urlscan.io logo urlscan.io
SecurityTrails logo

pages.upwellness.com Open in urlscan Pro
104.18.34.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85?offer=mw34ttp_AM-11-05-24-Inflammation-Quiz-01-Well-Daily&s...
Effective URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&A...
Submission: On November 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 8 countries across 31 domains to perform 115 HTTP transactions. The main IP is 104.18.34.21, located in and belongs to CLOUDFLARENET, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by E5 on October 20th 2024. Valid for: 3 months.
This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2600:9000:249... 16509 (AMAZON-02)
1 1 34.107.190.195 396982 (GOOGLE-CL...)
1 1 34.250.254.121 16509 (AMAZON-02)
4 104.18.34.21 13335 (CLOUDFLAR...)
3 13.224.189.28 16509 (AMAZON-02)
1 3.93.168.254 14618 (AMAZON-AES)
1 104.18.39.181 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 157.240.251.9 32934 (FACEBOOK)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
3 2a00:1288:80:... 203220 (YAHOO-DEB...)
4 151.101.129.44 54113 (FASTLY)
3 184.28.89.148 16625 (AKAMAI-AS)
2 18.246.130.178 16509 (AMAZON-02)
1 18.66.147.37 16509 (AMAZON-02)
1 3.164.163.114 16509 (AMAZON-02)
8 2.18.64.15 20940 (AKAMAI-AS...)
6 2620:1ec:33:1... 8075 (MICROSOFT...)
3 3.160.156.21 16509 (AMAZON-02)
6 13.32.99.67 16509 (AMAZON-02)
1 108.138.26.31 16509 (AMAZON-02)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
2 64.202.112.95 23352 (SERVERCEN...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.196.96.89 14618 (AMAZON-AES)
10 157.240.251.35 32934 (FACEBOOK)
2 142.250.184.232 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 18.66.137.164 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 54.171.122.26 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 52.25.78.242 16509 (AMAZON-02)
4 2.19.224.184 16625 (AKAMAI-AS)
1 3.164.163.39 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.175.234.12 8075 (MICROSOFT...)
2 35.214.168.80 19527 (GOOGLE-2)
8 141.226.228.48 200478 (TABOOLA-A...)
1 23.23.204.175 14618 (AMAZON-AES)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 74.119.117.16 19750 (AS-CRITEO)
115 43
2    2600:9000:2490:aa00:18:8903:5200:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.garagewarriorelite.com
1    34.107.190.195 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.190.107.34.bc.googleusercontent.com
www.wm74trk.com
1    34.250.254.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-254-121.eu-west-1.compute.amazonaws.com
go.healthww.com
4    104.18.34.21 (None, )

ASN13335 (CLOUDFLARENET, US)
pages.upwellness.com
3    13.224.189.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-28.fra2.r.cloudfront.net
builder-assets.unbounce.com
1    3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com
live.upwellness.com
1    104.18.39.181 (None, )

ASN13335 (CLOUDFLARENET, US)
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1    2600:9000:225e:9a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
6    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dynamic.criteo.com
2    2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
3    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
2    2a02:26f0:3500:894::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
s.pinimg.com
3    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
s.yimg.com
4    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
psb.taboola.com
trc.taboola.com
3    184.28.89.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-148.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
2    18.246.130.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-246-130-178.us-west-2.compute.amazonaws.com
ads.nextdoor.com
flask.nextdoor.com
1    18.66.147.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-37.fra60.r.cloudfront.net
static.newsbreak.com
1    3.164.163.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-163-114.cdg55.r.cloudfront.net
cdn.mediago.io
8    2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com
analytics.tiktok.com
6    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    3.160.156.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-21.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
6    13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net
fonts.ub-assets.com
1    108.138.26.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-31.fra56.r.cloudfront.net
assets.ubembed.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
2    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1f18:730:b130:e295:f5cc:7bc1:19c0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.196.96.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-96-89.compute-1.amazonaws.com
rp4.liadm.com
10    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
2    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.137.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-164.fra60.r.cloudfront.net
cdn.js.customerlabs.co
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    54.171.122.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-122-26.eu-west-1.compute.amazonaws.com
sp.analytics.yahoo.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    52.25.78.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-78-242.us-west-2.compute.amazonaws.com
business.newsbreak.com
4    2.19.224.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-184.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    3.164.163.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-163-39.cdg55.r.cloudfront.net
cdn.mediago.io
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.net
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
2    35.214.168.80 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 80.168.214.35.bc.googleusercontent.com
gtrace.mediago.io
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
trc-events.taboola.com
1    23.23.204.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com
www.upwellness.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
sslwidget.criteo.com
1    74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
Apex Domain
Subdomains		 Transfer
12 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 934
psb.taboola.com — Cisco Umbrella Rank: 6026
trc.taboola.com — Cisco Umbrella Rank: 763
trc-events.taboola.com — Cisco Umbrella Rank: 2914
26 KB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
1 KB
8 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
241 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
682 KB
6 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 29996
95 KB
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
33 KB
6 upwellness.com
pages.upwellness.com
live.upwellness.com
store.upwellness.com Failed
www.upwellness.com
86 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3405
wave.outbrain.com — Cisco Umbrella Rank: 4277
tr.outbrain.com — Cisco Umbrella Rank: 3357
11 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 953
4 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
n.clarity.ms — Cisco Umbrella Rank: 8169
29 KB
4 mediago.io
cdn.mediago.io — Cisco Umbrella Rank: 5573
gtrace.mediago.io — Cisco Umbrella Rank: 3856
94 KB
4 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3682
gum.criteo.com — Cisco Umbrella Rank: 450
sslwidget.criteo.com — Cisco Umbrella Rank: 2375
widget.us.criteo.com — Cisco Umbrella Rank: 17327
24 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
22 KB
3 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
38 KB
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 768
8 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
92 KB
3 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3229
rp.liadm.com — Cisco Umbrella Rank: 966
rp4.liadm.com — Cisco Umbrella Rank: 5689
47 KB
3 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 25566
app.unbounce.com Failed
47 KB
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 8327
464 B
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1654
585 B
2 newsbreak.com
static.newsbreak.com — Cisco Umbrella Rank: 33594
business.newsbreak.com — Cisco Umbrella Rank: 15157
3 KB
2 nextdoor.com
ads.nextdoor.com — Cisco Umbrella Rank: 6827
flask.nextdoor.com — Cisco Umbrella Rank: 6736
4 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1065
25 KB
2 useproof.com
cdn.useproof.com — Cisco Umbrella Rank: 86035
487 KB
2 ubembed.com
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
assets.ubembed.com — Cisco Umbrella Rank: 12476
52 KB
2 garagewarriorelite.com
trk.garagewarriorelite.com
1 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
649 B
1 customerlabs.co
cdn.js.customerlabs.co — Cisco Umbrella Rank: 126832
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 healthww.com
go.healthww.com
2 KB
1 wm74trk.com
www.wm74trk.com
763 B
115 31
Domain Requested by
10 www.facebook.com pages.upwellness.com
8 trc-events.taboola.com cdn.taboola.com
8 analytics.tiktok.com pages.upwellness.com
analytics.tiktok.com
8 www.googletagmanager.com pages.upwellness.com
www.googletagmanager.com
6 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
6 bat.bing.com pages.upwellness.com
bat.bing.com
4 ct.pinterest.com s.pinimg.com
4 pages.upwellness.com pages.upwellness.com
3 d9hhrg4mnvzow.cloudfront.net pages.upwellness.com
3 s.yimg.com pages.upwellness.com
s.yimg.com
3 connect.facebook.net pages.upwellness.com
connect.facebook.net
3 builder-assets.unbounce.com pages.upwellness.com
2 gtrace.mediago.io cdn.mediago.io
2 n.clarity.ms www.clarity.ms
2 bat.bing.net bat.bing.com
pages.upwellness.com
2 sp.analytics.yahoo.com pages.upwellness.com
2 www.clarity.ms pages.upwellness.com
www.clarity.ms
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 trc.taboola.com cdn.taboola.com
2 tr.outbrain.com amplify.outbrain.com
2 cdn.mediago.io pages.upwellness.com
cdn.mediago.io
2 amplify.outbrain.com pages.upwellness.com
amplify.outbrain.com
2 s.pinimg.com pages.upwellness.com
s.pinimg.com
2 cdn.useproof.com pages.upwellness.com
cdn.useproof.com
2 trk.garagewarriorelite.com 2 redirects
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 www.upwellness.com
1 stats.g.doubleclick.net www.google-analytics.com
1 flask.nextdoor.com pages.upwellness.com
1 business.newsbreak.com static.newsbreak.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.js.customerlabs.co pages.upwellness.com
1 psb.taboola.com cdn.taboola.com
1 rp4.liadm.com pages.upwellness.com
1 rp.liadm.com 1 redirects
1 www.google.com www.googletagmanager.com
1 wave.outbrain.com amplify.outbrain.com
1 gum.criteo.com dynamic.criteo.com
1 assets.ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1 static.newsbreak.com pages.upwellness.com
1 ads.nextdoor.com pages.upwellness.com
1 cdn.taboola.com pages.upwellness.com
1 dynamic.criteo.com pages.upwellness.com
1 b-code.liadm.com pages.upwellness.com
1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com pages.upwellness.com
1 live.upwellness.com pages.upwellness.com
1 go.healthww.com 1 redirects
1 www.wm74trk.com 1 redirects
0 app.unbounce.com Failed pages.upwellness.com
0 store.upwellness.com Failed pages.upwellness.com
115 51

This site contains no links.

Subject Issuer Validity Valid
pages.upwellness.com
E5		 2024-10-20 -
2025-01-18		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M02		 2024-11-09 -
2025-12-07		 a year crt.sh
live.upwellness.com
E6		 2024-09-24 -
2024-12-23		 3 months crt.sh
*.js.ubembed.com
E6		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
useproof.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-10-31 -
2024-12-18		 2 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
nextdoor.com
Amazon RSA 2048 M02		 2024-10-14 -
2025-11-12		 a year crt.sh
newsbreak.com
Amazon RSA 2048 M02		 2024-05-25 -
2025-06-22		 a year crt.sh
*.mediago.io
Amazon RSA 2048 M03		 2024-07-07 -
2025-08-04		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M03		 2024-05-01 -
2025-05-31		 a year crt.sh
assets.ubembed.com
Amazon RSA 2048 M03		 2024-11-05 -
2025-12-04		 a year crt.sh
www.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cdn.js.customerlabs.co
Amazon RSA 2048 M03		 2024-01-05 -
2025-02-03		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-27 -
2025-04-25		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
upwellness.com
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Frame ID: 496C942DE343BD46287E048DFC5B7582
Requests: 107 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 068A9D9F8139019B29D537DA263BB458
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpages.upwellness.com
Frame ID: C1A3BE270789D049A1015858F79CFEAB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 6669651DA3BCEF13601E47BB326C3684
Requests: 1 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Frame ID: 7D53E48F686B95D01A5622013AD2EF71
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 65CB572B116956EE3F585E7E216F3A35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85?offer=mw34ttp_AM-11-05-24-Inflammation-... HTTP 307
    https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85/2?offer=mw34ttp_AM-11-05-24-Inflammatio... HTTP 302
    https://www.wm74trk.com/28KL6/42M8N1J/?sub1=&sub5=wrjh8f100s1o4ok53hd08c2m&sub3=2a01%3A4a0%3A1338%3A... HTTP 302
    https://go.healthww.com/aff_c?offer_id=77&aff_id=115&source=&aff_sub=&aff_sub2=&aff_sub3=2a01%3A4a0%... HTTP 302
    https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

