pages.upwellness.com Open in urlscan Pro
104.18.19.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae2077bcbdff258737b3d6e3...
Effective URL:
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH...
Submission: On July 22 via manual (July 22nd 2024, 11:02:34 am UTC) from IN — Scanned from US

Summary HTTP 213 Redirects Behaviour Indicators

Summary

This website contacted 79 IPs in 3 countries across 66 domains to perform 213 HTTP transactions. The main IP is 104.18.19.37, located in and belongs to CLOUDFLARENET, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by E6 on June 24th 2024. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.236.93.106 54.236.93.106	14618 (AMAZON-AES) (AMAZON-AES)
4	104.18.19.37 104.18.19.37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.165.83.40 18.165.83.40	16509 (AMAZON-02) (AMAZON-02)
1	104.18.10.34 104.18.10.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:23c... 2600:9000:23cb:f600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
1	2620:100:a00b::a 2620:100:a00b::a	19750 (AS-CRITEO) (AS-CRITEO)
13	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
3	2001:4998:60:... 2001:4998:60:807::1	14196 (YAHOO-CHA) (YAHOO-CHA)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	23.220.125.76 23.220.125.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.40.189.238 52.40.189.238	16509 (AMAZON-02) (AMAZON-02)
1	13.225.63.10 13.225.63.10	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.83 52.85.61.83	16509 (AMAZON-02) (AMAZON-02)
5	23.212.250.14 23.212.250.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
39	13.226.36.141 13.226.36.141	16509 (AMAZON-02) (AMAZON-02)
3 4	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1	13.226.34.65 13.226.34.65	16509 (AMAZON-02) (AMAZON-02)
1 6	2607:f8b0:400... 2607:f8b0:400d:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	209.85.201.154 209.85.201.154	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 8	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	2600:1f18:730... 2600:1f18:730:b120:610:c1c8:8651:5a13	14618 (AMAZON-AES) (AMAZON-AES)
1	54.83.17.184 54.83.17.184	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:400d:c0d::8b	15169 (GOOGLE) (GOOGLE)
1	18.67.66.87 18.67.66.87	16509 (AMAZON-02) (AMAZON-02)
3	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.187.143.159 54.187.143.159	16509 (AMAZON-02) (AMAZON-02)
6	108.139.29.53 108.139.29.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.214.40.15 34.214.40.15	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:400d:c0d::93	15169 (GOOGLE) (GOOGLE)
4	23.220.128.196 23.220.128.196	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.88.71.74 54.88.71.74	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a00b... 2620:100:a00b::26	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
1	52.85.61.59 52.85.61.59	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:230... 2600:9000:2305:3200:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
3 5	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
6 7	34.199.79.177 34.199.79.177	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.0.215.179 52.0.215.179	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	51.222.241.106 51.222.241.106	16276 (OVH) (OVH)
1 1	18.211.100.102 18.211.100.102	14618 (AMAZON-AES) (AMAZON-AES)
1	23.105.12.172 23.105.12.172	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	195.244.31.11 195.244.31.11	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	23.220.132.230 23.220.132.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.251.28.210 63.251.28.210	26558 (FREEWHEEL) (FREEWHEEL)
1 2	35.171.156.64 35.171.156.64	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.213.14.63 3.213.14.63	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.172.122.85 18.172.122.85	16509 (AMAZON-02) (AMAZON-02)
1 1	198.8.71.130 198.8.71.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1	23.50.124.22 23.50.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.237.207.209 34.237.207.209	14618 (AMAZON-AES) (AMAZON-AES)
1	44.237.21.44 44.237.21.44	16509 (AMAZON-02) (AMAZON-02)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.91.202.27 52.91.202.27	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:230... 2600:9000:2305:7e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.223.253.75 23.223.253.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4280:f33e:3dd1:2496:1725	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1408:c40... 2600:1408:c400:16::17d4:f807	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.102.166.132 34.102.166.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:9000:266... 2600:9000:266a:3c00:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
8	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.23.204.175 23.23.204.175	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.204.124.17 52.204.124.17	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.106.37 108.138.106.37	16509 (AMAZON-02) (AMAZON-02)
1	18.165.98.80 18.165.98.80	16509 (AMAZON-02) (AMAZON-02)
213	79

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.thealternativedaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.93.106 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-93-106.compute-1.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.37 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.83.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-40.iad55.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.34 (None, )

ASN13335 (CLOUDFLARENET, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:f600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::a (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4998:60:807::1 (United States)

ASN14196 (YAHOO-CHA, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.220.125.76 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-125-76.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.189.238 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-189-238.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-10.ewr53.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-83.ewr53.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.250.14 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-14.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 13.226.36.141 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-36-141.ewr53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a00b::12 (United States) 3 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-65.ewr53.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c0b::9a (Morganton, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:610:c1c8:8651:5a13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.17.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-17-184.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0d::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.66.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-66-87.iad89.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.117.16 (United States)

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.143.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-143-159.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.139.29.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-53.jfk50.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.214.40.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-40-15.us-west-2.compute.amazonaws.com

flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c0d::93 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.220.128.196 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-128-196.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.71.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-71-74.compute-1.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::26 (United States)

ASN19750 (AS-CRITEO, US)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-59.ewr53.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2305:3200:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.157 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.75 (Colonia, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.199.79.177 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-79-177.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.215.179 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-215-179.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.241.106 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-012.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.100.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-100-102.compute-1.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.172 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.210 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.156.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-156-64.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.14.63 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-14-63.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.122.85 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-172-122-85.ord56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.207.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-207-209.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.21.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-21-44.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.91.202.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-202-27.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2305:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.223.253.75 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-223-253-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:f33e:3dd1:2496:1725 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:16::17d4:f807 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.166.132 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.tpmn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:266a:3c00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.204.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com

