c8f9e88aaacf5bc74d80601
8a255170935ba96644a0f7e53c60652300087d4a2799c274e94c1d6a4dba4767
8cb39ee2e75cd39e84fd60931d906431f35101b375b54b8524d699c3a6c50341
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
91d1bde942744d48fec9019c7b87b351f7a165e544d59fcbb4e43f3309be4ab9
93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
b0ef2d38cf8ce549261bdc5b889c4d3daed15564cd73a9ea88c603fca6bed49f
b25e1557bc6f9c8d9457ef7b0f0f7da1db62ab7128971f16dffff77efb411592
b30c526d6302c3791d908a45a1e3d9081b5979afb3b240f3597952d8baa872d7
b49a5d05ca41478b31f51cc2539a75937c3f921540aa90116a8f609e094d1811
b6d113a2a54337026f4e3253cb769600f754bfe3122ccd4d4cae1642abfe4ae1
b732bca54abb8c19181dad21d8323976fad3f16614b26e09be8b502ebc07d987
b76b53ee205ac89303aecdfe358d3fec6f952c066b57f190f2ef8728e7b972e9
b93ee922aef4b32a74bb69860099d2e7f7cba817fe6211af7bff9c54e4b769eb
be7a3620aed16001114ce273dbc335f61834f92aa58152b2cb7d56a1577d4d47
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c456f6c9217b828f668f4b0ce9f8ae07a72129f19d946106e9442dae7ff5ae71
c6624c409211922875235c5d6af8b75cc248e400a68d633efad4d5e1f1fafe18
c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5
cc8c10ead0e5c334043aac99d78221e7dec39abb3510c45e9ddee8bb2dcd5133
d201e290007b210a8f886b9c72091d1d1410e03a03c6346d75ee733dfaa0544d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd
dd30ebace50c302a53ecb462faca8422cfd87c5bbb1480cde7d685c1f517cd47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
effd6d38858ccb5be115f36d992b360a6f8fa07a6ac432c4171a6b49e1c30f7b
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5a7a05a543488f228e50c889218780c81d47197955218934dc3d980f23d0ac8
fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

www.backtorootshealth.com Open in urlscan Pro 92.205.18.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

98 %HTTPS

71 %IPv6

26 Domains

37 Subdomains

29 IPs

4 Countries

11033 kBTransfer

14995 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.backtorootshealth.com Open in urlscan Pro
92.205.18.172 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

98 %
HTTPS

71 %
IPv6

26
Domains

37
Subdomains

29
IPs

4
Countries

11033 kB
Transfer

14995 kB
Size

14
Cookies

119 HTTP transactions
0 data transactions