94 %
HTTPS

34 %
IPv6

31
Domains

51
Subdomains

43
IPs

8
Countries

2151 kB
Transfer

5175 kB
Size

37
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85?offer=mw34ttp_AM-11-05-24-Inflammation-Quiz-01-Well-Daily&sub2=j*****@j********.com&from=Truth%20Teller%2**************@t***************.com&subject=The%20most%20anti-inflammatory%20food%20in%20the%20world&...%20326%20...nflammation-Quiz-01-Well-Daily HTTP 307
    https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85/2?offer=mw34ttp_AM-11-05-24-Inflammation-Quiz-01-Well-Daily&sub2=j*****@j********.com&from=Truth%20Teller%2**************@t***************.com&subject=The%20most%20anti-inflammatory%20food%20in%20the%20world&...%20326%20...nflammation-Quiz-01-Well-Daily HTTP 302
    https://www.wm74trk.com/28KL6/42M8N1J/?sub1=&sub5=wrjh8f100s1o4ok53hd08c2m&sub3=2a01%3A4a0%3A1338%3A93%3A%3A5 HTTP 302
    https://go.healthww.com/aff_c?offer_id=77&aff_id=115&source=&aff_sub=&aff_sub2=&aff_sub3=2a01%3A4a0%3A1338%3A93%3A%3A5&aff_sub4=&aff_sub5=51e3056615cc4683a257d14fbb2c4f08 HTTP 302
    https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://rp.liadm.com/j?dtstmp=1731716520326&aid=a-057g&se=e30&duid=f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe&tv=v3.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&wpn=lc-bundle&wpv=v3.5.0&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&pv=b76870d0-60ed-4fb4-a916-188465eebf9e HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1731716520326&aid=a-057g&se=e30&duid=f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe&tv=v3.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&wpn=lc-bundle&wpv=v3.5.0&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&pv=b76870d0-60ed-4fb4-a916-188465eebf9e&i6=MmEwMTo0YTA6MTMzODo5Mzo6NQ%3D%3D&n3pc=true
Request Chain 110
  • https://sslwidget.criteo.com/event?a=102531&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyRlpSQ0R3SUhoNHVrYUNGM3owU0tReHlZbTV0TlI5clBNRG5ieExSRXM2dWI1bnpycEhxNGdvQ3hQNVpodkxXUkdlZVg0TEtOV09qamVTWnZlbEY2R3VJakdEb0clMkZoWk8xVkZBJTNE&sc=%7B%22fbp%22%3A%22fb.1.1731716520379.8294176553561320%22%2C%22ttp%22%3A%22WFoqu3GyElNKmsbo8lx4DXn8i1P.tt.1%22%7D&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D10265de71a12ddb911da1cf727edf6%2526n%253Dtune%2526cid%253D115_%2526mid%253D115_%2526AFFID%253D477232%2526subid%253D115_%2526partner_id%253D115%2526advertiser%253D2%2526email%253D&ceid=e3bab0ed-cde8-4757-87fc-3a0fefd47b9d HTTP 302
  • https://widget.us.criteo.com/event?a=102531&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyRlpSQ0R3SUhoNHVrYUNGM3owU0tReHlZbTV0TlI5clBNRG5ieExSRXM2dWI1bnpycEhxNGdvQ3hQNVpodkxXUkdlZVg0TEtOV09qamVTWnZlbEY2R3VJakdEb0clMkZoWk8xVkZBJTNE&sc=%7B%22fbp%22%3A%22fb.1.1731716520379.8294176553561320%22%2C%22ttp%22%3A%22WFoqu3GyElNKmsbo8lx4DXn8i1P.tt.1%22%7D&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D10265de71a12ddb911da1cf727edf6%2526n%253Dtune%2526cid%253D115_%2526mid%253D115_%2526AFFID%253D477232%2526subid%253D115_%2526partner_id%253D115%2526advertiser%253D2%2526email%253D&ceid=e3bab0ed-cde8-4757-87fc-3a0fefd47b9d

115 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pages.upwellness.com/inflammation-quiz/
Redirect Chain
  • https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85?offer=mw34ttp_AM-11-05-24-Inflammation-Quiz-01-Well-Daily&sub2=j*****@j********.com&from=Truth%20Teller%2**************@t****...
  • https://trk.garagewarriorelite.com/64906e66-9be5-4321-b578-ae4c04f07d85/2?offer=mw34ttp_AM-11-05-24-Inflammation-Quiz-01-Well-Daily&sub2=j*****@j********.com&from=Truth%20Teller%2**************@t**...
  • https://www.wm74trk.com/28KL6/42M8N1J/?sub1=&sub5=wrjh8f100s1o4ok53hd08c2m&sub3=2a01%3A4a0%3A1338%3A93%3A%3A5
  • https://go.healthww.com/aff_c?offer_id=77&aff_id=115&source=&aff_sub=&aff_sub2=&aff_sub3=2a01%3A4a0%3A1338%3A93%3A%3A5&aff_sub4=&aff_sub5=51e3056615cc4683a257d14fbb2c4f08
  • https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
93 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96dffdcb00b4a59a6cdc977b431f2dfe96bf6fbc86b4d78ba579a906afb01956
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e3352f12c78e51a-TXL
content-encoding
gzip
content-length
20572
content-location
https://pages.upwellness.com/inflammation-quiz/
content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
date
Sat, 16 Nov 2024 00:21:58 GMT
etag
"cd:a9332450c7e5454ba6393716c6b4be14"
link
<https://pages.upwellness.com/inflammation-quiz/>; rel="canonical"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-content-type-options
nosniff
x-unbounce-pageid
ce51cc0b-0e94-443c-a27a-24c78d18f232
x-unbounce-variant
cd
x-unbounce-visitorid
a9332450-c7e5-454b-a639-3716c6b4be14

Redirect headers

Accept-Ch
Sec-Ch-Dpr, Dpr, Sec-Ch-Ua-Model
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
402
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 16 Nov 2024 00:21:58 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
10265de71a12ddb911da1cf727edf6
X-Request-Id
952a941ad8347358af20eb721db9033c
main-ebbfc5e.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.css
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-28.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
etag
"54bf75d03e588470d1a76cdbd7ab5c1d"
x-amz-version-id
utZr4xtDVNV4ci6RrOc0u53V1VtRvrrG
age
5016843
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
RScz3feIxK7zsKu6o-Yy7PkdFpq3hnvmu1VNhww15kSj1dWWUVkI3A==
date
Wed, 18 Sep 2024 22:47:57 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 21:13:25 GMT
cache-control
max-age=31536000
referrer-policy
no-referrer
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2944
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
jquery.min.js
live.upwellness.com/services/scripts/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.upwellness.com/services/scripts/jquery/jquery.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-168-254.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
etag
W/"63298c50-15d84"
x-content-type-options
nosniff
access-control-allow-origin
*
x-xss-protection
1; mode=block
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 20 Sep 2022 09:48:00 GMT
server
nginx
vary
Accept-Encoding
jquery-shims.bundle-c5922a7.z.js
builder-assets.unbounce.com/published-js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-c5922a7.z.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-28.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5922a7c5936ebfe3ce796d9dc70f6bef45ba6d102530c7550fffc3c5fa38659
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
etag
"72e26fe2c27c1f2dca0c6b4a351109cb"
x-amz-version-id
GrQNKqutDDxIXbEkQazJKjVaeWxGCm_K
age
5846468
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
xRRKb8B0DuTXwnVDeV8x1QJdo-c_k8z0YQTOjhb7-qLddaYAncfbSA==
date
Mon, 09 Sep 2024 08:20:52 GMT
content-type
application/javascript
last-modified
Fri, 30 Aug 2024 17:59:02 GMT
cache-control
max-age=31536000
referrer-policy
no-referrer
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2338
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
whiteupwellnesslogo.original.png
pages.upwellness.com/assets/81594b5f-6b51-47f0-a97d-5ae6182d1fab/ 		47 B
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.upwellness.com/assets/81594b5f-6b51-47f0-a97d-5ae6182d1fab/whiteupwellnesslogo.original.png?1559239426
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=