www.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.124.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-124-17.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-37.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.98.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-80.iad55.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	cloudfront.net d9hhrg4mnvzow.cloudfront.net	2 MB
24	wistia.com fast.wistia.com — Cisco Umbrella Rank: 11346 embed-ssl.wistia.com — Cisco Umbrella Rank: 19472 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 17584 distillery.wistia.com — Cisco Umbrella Rank: 17241	3 MB
13	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1198 psb.taboola.com — Cisco Umbrella Rank: 9372 trc.taboola.com — Cisco Umbrella Rank: 1123 sync-t1.taboola.com — Cisco Umbrella Rank: 2447 trc-events.taboola.com — Cisco Umbrella Rank: 3272	29 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	9 KB
9	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4315 gum.criteo.com — Cisco Umbrella Rank: 553 sslwidget.criteo.com — Cisco Umbrella Rank: 2867 measurement-api.criteo.com — Cisco Umbrella Rank: 3048 dis.criteo.com — Cisco Umbrella Rank: 1058	29 KB
8	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	33 KB
7	mediawallahscript.com 6 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 4768	6 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 x.clarity.ms — Cisco Umbrella Rank: 8333 c.clarity.ms — Cisco Umbrella Rank: 1838	28 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	629 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	6 KB
6	google.com www.google.com — Cisco Umbrella Rank: 10	384 B
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 38371	125 KB
6	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4363 tr.outbrain.com — Cisco Umbrella Rank: 4248 wave.outbrain.com — Cisco Umbrella Rank: 4246 sync.outbrain.com — Cisco Umbrella Rank: 1277	11 KB
6	upwellness.com pages.upwellness.com live.upwellness.com store.upwellness.com Failed www.upwellness.com	107 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 383 secure.adnxs.com — Cisco Umbrella Rank: 764	5 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	142 KB
5	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 4784 rp.liadm.com — Cisco Umbrella Rank: 1645 rp4.liadm.com — Cisco Umbrella Rank: 4911 i.liadm.com — Cisco Umbrella Rank: 937	38 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	3 KB
4	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 6879 gtrace.mediago.io — Cisco Umbrella Rank: 5892	96 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2947 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 1020	8 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 2084	3 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 1075	875 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1261	977 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 499	1 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393	911 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 54464 business.newsbreak.com — Cisco Umbrella Rank: 15927	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 9143 flask.nextdoor.com — Cisco Umbrella Rank: 8476	4 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
2	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 119855	487 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 26103	52 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 38368 app.unbounce.com Failed	44 KB
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 910	656 B
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 7016	2 KB
1	tpmn.io ad.tpmn.io — Cisco Umbrella Rank: 5051	622 B
1	tpmn.co.kr 1 redirects ad.tpmn.co.kr — Cisco Umbrella Rank: 4765	298 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 3924	259 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3878	399 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3660	278 B
1	tapad.com tapestry.tapad.com — Cisco Umbrella Rank: 2975	532 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1043	383 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 804	301 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	1 KB
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1358	581 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1508	533 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 2423	967 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1060	815 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 1285	569 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1308	1 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 969	663 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1219	581 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1229	342 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1072	688 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 10138	337 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 7394	411 B
1	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 159197
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	27 KB
1	welldaily.com 1 redirects go.welldaily.com	2 KB
1	thealternativedaily.com 1 redirects links.thealternativedaily.com — Cisco Umbrella Rank: 745006	584 B
0	revcontent.com Failed trends.revcontent.com Failed
0	unsplash.com Failed views.unsplash.com Failed
213	66

	Domain	Requested by
39	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
13	fast.wistia.com	pages.upwellness.com fast.wistia.com analytics.tiktok.com
8	trc-events.taboola.com	analytics.tiktok.com
7	partner.mediawallahscript.com	6 redirects
7	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
6	embed-cloudfront.wistia.com	analytics.tiktok.com
6	www.facebook.com	pages.upwellness.com
6	www.google.com	pages.upwellness.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	bat.bing.com	pages.upwellness.com bat.bing.com analytics.tiktok.com
6	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
5	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
4	ib.adnxs.com	2 redirects
4	ct.pinterest.com	s.pinimg.com
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	pages.upwellness.com	pages.upwellness.com
3	pipedream.wistia.com	analytics.tiktok.com
3	x.clarity.ms	analytics.tiktok.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com analytics.tiktok.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
2	dpm.demdex.net	1 redirects
2	gtrace.mediago.io	cdn.mediago.io
2	c.clarity.ms	1 redirects
2	c.bing.com	1 redirects
2	live.rezync.com	2 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	match.adsrvr.org	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	x.bidswitch.net	1 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	1 redirects
2	sp.analytics.yahoo.com	pages.upwellness.com
2	www.clarity.ms	pages.upwellness.com www.clarity.ms
2	tr.outbrain.com	amplify.outbrain.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	trc.taboola.com	cdn.taboola.com
2	cdn.mediago.io	pages.upwellness.com cdn.mediago.io
2	amplify.outbrain.com	pages.upwellness.com amplify.outbrain.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	builder-assets.unbounce.com	pages.upwellness.com
1	distillery.wistia.com	analytics.tiktok.com
1	aa.agkn.com
1	www.upwellness.com
1	js.sentry-cdn.com	fast.wistia.com
1	dsum-sec.casalemedia.com
1	ad.tpmn.io
1	ad.tpmn.co.kr	1 redirects
1	ade.clmbtech.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	tapestry.tapad.com
1	s.ad.smaato.net
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	pippio.com
1	p.rfihub.com	1 redirects
1	ads.stickyadstv.com
1	tags.bluekai.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	secure.adnxs.com	1 redirects
1	embed-ssl.wistia.com	pages.upwellness.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	measurement-api.criteo.com	pages.upwellness.com
1	flask.nextdoor.com	pages.upwellness.com
1	business.newsbreak.com	static.newsbreak.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	wave.outbrain.com	amplify.outbrain.com
1	psb.taboola.com	cdn.taboola.com
1	www.googleadservices.com	www.googletagmanager.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	cdnjs.cloudflare.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	go.welldaily.com	1 redirects
1	links.thealternativedaily.com	1 redirects
0	trends.revcontent.com Failed
0	views.unsplash.com Failed	pages.upwellness.com
0	app.unbounce.com Failed	pages.upwellness.com
0	store.upwellness.com Failed	pages.upwellness.com
213	99

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com E6	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.js.ubembed.com E6	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
live.upwellness.com E5	`2024-07-16` - `2024-10-14`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
useproof.com GTS CA 1P5	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-08` - `2024-08-28`	2 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2024-12-31`	6 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M02	`2024-05-25` - `2025-06-22`	a year	crt.sh
*.mediago.io Amazon RSA 2048 M03	`2024-07-07` - `2025-08-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-30` - `2024-07-29`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M03	`2024-01-05` - `2025-02-03`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-31`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-09` - `2025-02-08`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M03	`2024-03-05` - `2025-04-02`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-08-02` - `2024-08-13`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.tapad.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-09-17`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
colombiaonline.com R11	`2024-06-28` - `2024-09-26`	3 months	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
casalemedia.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
upwellness.com R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Frame ID: 47A45D0D8D4EEE97F4A8B837014652C6
Requests: 178 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 24120BA76ECC9AF67B0B9ED17BFE8BC6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 39ED9A156CE6B261F307E96FB153CB42
Requests: 1 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Frame ID: 854F9E766DF02C85E6BAD54BF7E5ACD9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_gid=CAESEJv1x2r5O1Go0Qi_lK0yh3c&google_cver=1&google_ula=913071,0
Frame ID: 615935583747DA1669FDC43C1593E86B
Requests: 30 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 980F84C20EE7DE88368FCA8379E80BB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae20... HTTP 307
https://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae20... HTTP 302
https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH240715PM HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFF... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

213
Requests

90 %
HTTPS

30 %
IPv6

66
Domains

99
Subdomains

79
IPs

3
Countries

6816 kB
Transfer

10847 kB
Size

133
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae2077bcbdff258737b3d6e35d3d99ccfb5914a HTTP 307
https://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae2077bcbdff258737b3d6e35d3d99ccfb5914a HTTP 302
https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH240715PM HTTP 302
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://rp.liadm.com/j?dtstmp=1721646147409&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1721646147409&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo4ZjEzOmY2NzU6MjE3OA%3D%3D&n3pc=true

Request Chain 112

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=2049907839&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_m=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)*A%3Atrue%3A21%3Afalse*1&ec_sel=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)&ec_meta=A%3Atrue%3A21%3Afalse&ec_lat=0&ec_s=1&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjIGo2L-6hwMVMlNHAR2-jgnRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/458254939/?random=2049907839&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_m=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)*A%3Atrue%3A21%3Afalse*1&ec_sel=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)&ec_meta=A%3Atrue%3A21%3Afalse&ec_lat=0&ec_s=1&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjIGo2L-6hwMVMlNHAR2-jgnRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSKQDaQooLkEVVfjri-SLgRkDmdvS1nmhbkrmC_JHo3HPluORnlEz1BdEF&random=823363828

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_cm&google_hm=ay1JTXg1NTVVbEpKNnV3LVNOaHgxVE5FVndhRlFQOFpOMlBobVh5UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_gid=CAESEJv1x2r5O1Go0Qi_lK0yh3c&google_cver=1&google_ula=913071,0

Request Chain 155

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vW5YupUlJJ6uw-SNhx1TNEVwaFQDYEx1G6qqng&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vW5YupUlJJ6uw-SNhx1TNEVwaFQDYEx1G6qqng&expires=30

Request Chain 156

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4839716578752447538

Request Chain 157

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&custom=&tag_format=img&tag_action=sync&custom=&cb=d5b8a6b4-d8c2-460b-b1f3-aa6dbe48d903 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=d5b8a6b4-d8c2-460b-b1f3-aa6dbe48d903&final=true&reqid=e2ac4e20-4819-11ef-b7d0-7792cf65c656&timestamp=2024-07-22T11%3A02%3A28.610Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4839716578752447538&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=e2af3450-4819-11ef-9476-37083da6b2ac?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=e2af3450-4819-11ef-9476-37083da6b2ac?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=3b57ba819182ea43aa0bb66ba630d571&tag_format=img&tag_action=sync&cb=640785821 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=f354958a-f2fd-4fc8-ad41-d8ae4fca8cf5&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=e2af3450-4819-11ef-9476-37083da6b2ac&cb=1721646148906&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1721646148906 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=fc569ac6-7005-4852-8f3f-f0c7ee21ebda&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1721646148906 HTTP 302
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=e2f05c00-4819-11ef-8355-ff500750bb6d

Request Chain 161

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GLY2HE1ECby3XpPiS-NNYhf1Zoaa5aal

Request Chain 162

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ClOOupUlJJ6uw-SNhx1TNEVwaFRXY4rj_yDjyQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ClOOupUlJJ6uw-SNhx1TNEVwaFRXY4rj_yDjyQ&C=1

Request Chain 164

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Q4e7iJUlJJ6uw-SNhx1TNEVwaFTvnxIN4U1fqw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q4e7iJUlJJ6uw-SNhx1TNEVwaFTvnxIN4U1fqw

Request Chain 165

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mItM-5UlJJ6uw-SNhx1TNEVwaFR0C4rnNTX45A HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4e9f492b-7b48-4b2c-b613-9462935b525b HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=29439186-4148-4c76-bc88-a92740fde381%3A1721646148.7614567&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D29439186-4148-4c76-bc88-a92740fde381%253A1721646148.7614567%26pid%3D500040%26it%3D1%26iv%3D29439186-4148-4c76-bc88-a92740fde381%253A1721646148.7614567%26_%3D1721646148.763271&cb=1721646148.7633154 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1976306201563678936&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D29439186-4148-4c76-bc88-a92740fde381%253A1721646148.7614567%26pid%3D500040%26it%3D1%26iv%3D29439186-4148-4c76-bc88-a92740fde381%253A1721646148.7614567%26_%3D1721646148.763271 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=29439186-4148-4c76-bc88-a92740fde381%3A1721646148.7614567&pid=500040&it=1&iv=29439186-4148-4c76-bc88-a92740fde381%3A1721646148.7614567&_=1721646148.763271 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1721646148.763271&iv=29439186-4148-4c76-bc88-a92740fde381:1721646148.7614567

Request Chain 180

https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ HTTP 302
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ

Request Chain 181

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8DC405F583364203AD4EA5465C25EF0C&RedC=c.clarity.ms&MXFR=10B715998DC869543664015D89C8673E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8DC405F583364203AD4EA5465C25EF0C&MUID=0A932501B1E56E7B0C2231C5B0976F3E

Request Chain 203

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cKvEGBm3hPZT_4jjzJCj8KMzyO6LCbLW HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cKvEGBm3hPZT_4jjzJCj8KMzyO6LCbLW

Request Chain 204

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=pQYCT7DQJHRsHo4lg4r9TFiGuGvwscJT

213 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pages.upwellness.com/uc-grplus-fps/
Redirect Chain

http://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae2077bcbdff258737b3d6e35d3d99ccfb5914a
https://links.thealternativedaily.com/a/819/click/10304744/3008785/_3dcd3796e454e9fd286b63589f705d725ef080ba/9ae2077bcbdff258737b3d6e35d3d99ccfb5914a
https://go.welldaily.com/aff_c?offer_id=67&aff_id=1&aff_sub=TH240715PM
https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