Response headers

content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8e3352f5bf4be51a-TXL
content-length
47
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
UCInvisibleLink
store.upwellness.com/cgi-bin/ 		0
0
UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 		0
0
786ffa188154a7a81202c5d108dc70f1e0214262.js
pages.upwellness.com/_ub/static/ts/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.upwellness.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870e33c07dfab900ffc54747f4d21e61f6557c9ddf22ffd892624ae522b824cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
Gs6AC.4YTqhBRS9cAYuxlXQ5U5YOYxx2
etag
W/"a29b73706e355af9cecf33791dd81c03"
age
1777431
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 00:21:59 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
s9XBJ6N7WTk1mghxZTRZH2OINqhKI55xdLp_W3omkXY4a9JRpWEwVg==
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 21:59:14 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
referrer-policy
no-referrer
via
1.1 fa7a1075749c09c30b0fba397683619e.cloudfront.net (CloudFront)
cf-ray
8e3352f5fff6e51a-TXL
x-amz-cf-pop
MRS53-P1
server
cloudflare
x-amz-server-side-encryption
AES256
/
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d470e83686d770c884ff37aa8257edfbcfa0a3294ee3b753fc062033944e4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
max-age=0, must-revalidate
content-encoding
br
cf-cache-status
HIT
etag
W/"0495c4ac091e37e9810c47fe9ce0e64bf85a2af6"
cf-ray
8e3352f77ecfe50b-TXL
access-control-allow-origin
*
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript
vary
Accept-Encoding, Referer
server
cloudflare
a-057g.min.js
b-code.liadm.com/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-057g.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
60c12debc7101a6e6df2910774e6008c021648458d8bdf9a9ebb45494d37bd84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
50634
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mIDWYviwcv_vZusz-sBoYxpZZPJlrBhA1YBZMEkWzmnxQIwjjZkNfw==
date
Fri, 15 Nov 2024 10:18:05 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P4
js
www.googletagmanager.com/gtag/ 		246 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-624541243
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90a8ca7e6dfa500a341c0b9e2fbda1c55dc558d29c668a4cc21de6295e1c68ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 00:21:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90301
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10838597190
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c146e2b9d9789d9f3276f7fc8a36ba5b3110dee67a7903ca6bebb14497c381a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 00:21:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94267
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-458254939
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d8c037cd98e4cdb64a6feb95e40ee44eb46f466823b264e708e826e4da9a8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 00:21:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103703
x-xss-protection
0
server
Google Tag Manager
ld.js
dynamic.criteo.com/js/ld/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=102531
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
336633128331e57083dfc6c2e8bae9986a5d4fb7d820beb708926ea92a13f090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public,max-age=10800
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
date
Sat, 16 Nov 2024 00:21:58 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
Kestrel
js
www.googletagmanager.com/gtag/ 		265 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-862759327
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24ae9c928eb47f386123477b0f00e6c2618c718721c4bf17b0187ff00fb8e971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 00:21:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95480
x-xss-protection
0
server
Google Tag Manager
main.bundle-ef43f79.z.js
builder-assets.unbounce.com/published-js/ 		138 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-ef43f79.z.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-28.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef43f79a4b7786a0bbaed0d9f169a48585838b4aad0d1e076fe8a2a92d16f07f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
etag
"59c747416fe6e8275df491b97242c673"
x-amz-version-id
q9wfXOSL2QRM8zmj2vWnPDqMxa.XqnJm
age
5016842
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
xhxumDMXdtK3SW65dAL_nIp329bd4YwB7iFz4_OOnyBIs8UxxRUFzA==
date
Wed, 18 Sep 2024 22:47:58 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 21:13:21 GMT
cache-control
max-age=31536000
referrer-policy
no-referrer
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
41618
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cf-cache-status
HIT
etag
"0426397a9b31146729ac86c5be8595d3"
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
age
1182920
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leEOU0OdCWz2wpmGNq%2FHnFM3SnB9UgDYuJ%2BW9rvdOtj0GFtJYU8AOkqtxpAE1R8nGS0%2F3q4KOD8SHYgrssNqj9uJVaTNhhxpPwRii8iskID%2BPiLQ1bRC9SCW0b%2BSmam%2BEMkeYU0m9R8R%2FuO09uJH"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=48692&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3948&recv_bytes=2166&delivery_rate=82669&cwnd=33&unsent_bytes=0&cid=f5ee36df029dd043&ts=180&x=0"
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
vary
Accept-Encoding
x-amz-id-2
VHPxWqY1uFuVx7ZflYcfzTAlRV+avf0yFsw07HTjOtOP8EfYOozddHCU+f8aG38yiiTxVU3Q2fdp1g+B4hsHjULyWFAN+D7k
cache-control
public, max-age=315360000, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
009HY6QHTC904506
cf-ray
8e3352f7b949bb1b-CDG
accept-ranges
bytes
content-length
497733
server
cloudflare
09831c99-07de-4dc3-836b-42710052b634
https://app.unbounce.com/ 		0
0
d8596aac-e7b5-4726-a8dd-4adaa0474581
https://app.unbounce.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NaIQsfOi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NaIQsfOi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4451, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
qwDBqV0VPneYmSKJUupejtk4Q7DDK7lIxafI1zLWguKVXSm7AXbszfmw2I2CVIJJvev/+EYsD0DNOYbgT+dRpQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"e5ea31abd058f03a816c43871945979e"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1879
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
ytc.js
s.yimg.com/wi/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
Software
ATS /
Resource Hash
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
etag
"bc033c3a83e1880e480086bf11ac0b0a-df"
x-amz-version-id
JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
age
2861
date
Fri, 15 Nov 2024 23:34:19 GMT
last-modified
Wed, 28 Aug 2024 12:33:10 GMT
vary
Origin, Accept-Encoding
x-amz-expiration
expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type
application/javascript
x-amz-id-2
OsAlxGYijcMrpG2Cknfy+oSjYrxsjnyhgCvt6yyHqVcQleZ95Fy2rWZJ8UeAry70h2zgv0rdcHw=
strict-transport-security
max-age=31536000
cache-control
public,max-age=3600
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
N8H7AG6J22SPYRFZ
accept-ranges
bytes
content-length
6826
server
ATS
x-amz-server-side-encryption
AES256
tfa.js
cdn.taboola.com/libtrc/unip/1225872/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff8b00585c51b50b9d7aa76ff232f0b8bd0c6c37f011e932ac713590e2651de8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
etag
"f7422457534eb4c47ccf06607b6bdfe8"
x-amz-version-id
Oymd3e9Y2F8JyGegnm3Il4MkTT8FgLd_
age
0
x-cache
HIT
date
Sat, 16 Nov 2024 00:21:59 GMT
last-modified
Sun, 10 Nov 2024 11:07:04 GMT
x-served-by
cache-fra-etou8220147-FRA
x-cache-hits
0
content-type
application/javascript; charset=utf-8
x-amz-id-2
K1UHDkuuhPvcPfbNGBf/vwsI7q1dHyEL7tZXpaVawuEtCFxmBBPbv1hh3MIaFbAorjOZKE/J6K0=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1731716520.759779,VS0,VE193
via
1.1 varnish
x-amz-request-id
HHD6WDQB3HXG8SAS
accept-ranges
bytes
access-control-allow-origin
*
abp
96
content-length
22037
server
AmazonS3
x-amz-server-side-encryption
AES256
obtp.js
amplify.outbrain.com/cp/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aaddae4cf259110e05bc9316a9563557ac1d6ab3534b25c74ca4ff986811a859

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

Cache-Control
max-age=1200
Content-Encoding
gzip
ETag
"42ffad564668bf8061aec37490452aea:1731511830.33127"
Connection
keep-alive
Expires
Sat, 16 Nov 2024 00:41:59 GMT
Accept-Ranges
bytes
X-CC
DE
Content-Length
9182
X-RG
EU
Date
Sat, 16 Nov 2024 00:21:59 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 13 Nov 2024 15:28:35 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
ndp.js
ads.nextdoor.com/public/pixel/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.nextdoor.com/public/pixel/ndp.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.130.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-130-178.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-security-policy
frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding
gzip
etag
W/"67366af2-1d89"
x-envoy-upstream-service-time
1
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 21:26:10 GMT
server
istio-envoy
vary
Accept-Encoding
nbpixel.js
static.newsbreak.com/business/tracking/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsbreak.com/business/tracking/nbpixel.js?t=1731801600000
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
x-amz-version-id
jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
etag
W/"7d6af9a6683da50918d44e9d35360ff8"
age
67986
access-control-allow-methods
GET, POST, PUT, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
d0O6oh2I6o0T6Btsyhg9rlrLtBTISNUK7Qh9SZBDO-WVZ3jSiTc1vA==
date
Fri, 15 Nov 2024 05:28:55 GMT
content-type
application/javascript
last-modified
Thu, 14 Oct 2021 07:49:18 GMT
vary
accept-encoding
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
server
AmazonS3
pixel.js
cdn.mediago.io/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/pixel.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.163.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-163-114.cdg55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21a7ed26f29fd7ce23bc5869fb734b5b5c00ce74b8383c3866579205c46476ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

vary
Origin
x-amz-version-id
32PAbNN28SApWAF7RPAQAmaROykBhr7M
etag
"e54d2393b5d73a8681658d31a7e41eb0"
age
53419
via
1.1 72084d252267d49b631f07ad379203a2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
94921
x-amz-cf-id
dD_LEN3fmviU861rojAiGiQHqaY2weBuCo7DlPDWrcobnT8yGTn3KQ==
date
Fri, 15 Nov 2024 09:31:42 GMT
content-type
text/javascript
last-modified
Fri, 25 Oct 2024 03:31:21 GMT
server
AmazonS3
x-amz-cf-pop
CDG55-P3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		327 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb061568e32a18b3e5bff4f8e05dd6147ac9da2ada913f6103e9103798e54803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 16 Nov 2024 00:21:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
113274
x-xss-protection
0
server
Google Tag Manager
events.js
analytics.tiktok.com/i18n/pixel/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ba53ea056c6259ae529fa4c71cb33bdf3aacface9b08d034df813d6f7387f5b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-213.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires
Sat, 16 Nov 2024 00:22:00 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=85, origin; dur=6, inner; dur=4
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
1a9da5da.1a664c52
x-tt-trace-host
01b8c9c93048c5f8ffbe6dd99099c4db8b21d7305f6f64f074b80f223a6217740f7a9c68945c26b986584b6feb36aba505215fc1528db8afb0615a822fbb5811d180227e1e18a19e9629b349078bd4b013d75404d8b6b7496ff77394bfac8c0011dcf26a3294255254272cc8966d0bcb2b
x-origin-response-time
6,23.220.104.213
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2411160022003C756D3B91679F865B43-7402889441928048-00
x-parent-response-time
91,2.20.179.90
x-tt-logid
202411160022003C756D3B91679F865B43
server
nginx
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 94B89BCCF12A4160A9CAFEE2E42B7B57 Ref B: FRA31EDGE0716 Ref C: 2024-11-16T00:22:00Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
9afba50c-getmyscore-button-red1_10p005k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/9afba50c-getmyscore-button-red1_10p005k000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c9d0c84e6f84aef2603a24c9ab75adbb776fc21b309ced0fb13aeb7339b55dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
max-age=31557600
x-amz-version-id
xc9306YTq32Z3kpaVazTT0VIsPBrTXjg
etag
"e83a0e5732d48dc3721e709019bff033"
age
9377609
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5231
x-amz-cf-id
XN-qtJKEWVqcOwqM3QFzA3krWXxhVSyn3S65S0tBpXJsuJ5Wu8lTMg==
date
Tue, 30 Jul 2024 11:28:32 GMT
content-type
image/png
last-modified
Wed, 24 Jul 2024 17:33:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
i
pages.upwellness.com/_ub/ 		2 B
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pages.upwellness.com/_ub/i
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=