307 KB
42 KB

165ms
38ms

Document
text/html

104.18.19.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53fceb04b202aa40b035bf8a47bd1f2a613049b6706c9fbf8815f71d91293bb9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8a72f040ced943c2-EWR
content-encoding: gzip
content-length: 42085
content-location: https://pages.upwellness.com/uc-grplus-fps/
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 11:02:26 GMT
etag: "an:f733aae45af54f8faba97e277fafd4e8"
link: <https://pages.upwellness.com/uc-grplus-fps/>; rel="canonical"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-unbounce-pageid: 6d2c7105-ebae-455a-91f2-47af4209ed5f
x-unbounce-variant: an
x-unbounce-visitorid: f733aae4-5af5-4f8f-aba9-7e277fafd4e8

Redirect headers

Accept-CH: Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 22 Jul 2024 11:02:26 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102ad9e183f34593b01fc41a774a2b
X-Request-Id: e35ed9b638cc50c53f58c53e0280983e

GET
H2 200 main-ebbfc5e.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 79ms
16ms Stylesheet
text/css 18.165.83.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.css

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.83.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-40.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 06 Jun 2024 23:54:14 GMT
content-encoding: gzip
via: 1.1 b885d7691d1de254a7c8e89572398f9a.cloudfront.net (CloudFront)
x-amz-version-id: CL5jrjRaZdYGvQ_ktFxphZkwnhxYwadH
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P3
age: 3928093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2944
referrer-policy: no-referrer
last-modified: Thu, 06 Jun 2024 20:32:23 GMT
server: AmazonS3
etag: "3b1a7b38a3984241c2be683ce77b9a78"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LtOvImppkdeRIyAdu4rBrorERO9G3lLogbN40pdWToKv1FSl8qnUjw==

GET
H2 404 rightarrow-hr.original.png
pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/ 47 B
47 B 24ms
22ms Image
text/html 104.18.19.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/rightarrow-hr.original.png?1615572696

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/html
cf-ray: 8a72f0411f2643c2-EWR
content-length: 47

GET
H2 200 e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js Show response
pages.upwellness.com/_ub/static/ts/ 44 KB
15 KB 39ms
26ms Script
application/javascript 104.18.19.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.upwellness.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
via: 1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
x-amz-version-id: y0uC0xE0yu95rDa35ZEYf2K128n3gwGH
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 6437331
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Wed, 08 May 2024 22:13:34 GMT
server: cloudflare
etag: W/"a7eeb377929f3b60727095f859013d59"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8a72f041bfbf43c2-EWR
x-amz-cf-id: 9nu0KmIEMorshLcSBjzu-t6Qmv29ou086mHTj7BDRRplqFzuhkgT2g==
expires: Tue, 22 Jul 2025 11:02:26 GMT

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 16 KB
3 KB 144ms
36ms Script
application/javascript 104.18.10.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b2431a0240ed1cdb15054ea92932a591eed5bc801d3a36ac4c64f5f1e6f57d5

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 6298
etag: W/"0495c4ac091e37e9810c47fe9ce0e64bf85a2af6"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 8a72f0425acb7293-EWR

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 103ms
10ms Script
application/javascript 2600:9000:23cb:f600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2ecefb5809e37a48cbbde3e05b7644e9e5ce8bf50cff86c9b8c8860566338203

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 14:26:28 GMT
content-encoding: gzip
via: 1.1 008cd6752eb718142dfefe2f7e847982.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 74158
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: W_X7956mTBxfuaPz7AK0lptIOqsQk55aOWT98Sso57SwTYMp9g7p7g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 86ms
37ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7f92a3f343fc7205119e03b1bc80aa7401ce780d3afc74c4b4a9575ca8f029e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83317
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 11:02:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 128ms
79ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

240f07b2d5912479dd1b9c14dedc84d4b86c956f19461baee4a9595b92730dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87209
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 11:02:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 99ms
52ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50018be8d122d61af741e6b276e49bac6d61362069ec32e219225790918a3071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96443
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 11:02:26 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
21 KB 72ms
27ms Script
application/javascript 2620:100:a00b::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

893960c5a12c40bfbec2db2f48e1f8fe8d36bb38f7a36f6fa7003243bb74634f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
86 KB 117ms
70ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fed35a643a522ed7fffd657d0315f810687e13e381f6e98a2b4f00f8afe46003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88393
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 11:02:26 GMT

GET
H2 200 e8xcaqkjm4.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 22ms
13ms Script
application/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5d8ac7d8a665d28608fa0aaf1f0f046da239c1c481fac0aa2d0860d3a8e66811

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD61-P1
age: 69440
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 52
content-length: 1789
x-request-id: 6a8ee8bb-67af-40a4-93ca-1495196de88c
x-served-by: cache-iad-kiad7000020-IAD, cache-lga21973-LGA
x-runtime: 0.050475
x-browser-version: 126
server: envoy
x-timer: S1721646147.837345,VS0,VE0
etag: W/"5d8ac7d8a665d28608fa0aaf1f0f046d"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JKKuBJ139Z5-azeZssZ-G3A4ndTVv4nH5uN-Ig11ca9hLJ2-EoCpsA==
x-cache-hits: 17, 3

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 792 KB
134 KB 17ms
9ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ac684f0d7bbe2947da03a4ef906bace5ea3d477b948cf2d0c83448db9731814

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1019
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 137039
x-served-by: cache-iad-kcgs7200051-IAD, cache-lga21973-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:47 GMT
server: AmazonS3
x-timer: S1721646147.837335,VS0,VE0
etag: "b7a20449a31031c3fc02dfc523ad0c8b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 164, 90

GET
H2 200 swatch
fast.wistia.com/embed/medias/e8xcaqkjm4/ 5 KB
5 KB 61ms
9ms Image
image/jpeg 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
access-control-request-method: *
via: 1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 20f0d9cf6610f77242f5c592d2ecfd1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD89-C3
age: 1808732
edge-cache-tag: 9c999aa0107b556d5cd5f59d9dd7e014
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 30
content-disposition: inline
content-length: 4891
x-served-by: cache-iad-kiad7000136-IAD, cache-lga21973-LGA
x-browser-version: 126
last-modified: Tue, 05 Oct 2021 16:24:56 UTC
server: envoy
x-timer: S1721646147.788957,VS0,VE1
etag: KTO7iHMFy31bRBoB_X8SLpxC2Uc=
content-type: image/jpeg
access-control-allow-origin: *,*
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0wrVlPwnkk3fXTNI-26ut2mvdemfU-j_35CcMBQHounksHkDm_3MIg==
x-cache-hits: 659, 0