Response headers

content-security-policy
default-src 'none'; style-src 'unsafe-inline'
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
referrer-policy
no-referrer
cf-ray
8e3352f7ac70e51a-TXL
access-control-allow-origin
https://pages.upwellness.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
00b1ff69-7dee-4c9b-8ff3-13f65cfb76b0
https://pages.upwellness.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://pages.upwellness.com/00b1ff69-7dee-4c9b-8ff3-13f65cfb76b0
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ef43f79.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
864f0c1802a7465b482adcd88aaf38cd752a29860a96e432cbc15e7164894d48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/css
Content-Length
5475
css
fonts.ub-assets.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ef43f79.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
/
Resource Hash
c8b06499674c9855a583b05135247cfd37d8aee22e3f8a4d6445a47763d9aede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
age
78458
x-content-type-options
nosniff
x-amzn-requestid
e4d1be63-0cf7-4db9-9c7d-15e70282e9fb
x-cache
Hit from cloudfront
x-amz-cf-id
CTRY3a-9lSlIK-rHcQqgOlM6VY5yq1oXma9agsDmMIF99o_zrDtQww==
date
Fri, 15 Nov 2024 02:34:22 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-amz-apigw-id
BRDvSGw7oAMEKbw=
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6736b32e-194ca6ec4269107514744025
referrer-policy
no-referrer
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
873
x-xss-protection
0
x-amz-cf-pop
FRA60-P3
5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
max-age=31557600
x-amz-version-id
Eq7D2Wkmj.b78D9YJAjLVcXSgh4Ol4eA
etag
"88263fec2db483b6e115f831a65022a9"
age
26488740
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2981
x-amz-cf-id
U-2lSn1zyafBrVLzQA1drHBzWyKaCGZvc1uN07uHFZu_Bm8XHwkEQw==
date
Sun, 14 Jan 2024 10:23:01 GMT
content-type
image/png
last-modified
Fri, 22 Dec 2023 14:22:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
30a741f8-inflammationvegetables-quiz-banner_10p0057000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/30a741f8-inflammationvegetables-quiz-banner_10p0057000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a9f847be3e5b5b41f4769b02cf322bd68e97e49f68fed677c42e89dab2b0738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
max-age=31557600
x-amz-version-id
aUIdgUQ6y5rChLa5qAtuW3U0..9UnffN
etag
"734e975528693b0c62176a7ec54f48b1"
age
5162046
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
29732
x-amz-cf-id
8lIxuOlmyW4edlRjbN4MI1GETizPomc_r9PpaQEV-Th_eqycssjU7w==
date
Tue, 17 Sep 2024 06:27:55 GMT
content-type
image/png
last-modified
Wed, 11 Sep 2024 18:05:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
146844809012010
connect.facebook.net/signals/config/ 		125 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/146844809012010?v=2.9.177&r=stable&domain=pages.upwellness.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
f2ee155213ccaa6ec62e91f3531df6daa0a852716f291acd3e8129aabe9929e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-eeHafn0R' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:21:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-eeHafn0R' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=75, mss=1232, tbw=70977, tp=67, tpl=0, uplat=85, ullat=0
pragma
public
x-fb-debug
/q0SMYSpMBkdQZgQsoWSzlorsiGHgKDw5wPFETUYC3Tf554LlgePXkl+E5gnyGFQ0bZKRp3C7YhvhWF5/6yqFQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
bundle.js
assets.ubembed.com/universalscript/releases/v0.183.0/ 		183 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"ce1f9daa5bfa548f0417f378eb40974e"
age
15143363
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
_jBxzmYU5u-7nUXJmNJ2fhr2Qe5Sylta-TitQ9hvC2pv2x2MbdXsKw==
date
Fri, 24 May 2024 17:52:38 GMT
content-type
application/javascript
last-modified
Fri, 24 May 2024 17:48:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
main.5aecc8b1.js
s.pinimg.com/ct/lib/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:894::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"f1f002e8782a3d0f44fde21e97f61203"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23676
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
syncframe
gum.criteo.com/ Frame 068A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Nov 2024 00:22:00 GMT
server
Kestrel
server-processing-duration-in-ticks
300094
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
10056129.json
s.yimg.com/wi/config/ 		46 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10056129.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
Software
ATS /
Resource Hash
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-amz-version-id
Cm8fk2oDAA_rGJPxs_56Gs4Gntvyf1Do
etag
"fc5f6676b4f2531b36b8c7120da6ecca"
age
0
access-control-allow-methods
GET
date
Sat, 16 Nov 2024 00:22:01 GMT
last-modified
Fri, 15 Nov 2024 21:57:25 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-expiration
expiry-date="Sun, 21 Dec 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type
application/json
x-amz-id-2
D/q1qFd3TyNW0Cz59VqJo/42wA3e/PWgq02n8j8IKCR8AEiXUaxAH2hs+EKF4Ws0IPgNCd3H58E=
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
ASRSV0SHZF3PBG2E
accept-ranges
bytes
access-control-allow-origin
*
content-length
46
server
ATS
x-amz-server-side-encryption
AES256
10175858.json
s.yimg.com/wi/config/ 		46 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10175858.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
Software
ATS /
Resource Hash
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-amz-version-id
e6IvnfkZC_z3l3Rz5ncIc9zWcna899W7
etag
"7ad716787c5ee7f50ab6806a8dfac76d"
age
0
access-control-allow-methods
GET
date
Sat, 16 Nov 2024 00:22:01 GMT
last-modified
Fri, 15 Nov 2024 21:57:25 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-expiration
expiry-date="Sun, 21 Dec 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type
application/json
x-amz-id-2
xh8w5R9H54/jmmK3bL++BtKhcV4DmrpeArLI0Xl5F3vAACyfnhT6fT5IKp0mLWZDOy/l2snu+Zo=
strict-transport-security
max-age=31536000
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
ASRKKTZ7PR71D9PG
accept-ranges
bytes
access-control-allow-origin
*
content-length
46
server
ATS
x-amz-server-side-encryption
AES256
00e83052a71a1dff3bc62d5d40765808fc
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00e83052a71a1dff3bc62d5d40765808fc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=60
ob-sent-time
1731672874444
Content-Encoding
gzip
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection
keep-alive
Expires
Sat, 16 Nov 2024 00:23:00 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
22
X-RG
EU
Date
Sat, 16 Nov 2024 00:22:00 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
x-traceid
8a4ff8e1f8bcddef86d0d382372d7c2e
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

Cache-Control
max-age=1200
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Sat, 16 Nov 2024 00:42:00 GMT
Access-Control-Allow-Origin
*
X-CC
DE
Content-Length
26
X-RG
EU
Date
Sat, 16 Nov 2024 00:22:00 GMT
Content-Type
text/html
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=045558115052609094&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&g=1&zone=euZone1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
54
content-encoding
br
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
image/gif;
x-traceid
35b65a9f988eaa8a11513d3242bf0601
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
39
content-encoding
br
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript
x-traceid
479fb91bb16ce86c221730a989ca91c1
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1170913747.1731716520&auid=171048275.1731716520&npa=1&gtm=45be4bc0v897602535za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&tft=1731716520200&tfd=2702&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1731716520326&aid=a-057g&se=e30&duid=f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe&tv=v3.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26ses...
  • https://rp4.liadm.com/j?dtstmp=1731716520326&aid=a-057g&se=e30&duid=f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe&tv=v3.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26se...
13 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1731716520326&aid=a-057g&se=e30&duid=f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe&tv=v3.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&wpn=lc-bundle&wpv=v3.5.0&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&pv=b76870d0-60ed-4fb4-a916-188465eebf9e&i6=MmEwMTo0YTA6MTMzODo5Mzo6NQ%3D%3D&n3pc=true
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Server
34.196.96.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-96-89.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-pixel-event-id
9c08ebf5-87ca-4adf-a751-9be4c44c764e
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
null
content-length
13
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
https://rp4.liadm.com/j?dtstmp=1731716520326&aid=a-057g&se=e30&duid=f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe&tv=v3.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&wpn=lc-bundle&wpv=v3.5.0&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&pv=b76870d0-60ed-4fb4-a916-188465eebf9e&i6=MmEwMTo0YTA6MTMzODo5Mzo6NQ%3D%3D&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://pages.upwellness.com
content-length
0
date
Sat, 16 Nov 2024 00:22:00 GMT
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame C1A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpages.upwellness.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
135407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 10:45:13 GMT
expires
Fri, 14 Nov 2025 10:45:13 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
324538643747781
connect.facebook.net/signals/config/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/324538643747781?v=2.9.177&r=stable&domain=pages.upwellness.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C197%2C126%2C127%2C146%2C173%2C159%2C118%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C153%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e8e92eddfa282de2d49faf17b2f91ed0ee54be9f8f9337ad002842db0fa46218
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sDO5Luiv' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sDO5Luiv' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=97, mss=1232, tbw=98401, tp=93, tpl=0, uplat=91, ullat=0
pragma
public
x-fb-debug
MKwK+bGBalWVu1xr6khTUiu0RXCn5SX5yt2YXH4e64+N470b9DdZMH0mI7SpsA/SHtKf5BA8DF9LXWvWEzGd9w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520390&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=841e9e&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=1355654581159947%2C5099504813492559%2C5004106406291751%2C6104708992987621%2C4951931724902068%2C4979757955454592%2C7298099740306772%2C5643656622317760%2C7534662599931337%2C5904481666325065%2C5025338760891793%2C7173054149488775%2C6569712949812882%2C5223985474331146%2C7631968633487734%2C4981186895293894%2C4944735675616943%2C4786239308168239%2C4014340612009242%2C4050026565117679%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4864, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=146844809012010&ev=ViewContent&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520390&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=841e9e&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=1355654581159947%2C5099504813492559%2C5004106406291751%2C6104708992987621%2C4951931724902068%2C4979757955454592%2C7298099740306772%2C5643656622317760%2C7534662599931337%2C5904481666325065%2C5025338760891793%2C7173054149488775%2C6569712949812882%2C5223985474331146%2C7631968633487734%2C4981186895293894%2C4944735675616943%2C4786239308168239%2C4014340612009242%2C4050026565117679%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241&rqm=FGET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437665820976077601"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa98d471520f70f12","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["2055072204596862"]},"debug_reporting":true,"debug_key":"1298583502221141135"}
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437665820976077601", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
Rx0cODvMBjMydbY5+zYwWDpQ6/Lk2v6CBakCk7Nx574l7l8Mw/LHr4TdYa3Ye8a6xdTZzubaOS6mfuAdRgP7Iw==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=24, mss=1232, tbw=10048, tp=31, tpl=0, uplat=193, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146844809012010&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520394&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=40e66a&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&ccs=239573126551046&cas=1355654581159947%2C4014340612009242%2C4050026565117679%2C6117006708331244%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241%2C1618244521586808%2C1408964462523217&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=5056, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=146844809012010&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520394&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=40e66a&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&ccs=239573126551046&cas=1355654581159947%2C4014340612009242%2C4050026565117679%2C6117006708331244%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241%2C1618244521586808%2C1408964462523217&rqm=FGET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437665824756470113"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9128d22b81fb1815","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1346344995402814"]},"debug_reporting":true,"debug_key":"2612279758158273341"}
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
p/Zvhqzrf07SWSPzJWPzGCgZ/gs7f5mVoE+PyD5u/P5SyH1/R+YXUZSskPp8abkyBfvgHjmKDBLmJFhsLsVT/A==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437665824756470113", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=29, mss=1232, tbw=12400, tp=36, tpl=0, uplat=305, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520397&sw=1600&sh=1200&v=2.9.177&r=stable&ec=2&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=2ca15e&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=1355654581159947%2C4014340612009242%2C4050026565117679%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4544, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=146844809012010&ev=LPVisit_InflQuiz&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520397&sw=1600&sh=1200&v=2.9.177&r=stable&ec=2&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=2ca15e&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=1355654581159947%2C4014340612009242%2C4050026565117679%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241&rqm=FGET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437665825549919646"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
k9TzkRmvNuHe2Mgr0KUH0VABDTulv0xyrMpL29Gper8mVzZcPGUocMvMuf5rQpJkYdDaYHOqQW+r5yNUIrJPjQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437665825549919646", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=29, mss=1232, tbw=11520, tp=35, tpl=0, uplat=284, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1731716521.990422,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-fra-etou8220078-FRA
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1225872/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1225872/trc/3/json?tim=1731716520416&data=%7B%22id%22%3A543%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731716520400%2C%22cv%22%3A%2220241107-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731716520414%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22tos%22%3A10%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e9e0d2c90802e19eaefa3de39bf865ccba5dbdca361ae3ef862724aeb25baf79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220147-FRA
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
7293
x-timer
S1731716521.005026,VS0,VE26
x-vcl-time-ms
26
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.28825
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
index.html
cdn.useproof.com/proxy/ Frame 6669 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, no-transform, public
cf-cache-status
DYNAMIC
cf-ray
8e3352fff86f2c3e-FRA
content-length
325
content-type
text/html
date
Sat, 16 Nov 2024 00:22:01 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FiYxC9HqZEMw%2F2656IygYgSix5JdvxipGJG60GQcFygTYT8AbNhijW%2B84UPWs7xhEP55NVFjGAR1IbUmUFDUP0vHZ2uXvkR%2Bj0WkFV4jjWyeVRAYrjRXOKjAwvENtQpvRzzeODh4E0jUCEsz2iQs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=37528&sent=7&recv=13&lost=0&retrans=0&sent_bytes=3949&recv_bytes=2314&delivery_rate=104681&cwnd=254&unsent_bytes=0&cid=77ed5aa5388528ff&ts=352&x=0"
x-amz-id-2
qWxxuQMbF4CyAxTOTci9kFY3b6jgZqiWGJ75xNBz1qxhm6xslE+HbL6wjkDVIztJASymHDE/74vGo4aggjP3qjYn2W26qBR9
x-amz-request-id
D5BXMEVM6DGQCF59
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c&gtm=45He4be0h2v79737984za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
676ce1e7dfd465520b89cf7d12b58743c365cdd2c2b93b9c251bbb4d52d502e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 00:22:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109659
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
age
6037
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 00:41:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 22:41:24 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		246 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-675938688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0315dc20f9ec6b6b59fac0666aca6a99bcc769b81c866e0ba48abb333d1c8a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 00:22:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90340
x-xss-protection
0
server
Google Tag Manager
cl4975ot4arrr6.js
cdn.js.customerlabs.co/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-164.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pages.upwellness.com
Referer
https://pages.upwellness.com/

Response headers

x-amz-cf-id
H0TTAdnR12MXvxVG9fHaF8ZaTQ1i2xsoMM_bo0Pjc8BO7AVzZXS0_A==
access-control-expose-headers
ETag, x-amz-meta-custom-header, Content-Length
access-control-allow-methods
HEAD, GET, PUT, POST, DELETE
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/xml
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
server
AmazonS3
x-amz-cf-pop
FRA60-P4
jz7ox0tvgu
www.clarity.ms/tag/ 		717 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca7b16610338e61384dcee02bc411cb30089a5e86263cfcf3b29f8c1e451fc91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
717
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/x-javascript
x-azure-ref
20241116T002201Z-16fcd4b77c5qwfsvhC1FRAparn00000003800000000056t9
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS7B9A3C77UB15DAGIK0&lib=ttq
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d60eb29c621b871831896e2b683a045849abeab8ee1b35dc556e080f5f587abb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a104-78-78-110.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires
Sat, 16 Nov 2024 00:22:01 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=19, inner; dur=3
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
9562258.1a664dd8
x-tt-trace-host
01b8c9c93048c5f8ffbe6dd99099c4db8bbcf5a240664997f23e0bcf563476a85c3871deaff91e9591684a4d87e02c8eb0a91209b1a129358c1d4b1ab977a078a3e4729db0ec4b29c7435128caed688a3a28d3642b9ab85e76316fc5e0c42a6836a56180bb070c2d3bc500dfc3f2503618
x-origin-response-time
19,104.78.78.110
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24111600220149C2BD248860E2787A34-2243E2535AC7C824-00
content-length
2185
x-parent-response-time
105,2.20.179.90
x-tt-logid
2024111600220149C2BD248860E2787A34
server
nginx
sp.pl
sp.analytics.yahoo.com/ 		43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2016%20Nov%202024%2000%3A22%3A00%20GMT&n=-1&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&enc=UTF-8&yv=1.16.5&tagmgr=gtm
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-122-26.eu-west-1.compute.amazonaws.com
Software
ATS/9.1.10.144 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control
no-cache, no-store, private, must-revalidate
pragma
no-cache
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires
Sat, 16 Nov 2024 00:22:01 GMT
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/gif
server
ATS/9.1.10.144
x-frame-options
DENY
sp.pl
sp.analytics.yahoo.com/ 		43 B
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&enc=UTF-8&yv=1.16.5&tagmgr=gtm
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-122-26.eu-west-1.compute.amazonaws.com
Software
ATS/9.1.10.144 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control
no-cache, no-store, private, must-revalidate
pragma
no-cache
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options
nosniff
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires
Sat, 16 Nov 2024 00:22:01 GMT
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/gif
server
ATS/9.1.10.144
x-frame-options
DENY
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=146844809012010&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520835&sw=1600&sh=1200&v=2.9.177&r=stable&ec=3&o=12316&fbp=fb.1.1731716520379.8294176553561320&cs_est=true&pm=1&hrl=a07008&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=1355654581159947%2C7949062495127731%2C7392459307497114%2C7402029816531918%2C4014340612009242%2C3867984929921948%2C4050026565117679%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=24, mss=1232, tbw=5488, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=146844809012010&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520835&sw=1600&sh=1200&v=2.9.177&r=stable&ec=3&o=12316&fbp=fb.1.1731716520379.8294176553561320&cs_est=true&pm=1&hrl=a07008&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=1355654581159947%2C7949062495127731%2C7392459307497114%2C7402029816531918%2C4014340612009242%2C3867984929921948%2C4050026565117679%2C2234055886701037%2C3252997808076066%2C2158381524262451%2C3211051355632648%2C2627169220711968%2C2422847094507952%2C2662900203789006%2C2849409418466308%2C2653893998018468%2C2263098700449147%2C2238577099544380%2C5215605095128523%2C2071570606290632%2C2130822833643971%2C2296775563668241&rqm=FGET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437665824307582086"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
32ANI0VyYQPVjN4vKLVAXjRLK8u1H8GuNLcSVqxyWtJtlMgSQIATK0IFSOLfHHaE8cV2dbri4/0cYgYwPa5NzA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437665824307582086", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=24, mss=1232, tbw=9104, tp=30, tpl=0, uplat=90, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=324538643747781&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520838&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=d15831&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=8897239170293384%2C7454538181309505&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=24, mss=1232, tbw=5680, tp=24, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=324538643747781&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com&rl=&if=false&ts=1731716520838&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12316&fbp=fb.1.1731716520379.8294176553561320&pm=1&hrl=d15831&ler=empty&cdl=API_unavailable&it=1731716519741&coo=false&cs_cc=1&cas=8897239170293384%2C7454538181309505&rqm=FGET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437665824412306870"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
fiBcdpU1NGF5SnNEzQB3Xu38o31MpgO+QRCFn5g9CIVaPC537Osxy7uSRq/0JkXn32r80VSINrl8El9nt1lwbQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437665824412306870", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=24, mss=1232, tbw=5920, tp=27, tpl=0, uplat=90, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pages.upwellness.com
Referer

Response headers

x-amzn-remapped-content-length
23580
content-encoding
gzip
age
5188075
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-amzn-requestid
0d735508-0022-41b6-8040-ce8e50df6586
x-cache
Hit from cloudfront
x-amz-cf-id
SrrSPHQBx1erB5Wo68T43lGOnHZQ3f8WANs7T8U0U3cLy4t2toFOeA==
date
Mon, 16 Sep 2024 23:14:06 GMT
content-type
font/woff2
last-modified
Tue, 02 May 2023 15:17:22 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amz-apigw-id
eOJF3FpvIAMEIgA=
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66e8bbbe-0ac87f3531177d8f72885887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
referrer-policy
no-referrer
access-control-allow-origin
*
content-length
23578
x-xss-protection
0
x-amz-cf-pop
FRA60-P3
TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v53/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
/
Resource Hash
933bd878ffa4710f751ebb3f6cbc7a5f24713e5fede41454914cff3a1d81a949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pages.upwellness.com
Referer

Response headers

x-amzn-remapped-content-length
12548
content-encoding
gzip
age
28697248
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-amzn-requestid
cfa59b3a-00d4-439c-8396-eaf2203651c5
x-cache
Hit from cloudfront
x-amz-cf-id
RZS-6LtdruULLh77esW7ffl7xp9Vm4H8Vm61_7REtDI52Q2bTpNG-Q==
date
Tue, 19 Dec 2023 20:54:33 GMT
content-type
font/woff2
last-modified
Tue, 15 Aug 2023 18:44:10 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amz-apigw-id
QNVplHkqIAMEm1g=
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-65820309-52913c0d6d3fd41b3ccb6e29
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
referrer-policy
no-referrer
access-control-allow-origin
*
content-length
12567
x-xss-protection
0
x-amz-cf-pop
FRA60-P3
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
/
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pages.upwellness.com
Referer

Response headers

x-amzn-remapped-content-length
18492
content-encoding
gzip
age
2009761
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-amzn-requestid
6375c55e-2558-4c89-a11e-bbff9f155fb5
x-cache
Hit from cloudfront
x-amz-cf-id
cQEaDfwuI8apVImWTfCtr88AX_DExJ-dmZV4-hZjwOj9b-dnSVIqYA==
date
Wed, 23 Oct 2024 18:06:00 GMT
content-type
font/woff2
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amz-apigw-id
AHYpbHUMoAMEYiA=
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67193b08-1ad18e7827767d395bace2b8
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
referrer-policy
no-referrer
access-control-allow-origin
*
content-length
18520
x-xss-protection
0
x-amz-cf-pop
FRA60-P3
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
/
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pages.upwellness.com
Referer

Response headers

x-amzn-remapped-content-length
18536
content-encoding
gzip
age
5009744
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-amzn-requestid
eeb3bb40-c9f9-4afa-bee8-94df16acaf01
x-cache
Hit from cloudfront
x-amz-cf-id
pz-5-AhRSi2Gp80paMOkYRNqVagwjlej4CpBRiIkrLEx9iEHf3VK9g==
date
Thu, 19 Sep 2024 00:46:17 GMT
content-type
font/woff2
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amz-apigw-id
eU8eAFlKIAMEjwQ=
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66eb7459-550df5bb3c831b6806649775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
referrer-policy
no-referrer
access-control-allow-origin
*
content-length
18564
x-xss-protection
0
x-amz-cf-pop
FRA60-P3
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-67.fra60.r.cloudfront.net
Software
/
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pages.upwellness.com
Referer