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 133ms
33ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET UCInvisibleLink
store.upwellness.com/cgi-bin/ 0
0

GET UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
0

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 84 KB
27 KB 38ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 996913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27198
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1514f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVWhrOvbRADL8HnvoRncwwtHbT0WzqhAhM0iMk8u5v7c4cAcRzWd1sOspi%2FqBcfuT6LvAdIsgt15P60bGbyNgeFQ5eExfQWYNf5LMRG0%2F3WEYM%2B5xonLlnmZrFvsG5%2FfD5Xgvaj22kMxIDgi88JhpnrR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a72f041ca078c8a-EWR
expires: Sat, 12 Jul 2025 11:02:26 GMT

GET
H2 200 main.bundle-c84a6bf.z.js Show response
builder-assets.unbounce.com/published-js/ 137 KB
41 KB 25ms
16ms Script
application/javascript 18.165.83.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-js/main.bundle-c84a6bf.z.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.83.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-40.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c84a6bfc027c476c666c489c50c2611877eca16db056447023d200f5d40ab8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 14:39:25 GMT
content-encoding: gzip
via: 1.1 b885d7691d1de254a7c8e89572398f9a.cloudfront.net (CloudFront)
x-amz-version-id: q0pk6Wx3_XE8LIJazZc_N1cxAVucggoG
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P3
age: 3356582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41267
referrer-policy: no-referrer
last-modified: Thu, 13 Jun 2024 14:35:51 GMT
server: AmazonS3
etag: "2dbaf0f2ae4414145bff75880fce23fc"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: eiyTeplqJeS1_HjdZ4e9MtleaY_buQJKPP7Ut5LGbtTHnkW4HQErJA==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 70ms
19ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W0VAPWMGGKV5KNSB
age: 11302167
alt-svc: h3=":443"; ma=86400
content-length: 497733
x-amz-id-2: 7dVdYUWfp1aSktOHGiRQcHdlXk14ysdEVwANiScIjpv71bsuWzpAkYf71/WYro+pjWXQcs+RuNI=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5QM%2FXDVO9oxd303r5H3LgW1sxb1%2BGz8ZYKv07%2BB0O2o3iJ1iUNYLc%2FEm4WCgx4EPNf0nGWz0K3KOdhAYd3Sd%2BC0f1TtGMnfvp5El8DY0bePR%2FlTZ67j%2FiR3a4kB5fpxmh3BZihrZQ3eG7a%2BjtIp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 8a72f0425a538c84-EWR

GET 45620950-b47f-4de1-947e-a43632c71554
https://app.unbounce.com/ 0
0

GET 97713285-8b74-47ca-82de-559bfcd77f97
https://app.unbounce.com/ 0
0

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 68ms
15ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:26 GMT
content-encoding: br
x-cdn: fastly
etag: "62a16567a3d56a4149035792551d5ebf"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1882

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 223ms
36ms Script
application/javascript 2001:4998:60:807::1
YAHOO-CHA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

Software

ATS /

Resource Hash

6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jul 2024 10:10:29 GMT
x-amz-version-id: VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 62TTW3EXRWHJ4QWP
age: 3119
x-amz-server-side-encryption: AES256
content-length: 6672
x-amz-id-2: rRtNCvrC0hzdtC/6l13OjSqMxcyb0bdh6WEdVP/F9lRBO11BHqpFoLbGhrQsW/ARN18g0TFlX10=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 10 Jul 2024 13:59:59 GMT
server: ATS
etag: "b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 71 KB
22 KB 32ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02757fc39095d68c5fa5235479990f3226d99814d8dd17dd8feadafb13265e24

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 8UrN6x7Kuen8w5ZeukVrNuPzDCLbakqw
content-encoding: gzip
via: 1.1 varnish
date: Mon, 22 Jul 2024 11:02:26 GMT
x-amz-request-id: MKXJYZ7V2M5TFEVW
age: 163
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 21946
x-amz-id-2: J2ABOKaHOSNDcyuHlS4u9si+NPhDnnzXDiHOLCoWIXSdzvS9+HVobgoVJf9ubMXHYtBrm3TMtAM=
x-served-by: cache-lga21970-LGA
last-modified: Sun, 21 Jul 2024 11:30:35 GMT
server: AmazonS3
x-timer: S1721646147.992954,VS0,VE1
etag: "195e91b4c1a86447a23d4287d473b6bb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 62ms
14ms Script
application/x-javascript 23.220.125.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.125.76 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-125-76.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 11:02:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jul 2024 07:46:05 GMT
Server: AkamaiNetStorage
ETag: "7437febf15b08e005ac33eb9fc2707ae:1721634584.416148"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8614
Expires: Mon, 22 Jul 2024 11:22:27 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
4 KB 285ms
79ms Script
application/javascript 52.40.189.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.189.238 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-189-238.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Tue, 16 Jul 2024 06:12:44 GMT
server: istio-envoy
etag: W/"66960f5c-1d89"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 110ms
9ms Script
application/javascript 13.225.63.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1721692800000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-10.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
date: Mon, 22 Jul 2024 09:13:07 GMT
x-amz-cf-pop: EWR53-C1
age: 6561
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Z5cSSn41x0_d4L54OP-sctK5-ixnDCDTlj5GtGtJn7mdPKq_etydlw==

GET
H2 200 pixel.js Show response
cdn.mediago.io/js/ 95 KB
95 KB 35ms
10ms Script
text/javascript 52.85.61.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/pixel.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-83.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eee0b11d48ea095a4dc484d65f7a2b1197c7943f25e5860a5fe5adfc6a6e4568

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: xuKXPtRifJoGc1vQWZ2Kzz_QxzFdYB4h
date: Mon, 22 Jul 2024 10:01:24 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jun 2024 09:04:41 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 3664
x-amz-server-side-encryption: AES256
etag: "7eefe2646c9f579d22345d191511c03b"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 96786
x-amz-cf-id: NeWuBOz9RZh1m4dUblc-YJv5HkybNGj5kY4Fkzqjl4B_Jnkg3IsHPw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 283 KB
99 KB 38ms
36ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01439dddb0622f696a157c473b0ae1a49305c85bf8445a70b3bb90da181053ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101011
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 11:02:27 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 94ms
54ms Script
application/javascript 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 535fb04dc7a6eacc45d430295d7eca65b3712441dbd2f9831b62cd06af13cf54

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 8ff8ad3.1c42686d
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407221102271824D1E8D17874AE5C23-06268D909E1FC19D-00
x-cache: TCP_MISS from a23-220-106-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
x-parent-response-time: 17,23.220.106.14
server-timing: cdn-cache; desc=MISS, edge; dur=10, origin; dur=7, inner; dur=3
content-length: 2244
pragma: no-cache
server: nginx
x-tt-logid: 202407221102271824D1E8D17874AE5C23
x-cache-remote: TCP_MISS from a23-48-200-175.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.200.175
x-tt-trace-host: 0180e0563fd48d5bb1dbc36bedbaa7d77443652ba7f416f7a1ed7af933332238d8190ec96e9403d418b89a49aa0f2c033c589d8408d0dc5067c34bf0c5bc72e746f62d8f12751d600ca9cedddefd5746b159a6073edd6daa7f4a851050290dab571128164bfad478fa25c9ee2a49e50d08
expires: Mon, 22 Jul 2024 11:02:27 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 42 KB
43 KB 210ms
127ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/e43977a4-bggr-421097568-2_11hc0n800000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e7254dd9e801bacf701a8b7b7adaf764ec3ca64dcfd675785a21d099af31474

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: NxiF07l0g_ayQMTTdEJjpp2VA1OiHPp6
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "7497551f1ce9e1c53475a5d960e18694"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 43057
x-amz-cf-id: mQNlbqNilqFAKWlitUmWHCrpZCkNtzhatkdj9vDRRSNbmiQbzCLHqA==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 132 KB
132 KB 137ms
112ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_12400n51hc0n50bb000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e60edd0cddc2dada0c5a48d7ff0c5915b24b50ae27aeee39196eca351c5b7f9

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: MX4wW4te3PQoS59abBQovgGQXb3xLXbg
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "fba513c21ccb84e9ca7aa8699e689d73"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 134704
x-amz-cf-id: 0B9AIBJhxXLVPUgiac9jwAEJy3RBuGv7GZZeWmxUX8TOsHAAwI96NA==

GET
H2 200 cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 35 KB
35 KB 112ms
104ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/cfc9c39c-gr-back-background2-2_11hc0r300000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0082eeaf682ef8871b677f57c699fa2f627961324140f1adf673efc0f3cef9c3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: d3.rYLQltZ5UFCVpAK8NKR9Xkb6tTuyb
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "b4d286f5262db1b32d5301027338a891"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 35407
x-amz-cf-id: BpGEBPWSvOkZPicK0klF_pt-SbjLOZgF_ouKhxycIVlzoBzk1u6FLg==

GET
H2 200 a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 186 KB
186 KB 159ms
156ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a5fcadd7-unsplash-0tgmnmiyq9y-i-wont-a-new-background-and-i-found-this_11hc0zl00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4928e8ff74e762e0ac3cc22f6149fc8fe3cbda131ea61c10d37b2032a793dc36

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: .m.6tFMSkINjBzTsdu_l.PzO4Vlk83Ud
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "9a0da736d15f1a34df76ccf7f61ca111"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 189964
x-amz-cf-id: bBqcJNseGViNbosL5meT8C1Z-R5R2YfSfSG6zmKBNsKOY8s90ahHvg==

GET
H2 200 aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 54 KB
55 KB 92ms
89ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/aa3dfdb7-artboard-2_127q12o1hc12o0d7000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a6a3ab92eb57a2d5005a905426ac0111c7410591335595788f5e676e06e73a3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: LJayAAxVfOZUHb8PnfxaRex96lZIWfJ1
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "70720d2d6fa79b0f10ec7b7795dd2de1"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 55630
x-amz-cf-id: JEJFPtUcFlVS2iCLIPqvo9_B3GiM-HJsl5aZW9I6paPpmNCtGliQsg==

GET
H2 200 d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 80 KB
80 KB 180ms
178ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d2902373-f57a20-wave-gr-01-2_11no0i61hc0i6035000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da8b40bfd5c0d0418874ab2a43d1ad8d6ba7be698e2f43ac964f4aeabc7bf484

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: fx4BhPwq8cBLayBXxoTm.s21s8ybXK31
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "4f64715fa11ff269e0afd60e01061532"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 81768
x-amz-cf-id: buudKDPfUMuGjE2W93123pPsEcW9-DlwOApp682hnEk0SDbGdAYNbg==

GET
H2 200 f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 393 KB
394 KB 127ms
125ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/f4af4028-adobestock-320128207-1_12hy0u000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98eae7d8712b01cb6d7f168a4169b448460ee6f06fdec99eb6f609f5652a6b2a

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: etNvcYu0AjlLjZi.lxQnX4F7XX2tEhvR
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "219fb9f50468dfb388a549d5bbc5bd05"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 401999
x-amz-cf-id: kDOpFyD1CZFhvSuK9KH_GKiHt4rrJWCFrzAblOkjP4LFBibXCyP9LA==

GET
H2 200 5065891f-manuka-background-orange-01-1_11yk0rq1hc0rq08l000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 62 KB
63 KB 75ms
73ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5065891f-manuka-background-orange-01-1_11yk0rq1hc0rq08l000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c665299a16156bdb7b3dfc2ea106c6988460db56657609763c9d991f9d638127

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
x-amz-version-id: 3t3hxf5d8rvbY5VRGyYeBokdyQptXBj9
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "8c30f0395906f22b5851ef6171c4aeee"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63856
x-amz-cf-id: uK868_dqt7hP6n_qmkF7y80ZTpvpOmolq2rJ368Mft2qc5rnUc2b6Q==

POST
H2 200 i
pages.upwellness.com/_ub/ 2 B
262 B 36ms
30ms Ping
text/plain 104.18.19.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.upwellness.com/_ub/i

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

Referer: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pages.upwellness.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 8a72f042b87a43c2-EWR
content-length: 2