Response headers

x-amzn-remapped-content-length
18596
content-encoding
gzip
age
3024830
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-amzn-requestid
56d8fa6d-04ff-40c6-ac25-b79ab5ec92a0
x-cache
Hit from cloudfront
x-amz-cf-id
NOj4Kteyy2sGNSzP5alnT96cjvG__B7L82MLghUl84IUNG2AybkgRQ==
date
Sat, 12 Oct 2024 00:08:11 GMT
content-type
font/woff2
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amz-apigw-id
fgqc1FoKIAMEWpA=
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-6709bdeb-3def94601319aaa9143d360b
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
referrer-policy
no-referrer
access-control-allow-origin
*
content-length
18624
x-xss-protection
0
x-amz-cf-pop
FRA60-P3
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E56T163DF6&gtm=45je4bc0v9126958639z879737984za200zb79737984&_p=1731716519361&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=462890981.1731716521&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731716521&sct=1&seg=0&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3596
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c&gtm=45He4be0h2v79737984za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pages.upwellness.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
text/plain
server
Golfe2
pixel.gif
business.newsbreak.com/tracking/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-85xe8w6x-m3jfazdv&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&rl=&ts=1731716519362&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20130&md=false&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&tz=-60&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by
Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1731801600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.25.78.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-78-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers
27015508.js
bat.bing.com/p/action/ 		2 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27015508.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ed2b02cc6fee478120d3e35ebef642a78bb6120d1da32072a66cdbf25d801952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9C4D8A663D3347FD9F138ACF7F9B1B32 Ref B: FRA31EDGE0716 Ref C: 2024-11-16T00:22:01Z
x-cache
CONFIG_NOCACHE
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
ct.pinterest.com/user/ 		320 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1731716521137&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
d65cce48e35a6952b939465c71802b0e
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=600
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
2
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU1qSmxPVEptTlRJdE1qVmpZeTAwWldZd0xXRTVZell0TkdSaU5UVmpaVEZsTlRGaQ
pinterest-version
6afcf50d94c745d2a02fc22131da1428f50a360e
access-control-allow-origin
https://pages.upwellness.com
content-length
186
akamai-grn
0.10d53e17.1731716521.4e3bfe9
x-pinterest-rid
1334677633354433
val.html
cdn.mediago.io/js/h/ Frame 7D53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.163.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-163-39.cdg55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
43446
content-length
9619
content-type
text/html
date
Fri, 15 Nov 2024 13:56:12 GMT
etag
"b19d57b1d930ffeb6ce750fad83fe7fe"
last-modified
Wed, 19 Jun 2024 07:00:32 GMT
server
AmazonS3
vary
Origin
via
1.1 1fa1875b2f656fdf295eee39e2e48938.cloudfront.net (CloudFront)
x-amz-cf-id
Gcfwfg4bA56dA9k0Kah2MJJlt5RseBrz6k51hMw99n3_8MvoVY5Ifw==
x-amz-cf-pop
CDG55-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
Oaanq82uoPsdCaYCvkBaR3PJCyZ8RQO_
x-cache
Hit from cloudfront
main.MWFhYzI4NzhlMw.js
analytics.tiktok.com/i18n/pixel/static/ 		351 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMw.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9833ad81e6fe79a92c0138c1f91ec97f981fd3ff42f089fe41fcb2a9dbdafc93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-tt-trace-id
00-2411150503432C8F7449C18D261585E7-4ABE22007608A1F1-00
content-length
98462
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150503432C8F7449C18D261585E7
server
nginx
x-akamai-request-id
1a664f49
x-tt-trace-host
01b8c7c07559fd7a3430035dafd95c822c7a19ebf2127882f70e9ff650138b78eb5ab48750afbf4d3d3969e9588ee210c853d8635a5d428c5de871d7968d09086b7b43e234e01b72dbe842697d779b7f84cc21238336c71ef9bdd3f636794db182
json
trc.taboola.com/1523626/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1523626/trc/3/json?tim=1731716521230&data=%7B%22id%22%3A293%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731716520400%2C%22cv%22%3A%2220241107-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731716520418%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22tos%22%3A13%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10158bd7bc73dbdb07a40e1c14539469cf74c38e5f3074eaf0918ec3a8ba48fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220147-FRA
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
7308
x-timer
S1731716521.251262,VS0,VE20
x-vcl-time-ms
20
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.08775
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
pixel
flask.nextdoor.com/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&vrs=8.4&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=6e67bba7-7c39-48ed-9dbb-e5480efa783b&pageid=b6666491-f03a-47ac-9f47-d0e6794ced18&sessionid=94dfccdc-6347-4cf4-a824-02b780b43708&cd=%7B%7D
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.246.130.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-246-130-178.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

context-id
cc998ec7-6638-48bd-8351-96e5311a85a2
date
Sat, 16 Nov 2024 00:22:01 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
/
ct.pinterest.com/v3/ 		35 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%225aecc8b1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1731716521236
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-pinterest-rid-128bit
2ae679898cdca7894b65dacead2346f7
expires
Sat, 01 Jan 2000 00:00:00 GMT
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
image/gif
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
3
x-cdn
akamai
access-control-allow-credentials
true
referrer-policy
origin
pinterest-version
6afcf50d94c745d2a02fc22131da1428f50a360e
access-control-allow-origin
https://pages.upwellness.com
content-length
35
akamai-grn
0.10d53e17.1731716521.4e3bfec
x-pinterest-rid
5432989106695259
main.MWFhYzI4NzhlMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		349 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS7B9A3C77UB15DAGIK0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c19d35d3ab541478af2ee769d2a306f12cd47c94ecfb3dbc5c319218cf6d369b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=19
x-tt-trace-id
00-241115050233BEB4A132205DF51C97D0-3E7A78E567BE1AD2-00
content-length
98114
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20241115050233BEB4A132205DF51C97D0
server
nginx
x-akamai-request-id
1a664f6f
x-tt-trace-host
018da2afa453821b4298e998225089b0daa6890aec0793a9687d106e311ed3cfd20bf7858b1bb02e8182987fedb0d2d2ea364c28126444b5d82f8babde77405d7d8d26880e45dbe0104b9d52c7c0deaf93563ea23a890201038779bc5f4ebd7841
0
bat.bing.net/actionp/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=27015508&Ver=2&mid=5d6184d8-d566-442d-9280-4f08c1bc2392&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E551D3C2F66545A4968501BC00D4FFE0 Ref B: FRA31EDGE0220 Ref C: 2024-11-16T00:22:01Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 16 Nov 2024 00:22:01 GMT
27015508
bat.bing.com/p/insights/t/ 		764 B
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/t/27015508
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/27015508.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55113aceabaad9f3f4e4a0096f394ffcade37847a527280deba40f1f526b9e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7A5FD1D8A00241CB836656E0921423D0 Ref B: FRA31EDGE0716 Ref C: 2024-11-16T00:22:01Z
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
637
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
x-azure-ref
20241116T002201Z-r17f8fcd848g2z7j71a88pr87400000003e00000000054z3
0
bat.bing.net/action/ 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=27015508&Ver=2&mid=5d6184d8-d566-442d-9280-4f08c1bc2392&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&r=&lt=1993&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=471330
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3899FEF2E73C436BBB239ABA739F9D91 Ref B: FRA31EDGE0220 Ref C: 2024-11-16T00:22:01Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 16 Nov 2024 00:22:01 GMT
collect
www.google-analytics.com/j/ 		3 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=422787405&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1128997202&gjid=654364457&cid=462890981.1731716521&tid=UA-28307243-3&_gid=121892795.1731716521&_slc=1&gtm=45He4be0h2n81M3S986Pv79737984za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&npa=1&z=1876492687
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://pages.upwellness.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:22:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://pages.upwellness.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28307243-3&cid=462890981.1731716521&jid=1128997202&gjid=654364457&_gid=121892795.1731716521&npa=1&_u=YCDAiEABBAAAAGAAI~&z=951874233
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://pages.upwellness.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 00:22:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://pages.upwellness.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2411150502336335CB71727E1B0F9A9E-3A4C2EB625C2735C-00
content-length
39512
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150502336335CB71727E1B0F9A9E
server
nginx
x-akamai-request-id
1a665085
x-tt-trace-host
018da2afa453821b4298e998225089b0daa6890aec0793a9687d106e311ed3cfd2e8cad26c7a78d97db85dc248aeb49157eed1a2359186d4810439cc577c4561296e6a18e06372eaf46885cf3f3eeb7c3ce6a88ac3a91f21a709bfb6420463c7bd
pixel
analytics.tiktok.com/api/v2/ 		0
873 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pages.upwellness.com/

Response headers

x-cache-remote
TCP_MISS from a104-78-78-109.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 16 Nov 2024 00:22:01 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=42, inner; dur=38
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Sat, 16 Nov 2024 00:22:01 GMT
x-akamai-request-id
d24c7a5.1a6650ab
access-control-allow-headers
Authorization,*
x-tt-trace-host
01b8c9c93048c5f8ffbe6dd99099c4db8bbcf5a240664997f23e0bcf563476a85c94b36376c4c6dade5c040066c68c393680c39964599121c395e2b4f2aca08fbf20286ed2771c206da43caaa67b56526053d35b1e813a3896afc604109c64e7ec24947bb604631e0669616c52d384ff44
x-origin-response-time
43,104.78.78.109
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241116002201F3A3E8442AEDD583F68E-24E01C4F3067B9D4-00
content-length
0
x-parent-response-time
126,2.20.179.90
x-tt-logid
20241116002201F3A3E8442AEDD583F68E
server
nginx
pixel
analytics.tiktok.com/api/v2/ 		0
870 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pages.upwellness.com/

Response headers

x-cache-remote
TCP_MISS from a104-78-78-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 16 Nov 2024 00:22:01 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=50, inner; dur=31
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Sat, 16 Nov 2024 00:22:01 GMT
x-akamai-request-id
11a983af.1a6650ac
access-control-allow-headers
Authorization,*
x-tt-trace-host
01b8c9c93048c5f8ffbe6dd99099c4db8bbcf5a240664997f23e0bcf563476a85c4273782e9a8744fe2f1f2188cedb41a421cfecacda828bb8c262ab6e9edfd0136bd1a512eaec5a944c043b5c42e7cc802523d6f4a61ce83a50f030084b6b69fc99ff90cdc48c38a0ee9ee12531ee01ec
x-origin-response-time
51,104.78.78.103
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241116002201348DA6A365C87B7D32F4-137A35446A5C603B-00
content-length
0
x-parent-response-time
141,2.20.179.90
x-tt-logid
20241116002201348DA6A365C87B7D32F4
server
nginx
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-azure-ref
20241116T002201Z-16fcd4b77c5qwfsvhC1FRAparn00000003800000000056u7
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
b8efeb3d-101e-0065-3714-36809f000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
0.7.56
bat.bing.com/p/insights/s/ 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/s/0.7.56
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/27015508
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
d774b2e366f7646b50c74578d4ce3218cedba5898a2e53e874dd7cbc06d31a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

content-encoding
br
x-ms-version
2018-03-28
etag
W/"0x8DD041B34A8C649"
x-fd-int-roxy-purgeid
79034942
x-cache
CONFIG_NOCACHE
date
Sat, 16 Nov 2024 00:22:00 GMT
content-type
application/javascript;charset=utf-8
last-modified
Wed, 13 Nov 2024 19:41:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C4E4F8F6098148D296C3CA252CF85F92 Ref B: FRA31EDGE0716 Ref C: 2024-11-16T00:22:01Z
x-ms-request-id
e33c2085-801e-0067-488e-363e27000000
access-control-allow-origin
*
content-length
15751
x-azure-ref
20241116T002201Z-15f564dc449jrwnghC1DB1pgbc00000002m0000000004fgy
x-powered-by
ARR/3.0
n
bat.bing.com/p/insights/c/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/c/n
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.56
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0C50E298E0C04B89BEB41B8F85CF130F Ref B: FRA31EDGE0716 Ref C: 2024-11-16T00:22:01Z
access-control-allow-credentials
true
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
access-control-allow-origin
https://pages.upwellness.com
x-cache
CONFIG_NOCACHE
date
Sat, 16 Nov 2024 00:22:01 GMT
vary
Origin
act
analytics.tiktok.com/api/v2/pixel/ 		0
872 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pages.upwellness.com/

Response headers

x-cache-remote
TCP_MISS from a104-78-78-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 16 Nov 2024 00:22:01 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=51, inner; dur=47
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Sat, 16 Nov 2024 00:22:01 GMT
x-akamai-request-id
11a98674.1a665256
access-control-allow-headers
Authorization,*
x-tt-trace-host
01b8c9c93048c5f8ffbe6dd99099c4db8bbcf5a240664997f23e0bcf563476a85c4273782e9a8744fe2f1f2188cedb41a488145fb97a2510c90bbec335a84baf0d7b11ea8a7d07b8512037b7320cce488417a1b24e971dc96e590ed21be15b0cf41643a8ef844689d6762c22bf40708f7f
x-origin-response-time
51,104.78.78.103
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241116002201EEBD970AA29574D23A65-61828C06515DD581-00
content-length
0
x-parent-response-time
144,2.20.179.90
x-tt-logid
20241116002201EEBD970AA29574D23A65
server
nginx
collect
n.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://pages.upwellness.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://pages.upwellness.com
Date
Sat, 16 Nov 2024 00:22:02 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
pageview
gtrace.mediago.io/api/bidder/track/pixel/ 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtrace.mediago.io/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=d24978de3a364ef9b14b82d5221d420c&ptd=&tkd=&acd=&cpid=&v=177791265
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
text/plain; charset=utf-8
eplist
gtrace.mediago.io/ju/cs/ 		44 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtrace.mediago.io/ju/cs/eplist?acid=&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fpages.upwellness.com&mcb=mmgg_1731716521725_474
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
1a9830553f78e67579c1ce4694cf0b1a5fa2929ca14e9233b90bf974d6214b88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fpages.upwellness.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
date
Sat, 16 Nov 2024 00:22:01 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
cache-control
max-age=7200
content-encoding
gzip
etag
"16d5d552603d86726ae439fc61299d42"
x-cdn
akamai
content-length
2114
date
Sat, 16 Nov 2024 00:22:01 GMT
akamai-grn
0.10d53e17.1731716521.4e3c1d3
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ct.html
ct.pinterest.com/ Frame 65CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.5aecc8b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://pages.upwellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

akamai-grn
0.10d53e17.1731716522.4e3c249
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sat, 16 Nov 2024 00:22:02 GMT
pinterest-version
fe8dde823c9d8ad4331a9352a6a28b5f1fb1cf4b
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
8425082115897547
x-pinterest-rid-128bit
ab473d8848b0d320012b51aceb3737f5
unip
trc-events.taboola.com/1225872/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1645&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=1500&msa=2035&rv=1&tim=1731716522050&vi=1731716520400&ri=ee19d2f1bf8f367f8d3790ce0440eab7&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://pages.upwellness.com/

Response headers

access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Sat, 16 Nov 2024 00:22:02 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1523626/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1647&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=1500&msa=2035&rv=1&tim=1731716522052&vi=1731716520400&ri=115c202cc72fa1b3d0cdf804f0a61d9a&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://pages.upwellness.com/

Response headers

access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Sat, 16 Nov 2024 00:22:02 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1225872/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1645&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=1500&msa=2035&rv=1&tim=1731716522050&vi=1731716520400&ri=ee19d2f1bf8f367f8d3790ce0440eab7&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://pages.upwellness.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://pages.upwellness.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 16 Nov 2024 00:22:02 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1523626/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1647&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=1500&msa=2035&rv=1&tim=1731716522052&vi=1731716520400&ri=115c202cc72fa1b3d0cdf804f0a61d9a&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://pages.upwellness.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://pages.upwellness.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 16 Nov 2024 00:22:02 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
favicon-152.png
www.upwellness.com/wp-content/uploads/2015/10/ 		18 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.23.204.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-204-175.compute-1.amazonaws.com
Software
Pagely-ARES/1.21.14 /
Resource Hash
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

x-gateway-skip-cache
0
cache-control
max-age=2592000
etag
"4700-5e96026b3c0c0"
x-gateway-cache-status
HIT
expires
Thu, 05 Dec 2024 08:14:55 GMT
x-gateway-request-id
121da9a43c5b37857a32d39188be69cb
accept-ranges
bytes
content-length
18176
x-gateway-cache-key
0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
date
Sat, 16 Nov 2024 00:22:02 GMT
content-type
image/png
last-modified
Fri, 23 Sep 2022 23:00:59 GMT
server
Pagely-ARES/1.21.14
collect
n.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://pages.upwellness.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://pages.upwellness.com
Date
Sat, 16 Nov 2024 00:22:02 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
n
bat.bing.com/p/insights/c/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/c/n
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.56
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3A9E64A398EE43078BF337168E4FCD2D Ref B: FRA31EDGE0716 Ref C: 2024-11-16T00:22:03Z
access-control-allow-credentials
true
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
access-control-allow-origin
https://pages.upwellness.com
x-cache
CONFIG_NOCACHE
date
Sat, 16 Nov 2024 00:22:02 GMT
vary
Origin
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=102531&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyR...
  • https://widget.us.criteo.com/event?a=102531&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyR...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=102531&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyRlpSQ0R3SUhoNHVrYUNGM3owU0tReHlZbTV0TlI5clBNRG5ieExSRXM2dWI1bnpycEhxNGdvQ3hQNVpodkxXUkdlZVg0TEtOV09qamVTWnZlbEY2R3VJakdEb0clMkZoWk8xVkZBJTNE&sc=%7B%22fbp%22%3A%22fb.1.1731716520379.8294176553561320%22%2C%22ttp%22%3A%22WFoqu3GyElNKmsbo8lx4DXn8i1P.tt.1%22%7D&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D10265de71a12ddb911da1cf727edf6%2526n%253Dtune%2526cid%253D115_%2526mid%253D115_%2526AFFID%253D477232%2526subid%253D115_%2526partner_id%253D115%2526advertiser%253D2%2526email%253D&ceid=e3bab0ed-cde8-4757-87fc-3a0fefd47b9d
Protocol
H2
Server
74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
63d205057262d3da9561568b99641adf822c1a5c4b3e090fd80065d3f19e55d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pages.upwellness.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6985527
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Sat, 16 Nov 2024 00:22:05 GMT
content-type
application/x-javascript
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://widget.us.criteo.com/event?a=102531&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyRlpSQ0R3SUhoNHVrYUNGM3owU0tReHlZbTV0TlI5clBNRG5ieExSRXM2dWI1bnpycEhxNGdvQ3hQNVpodkxXUkdlZVg0TEtOV09qamVTWnZlbEY2R3VJakdEb0clMkZoWk8xVkZBJTNE&sc=%7B%22fbp%22%3A%22fb.1.1731716520379.8294176553561320%22%2C%22ttp%22%3A%22WFoqu3GyElNKmsbo8lx4DXn8i1P.tt.1%22%7D&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D10265de71a12ddb911da1cf727edf6%2526n%253Dtune%2526cid%253D115_%2526mid%253D115_%2526AFFID%253D477232%2526subid%253D115_%2526partner_id%253D115%2526advertiser%253D2%2526email%253D&ceid=e3bab0ed-cde8-4757-87fc-3a0fefd47b9d
content-encoding
gzip
pragma
no-cache
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5149119
expires
0
access-control-allow-origin
*
content-length
0
date
Sat, 16 Nov 2024 00:22:04 GMT
server
Kestrel
unip
trc-events.taboola.com/1225872/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4648&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=3000&msa=2035&rv=1&tim=1731716525053&vi=1731716520400&ri=ee19d2f1bf8f367f8d3790ce0440eab7&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://pages.upwellness.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://pages.upwellness.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 16 Nov 2024 00:22:05 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1225872/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4648&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=3000&msa=2035&rv=1&tim=1731716525053&vi=1731716520400&ri=ee19d2f1bf8f367f8d3790ce0440eab7&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://pages.upwellness.com/

Response headers

access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Sat, 16 Nov 2024 00:22:05 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1523626/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4649&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=3000&msa=2035&rv=1&tim=1731716525054&vi=1731716520400&ri=115c202cc72fa1b3d0cdf804f0a61d9a&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible
trigger
Referer
https://pages.upwellness.com/

Response headers

access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Sat, 16 Nov 2024 00:22:05 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
unip
trc-events.taboola.com/1523626/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4649&scd=0&ssd=1&est=1731716520404&ver=36&isls=true&src=i&invt=3000&msa=2035&rv=1&tim=1731716525054&vi=1731716520400&ri=115c202cc72fa1b3d0cdf804f0a61d9a&ref=null&cv=20241107-9-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D10265de71a12ddb911da1cf727edf6%26n%3Dtune%26cid%3D115_%26mid%3D115_%26AFFID%3D477232%26subid%3D115_%26partner_id%3D115%26advertiser%3D2%26email%3D&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://pages.upwellness.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://pages.upwellness.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 16 Nov 2024 00:22:05 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
store.upwellness.com
URL
https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Domain
store.upwellness.com
URL
https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Domain
app.unbounce.com
URL
blob:https://app.unbounce.com/09831c99-07de-4dc3-836b-42710052b634
Domain
app.unbounce.com
URL
blob:https://app.unbounce.com/d8596aac-e7b5-4726-a8dd-4adaa0474581

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| lp object| ub function| onorientationchange object| module function| fbq function| _fbq function| pintrk object| dotq object| _tfa function| obApi function| gtag object| dataLayer function| ndp function| nbpix object| _megoaa string| TiktokAnalyticsObject object| ttq object| uetq string| output number| output2 function| ubSnowplow boolean| ubSnowplowInitialized function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| LI object| liQHub object| liQ object| Criteo object| criteo_q object| google_tag_manager object| google_tag_data object| YAHOO function| apiObj object| liQ_instances function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM boolean| proofInitialized string| GoogleAnalyticsObject function| ga function| FBQ function| FBQ_SETUP string| ClAnalyticsObject object| _cl function| clarity function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_7130eef380 object| ube function| a0d function| a0c function| a0ag function| a0ah object| megoaaEvent boolean| _mediago_pixel_status object| gaplugins object| gaData object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| webinsights object| insightsuetq