GET
H2 200 syncframe
gum.criteo.com/ Frame 2412 0
0 44ms
15ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jul 2024 11:02:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 274934
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.183.0/ 183 KB
49 KB 86ms
10ms Script
application/javascript 13.226.34.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-65.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 24 May 2024 17:52:37 GMT
content-encoding: gzip
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 17:48:37 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 5072991
etag: W/"ce1f9daa5bfa548f0417f378eb40974e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: wR9vbo7AO_E-_E5Yvn9Kd0b1nVRj8msRn9E8OD1WMPspt_DUqDWOog==

GET
H2 200 main.15f60036.js Show response
s.pinimg.com/ct/lib/ 80 KB
23 KB 14ms
13ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-cdn: fastly
etag: "8de095625367fc80faddb31d1c4af0e3"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 23297

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 2 KB
1 KB 80ms
32ms Script
text/javascript 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1721646147223&cv=11&fst=1721646147223&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bd2ec142ec315e0886f417f23342bc1457c902870865b0615e964a1ec1a1069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
1 KB 50ms
32ms Script
text/javascript 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1721646147247&cv=11&fst=1721646147247&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa8906ad9420d4c55bdc1445dd384779d3a367c3c78e201f7fc902d6d1c82011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/458254939/ 3 KB
2 KB 59ms
32ms Script
text/javascript 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/458254939/?random=1721646147265&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_m=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)*A%3Atrue%3A21%3Afalse*1&ec_sel=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)&ec_meta=A%3Atrue%3A21%3Afalse&ec_lat=0&ec_s=1&fdr=QA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

c07bfeefed302d67a76171191f344946d6500f468664a2ae0e8ac1c412a623e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1689
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 31ms
30ms Script
text/javascript 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1721646147279&cv=11&fst=1721646147279&bg=ffffff&guid=ON&async=1&gtm=45be47h0v897602535za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fbddea61a3f48d29dd3edf38a67cff111506221fa50e3becbcbfc9d23c1907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
1 KB 29ms
28ms Script
text/javascript 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1721646147308&cv=11&fst=1721646147308&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d5103d6d9980eb4c11f5e35bfa6fa1abf2ad28ca999b7692e0f5cbfc6155d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1440
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
279 B 34ms
8ms Fetch
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-lga21951-LGA
date: Mon, 22 Jul 2024 11:02:27 GMT
via: 1.1 varnish
server: Varnish
observe-browsing-topics: ?1
x-timer: S1721646147.353068,VS0,VE0
x-cache: HIT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=2592000
accept-ranges: bytes
content-length: 65
retry-after: 0
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 43ms
42ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1721646147329&data=%7B%22id%22%3A874%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1721646147320%2C%22cv%22%3A%2220240720-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1721646147328%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4fb65c9738aa1dbc09541d3272111f264d8ff8d08f8b90d6b99e3e44f243ae1c

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 33
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.19724999999999998
x-fastly-to-nlb-rtt: 16427
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lga21970-LGA
x-log-content-encoding: gzip
server: nginx
x-timer: S1721646147.337180,VS0,VE33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 60ms
16ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jul 2024 11:02:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=12, mss=1328, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6YZcUTyeG4kX2Sq3xlQ9L5ASiJ19d53B/xuPWZZHXi6of3rppV+QUNfOXovcxU8sNxQ1FTBU5yJJ/FTf0si7fg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 86ms
21ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 Jul 2024 11:02:27 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E39ED618A4BB4C04AE701CA106B701C3 Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:27Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 52ms
13ms Fetch
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=04168909148885467&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
cache-control: no-cache
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 6c7d198b8111c231a96042c01ca5456d
content-length: 54
content-type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 52ms
13ms Script
application/javascript 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 098fc547eee41f95223c080197844e2d
content-length: 39
content-type: application/javascript

GET
H/1.1 200
OK 00e83052a71a1dff3bc62d5d40765808fc Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 158ms
114ms Script
text/html 23.220.125.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/00e83052a71a1dff3bc62d5d40765808fc

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.220.125.76 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-125-76.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 22 Jul 2024 11:02:27 GMT
ob-sent-time: 1721624281627
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
x-traceid: 468d68281424432caa35a9522773b79c
Content-Length: 22
Expires: Mon, 22 Jul 2024 11:03:27 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 44ms
14ms Fetch
text/html 23.220.125.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.125.76 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-125-76.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 11:02:27 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Content-Length: 26
Expires: Mon, 22 Jul 2024 11:22:27 GMT

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 85 KB
23 KB 13ms
10ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75e19cfaf1f4af7ae7f6de3d2b180126876b3fc895b2cf8df6834eec44638c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2133
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 23362
x-served-by: cache-iad-kcgs7200125-IAD, cache-lga21973-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:48 GMT
server: AmazonS3
x-timer: S1721646147.408428,VS0,VE0
etag: "98a72169e73cc9d0064cae37f62f9f33"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25, 13

GET v
views.unsplash.com/ 0
0

GET
H2 200 main.MTU1YTMzOGNmMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 343 KB
98 KB 19ms
19ms Script
application/javascript 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7955f1923c559ed4416f4256cd933ee7d1b9d57079a754921848fae4ad05f34c

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 1c426afe
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240718120104BA0772A91FB4DE1C0B9D
x-tt-trace-id: 00-240718120104BA0772A91FB4DE1C0B9D-67198992A1FF4168-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fe48e28d9a7c916f2e746a1462001c5f537c0975645c842b49f2664593ba959cd8ef39af0c392b34c6aeeec0733c4e307252e82b970d28547b2447ebb9883b7dd8b7cdb77493518298e438333beaa879dedabdf656232b152a3033f69bd4b0b2
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=15
content-length: 99880

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1721646147409&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessio...
https://rp4.liadm.com/j?dtstmp=1721646147409&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26sessi...