37 Cookies

Domain/Path Name / Value
pages.upwellness.com/inflammation-quiz/ Name: ubpv
Value: cd%2Cce51cc0b-0e94-443c-a27a-24c78d18f232
.liadm.com/j Name: lidid
Value: ae9991a3-a02b-41f5-90c8-e496b896f59b
.trk.garagewarriorelite.com/ Name: 64906e66-9be5-4321-b578-ae4c04f07d85-v4
Value: pKAbv9iDEn1j5hFUse79sP273-P6tQkF01lno1v_70s
.trk.garagewarriorelite.com/ Name: cc-v4
Value: rMapgLbMIuqFWwq5yA%2BdiP1MBr72%2FH4i8sUe2kRLnFa5gy2La4hWRAZ646yAM%2Frk2gX8c1GKBEOYDuUH7t%2FErLeJvH39fvbj4PEa7KMB9wiYg%2FZ4fzftUz%2FmFtws1nzCd66Re5eCRAKaegeUiHJ8Wg%3D%3D
www.wm74trk.com/ Name: uniqueClick_42M8N1J
Value: 6bcf1484-c74c-498a-b2d9-f6d159c870cb:1731716517
www.wm74trk.com/ Name: transaction_id
Value: 51e3056615cc4683a257d14fbb2c4f08
go.healthww.com/ Name: enc_aff_session_77
Value: ENC03246f851b3d9de88313a76937d43d7d8712b1298b058f9bb1c7b3182fac7346ec3b74e10bb3289e28a01b2449cca9f2bec560eab3e031ec716a4b7e0e6cc31d9d8f67c25039ebad9a8bae187713dbf62b2deb8ea973ac4a38e493bbce50c105490491f6e4aa11b03636c7bd2ab4abfb7a0e0e75b7b693fc3f184a51ad69c61d602b7c25472d420356b79dbcc19cc8182f8390d38581461101415cf03de1855ea60092e58f
go.healthww.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzAiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMwLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/ Name: ubvs
Value: a9332450-c7e5-454b-a639-3716c6b4be14
.upwellness.com/ Name: ubvt
Value: v2%7Ca9332450-c7e5-454b-a639-3716c6b4be14%7Cce51cc0b-0e94-443c-a27a-24c78d18f232%3Acd%3Aweighted%3Aweighted
.pages.upwellness.com/ Name: __cf_bm
Value: Sbxt2z9KrgDdIKgfHhJbsAfxqm.pZ.YwHWaxBG6hhVk-1731716518-1.0.1.1-XYj_2hM5Q06OXJvOqZkzt.pshdc49.ojMWOrOEBJufI48PQ3_CK07UKqM6Tt2zrXil2AALd9yO4gUwUrxJdRhw
store.upwellness.com/ Name: AWSALB
Value: tKfv82TdX2tCZ9yc3sBXM8QCkf5sfPjNSUufI1Xwzo8oW5FST2EXVjkNgsn7I1DGM+u4Sp0m1IGJNSls1xmFykddPqPXRKeBE4TLM0DoGZn+O4BQQ3e/+w5MaCh7
store.upwellness.com/ Name: AWSALBCORS
Value: tKfv82TdX2tCZ9yc3sBXM8QCkf5sfPjNSUufI1Xwzo8oW5FST2EXVjkNgsn7I1DGM+u4Sp0m1IGJNSls1xmFykddPqPXRKeBE4TLM0DoGZn+O4BQQ3e/+w5MaCh7
.js.ubembed.com/ Name: __cf_bm
Value: 101JeD82VrPgmdJUnX6AbZY8MciUgVF8mSjiOWvzNlE-1731716519-1.0.1.1-ytpmC.ukO7QBDZ9GVtk0icDmlHX2VW9VHUxQu03bFZx7TPmyrqF2HGaIYB1TD66AdjvLenRwcI49spEQkZyZ7Q
.upwellness.com/ Name: _li_dcdm_c
Value: .upwellness.com
.upwellness.com/ Name: _lc2_fpi
Value: f0f26c15fa8f--01jcs5j5wvawa0vs15pdc38bpe
.upwellness.com/ Name: _gcl_au
Value: 1.1.171048275.1731716520
.upwellness.com/ Name: _fbp
Value: fb.1.1731716520379.8294176553561320
.liadm.com/ Name: lidid
Value: ae9991a3-a02b-41f5-90c8-e496b896f59b
.tiktok.com/ Name: _ttp
Value: 2ouPWjzz1PcS40Ug0VAT5Ii9Ky1
.criteo.com/ Name: uid
Value: 627406e6-cb57-4ee3-b0f0-e09e35c4235a
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.upwellness.com/ Name: _ga_E56T163DF6
Value: GS1.1.1731716521.1.0.1731716521.0.0.0
.upwellness.com/ Name: __nbpix_uid
Value: 1-85xe8w6x-m3jfazdv
.upwellness.com/ Name: _mg_ckp
Value: eyJja1RrZERGIjoiIn0=
.upwellness.com/ Name: ndp_session_id
Value: 94dfccdc-6347-4cf4-a824-02b780b43708
pages.upwellness.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1731716521235%7D
.upwellness.com/ Name: _ga
Value: GA1.2.462890981.1731716521
.upwellness.com/ Name: _gid
Value: GA1.2.121892795.1731716521
.upwellness.com/ Name: _dc_gtm_UA-28307243-3
Value: 1
.upwellness.com/ Name: cto_bundle
Value: tZO2xF9QNElzdGVtZUwyOFAwM1AydTUzNDQxWDhWJTJGV3NGJTJCRzQlMkJvdUVQMUVqWmtKUVVxVVJ4NTBvNDFlU2d1Y0s3YkJ0dm44ZWFtTSUyRlpSQ0R3SUhoNHVrYUNGM3owU0tReHlZbTV0TlI5clBNRG5ieExSRXM2dWI1bnpycEhxNGdvQ3hQNVpodkxXUkdlZVg0TEtOV09qamVTWnZlbEY2R3VJakdEb0clMkZoWk8xVkZBJTNE
.pinterest.com/ Name: ar_debug
Value: 1
.pages.upwellness.com/ Name: _pin_unauth
Value: dWlkPU1qSmxPVEptTlRJdE1qVmpZeTAwWldZd0xXRTVZell0TkdSaU5UVmpaVEZsTlRGaQ
.upwellness.com/ Name: _tt_enable_cookie
Value: 1
.upwellness.com/ Name: _ttp
Value: WFoqu3GyElNKmsbo8lx4DXn8i1P.tt.1
.upwellness.com/ Name: __mguid_
Value: 626eabf7dfdf4919aa420f5cea677575
.mediago.io/ Name: __mguid_
Value: e70c06984b59fa802zbst700m3jfazxt

4 Console Messages

Source Level URL
Text
javascript error URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=(Line 9)
Message:
Not allowed to load local resource: blob:https://app.unbounce.com/09831c99-07de-4dc3-836b-42710052b634
javascript error URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=10265de71a12ddb911da1cf727edf6&n=tune&cid=115_&mid=115_&AFFID=477232&subid=115_&partner_id=115&advertiser=2&email=(Line 9)
Message:
Not allowed to load local resource: blob:https://app.unbounce.com/d8596aac-e7b5-4726-a8dd-4adaa0474581
network error URL: https://pages.upwellness.com/assets/81594b5f-6b51-47f0-a97d-5ae6182d1fab/whiteupwellnesslogo.original.png?1559239426
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
ads.nextdoor.com
amplify.outbrain.com
analytics.tiktok.com
app.unbounce.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
bat.bing.net
builder-assets.unbounce.com
business.newsbreak.com
cdn.js.customerlabs.co
cdn.mediago.io
cdn.taboola.com
cdn.useproof.com
connect.facebook.net
ct.pinterest.com
d9hhrg4mnvzow.cloudfront.net
dynamic.criteo.com
flask.nextdoor.com
fonts.ub-assets.com
go.healthww.com
gtrace.mediago.io
gum.criteo.com
live.upwellness.com
n.clarity.ms
pages.upwellness.com
psb.taboola.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
trk.garagewarriorelite.com
wave.outbrain.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.upwellness.com
www.wm74trk.com
app.unbounce.com
store.upwellness.com
104.18.34.21
104.18.39.181
108.138.26.31
13.224.189.28
13.32.99.67
141.226.228.48
142.250.184.232
151.101.129.44
157.240.251.35
157.240.251.9
172.175.234.12
178.250.1.9
18.246.130.178
18.66.137.164
18.66.147.37
184.28.89.148
2.18.64.15
2.19.224.184
2001:4860:4802:32::178
2001:4860:4802:34::36
23.23.204.175
2600:1f18:730:b130:e295:f5cc:7bc1:19c0
2600:9000:225e:9a00:8:8845:1500:93a1
2600:9000:2490:aa00:18:8903:5200:93a1
2606:4700:3034::ac43:a9b0
2620:1ec:33:1::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1288:80:807::2
2a00:1450:4001:801::2004
2a00:1450:4001:806::2008
2a00:1450:400c:c06::9a
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:894::1931
3.160.156.21
3.164.163.114
3.164.163.39
3.93.168.254
34.107.190.195
34.196.96.89
34.250.254.121
35.214.168.80
52.25.78.242
54.171.122.26
64.202.112.95
74.119.117.16
0315dc20f9ec6b6b59fac0666aca6a99bcc769b81c866e0ba48abb333d1c8a4a
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0c28a3b893740df4c1372e6321ce52981e0f77543c6fc8384af2deab941773c2
0d8c037cd98e4cdb64a6feb95e40ee44eb46f466823b264e708e826e4da9a8d0
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10158bd7bc73dbdb07a40e1c14539469cf74c38e5f3074eaf0918ec3a8ba48fa
19576a00ececd1add5cecaa486d9f1f224597e55442a826c77d6ad17f8c11e07
1a9830553f78e67579c1ce4694cf0b1a5fa2929ca14e9233b90bf974d6214b88
1c9d0c84e6f84aef2603a24c9ab75adbb776fc21b309ced0fb13aeb7339b55dc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21a7ed26f29fd7ce23bc5869fb734b5b5c00ce74b8383c3866579205c46476ea
24ae9c928eb47f386123477b0f00e6c2618c718721c4bf17b0187ff00fb8e971
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
336633128331e57083dfc6c2e8bae9986a5d4fb7d820beb708926ea92a13f090
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c146e2b9d9789d9f3276f7fc8a36ba5b3110dee67a7903ca6bebb14497c381a
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
55113aceabaad9f3f4e4a0096f394ffcade37847a527280deba40f1f526b9e92
60c12debc7101a6e6df2910774e6008c021648458d8bdf9a9ebb45494d37bd84
63d205057262d3da9561568b99641adf822c1a5c4b3e090fd80065d3f19e55d2
676ce1e7dfd465520b89cf7d12b58743c365cdd2c2b93b9c251bbb4d52d502e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
85d470e83686d770c884ff37aa8257edfbcfa0a3294ee3b753fc062033944e4c
864f0c1802a7465b482adcd88aaf38cd752a29860a96e432cbc15e7164894d48
870e33c07dfab900ffc54747f4d21e61f6557c9ddf22ffd892624ae522b824cd
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a9f847be3e5b5b41f4769b02cf322bd68e97e49f68fed677c42e89dab2b0738
90a8ca7e6dfa500a341c0b9e2fbda1c55dc558d29c668a4cc21de6295e1c68ff
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933bd878ffa4710f751ebb3f6cbc7a5f24713e5fede41454914cff3a1d81a949
96dffdcb00b4a59a6cdc977b431f2dfe96bf6fbc86b4d78ba579a906afb01956
9833ad81e6fe79a92c0138c1f91ec97f981fd3ff42f089fe41fcb2a9dbdafc93
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aaddae4cf259110e05bc9316a9563557ac1d6ab3534b25c74ca4ff986811a859
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
ba53ea056c6259ae529fa4c71cb33bdf3aacface9b08d034df813d6f7387f5b1
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
c19d35d3ab541478af2ee769d2a306f12cd47c94ecfb3dbc5c319218cf6d369b
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c5922a7c5936ebfe3ce796d9dc70f6bef45ba6d102530c7550fffc3c5fa38659
c8b06499674c9855a583b05135247cfd37d8aee22e3f8a4d6445a47763d9aede
ca7b16610338e61384dcee02bc411cb30089a5e86263cfcf3b29f8c1e451fc91
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
d60eb29c621b871831896e2b683a045849abeab8ee1b35dc556e080f5f587abb
d774b2e366f7646b50c74578d4ce3218cedba5898a2e53e874dd7cbc06d31a6d
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e8e92eddfa282de2d49faf17b2f91ed0ee54be9f8f9337ad002842db0fa46218
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e9e0d2c90802e19eaefa3de39bf865ccba5dbdca361ae3ef862724aeb25baf79
ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389
ed2b02cc6fee478120d3e35ebef642a78bb6120d1da32072a66cdbf25d801952
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43f79a4b7786a0bbaed0d9f169a48585838b4aad0d1e076fe8a2a92d16f07f
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2ee155213ccaa6ec62e91f3531df6daa0a852716f291acd3e8129aabe9929e3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb061568e32a18b3e5bff4f8e05dd6147ac9da2ada913f6103e9103798e54803
ff8b00585c51b50b9d7aa76ff232f0b8bd0c6c37f011e932ac713590e2651de8