13 B
348 B

97ms
17ms

XHR
application/json

54.83.17.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1721646147409&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo4ZjEzOmY2NzU6MjE3OA%3D%3D&n3pc=true
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Server: 54.83.17.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-17-184.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
x-pixel-event-id: 51854fd8-6c43-469d-877a-180ea040d05f
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1721646147409&aid=a-057g&se=e30&duid=f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0&tv=v2.14.3&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&wpn=lc-bundle&cd=.upwellness.com&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTo4ZjEzOmY2NzU6MjE3OA%3D%3D&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 Jul 2024 11:02:27 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 48ms
47ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E56T163DF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

451f6ebc54746eb56022d52c8692938318c6694f71187525111b4888880f62c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jul 2024 11:02:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
25ms Script
text/javascript 2607:f8b0:400d:c0d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jul 2024 10:39:52 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1355
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jul 2024 12:39:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 37ms
36ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1d5055ef8df05be8830805e5633f4758ffaaf2afdd1d7dfd1499c3d237eadcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83314
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jul 2024 11:02:27 GMT

GET
H2 403 cl4975ot4arrr6.js
cdn.js.customerlabs.co/ 0
0 407ms
293ms Script
application/xml 18.67.66.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-66-87.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
via: 1.1 615f410a3a080a335933e9fa08c15260.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: IAD89-P1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header, Content-Length
content-type: application/xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MN4Ug9N2ZZEEoj_E22XfxYAhA8bGYp2Z9h1YoSsGZTkUfk-kSzX4Qw==

GET
H2 200 event Show response
sslwidget.criteo.com/ 11 KB
5 KB 74ms
34ms Script
application/x-javascript 74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=102531&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=YjWan181aUlWZ1dTSGhmNiUyRlMwazc5ckRJcDladXBjR0ZmV1J2V1FGSUZyQ0RwU3JJTjVxb3lGVzhYY2RVJTJCR0lJJTJCZzFXMSUyRjdaeFFYWlVsU215Mmkzb2swa2NrejNjUGZIYnJtaGxvYUhSZmwwWHQ3clc2SkpQOUk3UHJyOXNHMk44WVdoY2ZVbmh5S0NsMXBzQW1WRXdaQjI5WDNPcFlRS1pWbFlTdkoyMDF1OVZ5dyUzRA&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-fps%252F%253Foffer%253D67%2526session_id%253D102ad9e183f34593b01fc41a774a2b%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_TH240715PM&ceid=fde7a2a1-4576-415c-9a2d-f41453478de6

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c0c879faf9291904fa0bdd234bc665accd77070cf6b79e9117f72c83f9898ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11025360
timing-allow-origin: *
expires: 0

GET
H2 200 jz7ox0tvgu Show response
www.clarity.ms/tag/ 801 B
1 KB 71ms
31ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ae486ff02d889851bda63226c9a39d002c58c522339ff51581521ec8131fe7a4

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Mon, 22 Jul 2024 11:02:27 GMT
x-azure-ref: 20240722T110227Z-15b94bb6ff94s8kmu55dtuug0s0000000h20000000002ypm
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 801
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 268ms
77ms Ping
application/json 54.187.143.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-mtbfykuf-lywvnxc2&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&rl=&ts=1721646146817&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20126&md=false&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&tz=600&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1721692800000
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.143.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-143-159.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

GET
BLOB 200
OK 8d39262d-a78a-4224-a733-d526b27ccab7
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/8d39262d-a78a-4224-a733-d526b27ccab7
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-c84a6bf.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5427
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 6 KB
1 KB 131ms
46ms Stylesheet
text/css 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-c84a6bf.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

8a0e7e3afee39fdf54ecfda43d23886e66d72453d9652166573b64389c61f26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 ef73a156d5c211fdbb7e4231f2a0edca.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
x-amzn-requestid: d110f4ef-1395-41d8-b48d-00be6c88aaaf
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: bT5amEjIoAMElnA=
content-length: 685
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-669e3c43-66620aa366e4113241330a12
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: 7HwgPp3tW6ayliAabsiJTAY8qJhm8SgfoKvSv2pU-dox2M36jo9iCg==

GET
H2 200 2181c4f3-upwellness-logo_104201o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 4 KB
4 KB 27ms
14ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2181c4f3-upwellness-logo_104201o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115331f3aa1fa4b58abb49d57743ade02ea93be370af954f1322f169c59c8b9c

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: BiV7wJoy3cB1hVc4PhGVd9w1zoNxnPvs
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "52b51981fb8c3302d1379dd9d1c67a5c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4054
x-amz-cf-id: A7eot0sBSl-ZXCnbrKzXYxpR0G6Ovz_u8gxH3LM0bq84l4onYpWsGQ==

GET
H2 200 32f07f71-whitecheck_100p00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 542 B
961 B 27ms
14ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100p00w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 03:51:09 GMT
x-amz-version-id: .mWz1HaMu8KrEK5lL72W9MAis.q9dCD_
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:39 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1753879
etag: "4825b4ea0d4c880b6307c2e7132ee9a6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 542
x-amz-cf-id: IPMcX39PikScRgCeSl3p9nXRh8XXxgNLB9g--9jDFam5Sva1l4iHHA==

GET
H2 200 95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 16 KB
17 KB 33ms
20ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/95f860a4-60daymoneybackguarantee-logo_105e05e000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 03:32:44 GMT
x-amz-version-id: eln.nGncYTWsY1zmMa1QN.FfqTfYSDQZ
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1754984
etag: "65bf040063564f89972c66052d155a51"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16499
x-amz-cf-id: sHU2u3C_xlR6nIs79cLaYesKAuxUAUBmbPmGiB7YmX7VsthdFoiVvQ==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 3 KB
3 KB 25ms
13ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e47c2ed94fe556413f6276acdaa093bae03b6a162f5c05d5e4d66305fab48906

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: Dj1okyNTxOjw2Wkn6n8i4OeGZRpSq_9z
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "4957b01800f8e2df157676abece14917"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2853
x-amz-cf-id: 01CYJgbq-zaXaWQFz1LNkuilnRa3udFHvGoHC9CnvAOdCQ1hSzrk4g==

GET
H2 200 ac1a08cd-inflammation-1_108t09u08b09p009005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 44 KB
44 KB 30ms
18ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ac1a08cd-inflammation-1_108t09u08b09p009005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 10:38:03 GMT
x-amz-version-id: N4lBYwrrdtpUgbGQtnTqXrxvwCLuwq_U
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1038265
etag: "359ed3bb81729f290b18d9b109cf06a1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 44857
x-amz-cf-id: F1B40l6sqMJTGNXWHSIfKtEu5QR-RXQ-gCMcAoNjuGGOhDyaV0RLeA==

GET
H2 200 4cac7528-white-215136347-1_10dm0c7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 28 KB
28 KB 32ms
19ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/4cac7528-white-215136347-1_10dm0c7000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5a2924ce2c6e88c1c67695c8d2d9dd16b10ef11e733bf1336399800a2bc5396

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 22:36:10 GMT
x-amz-version-id: Et0GTHNuOSaCm97PgsXa9Ng3X4IhkWWB
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 217578
etag: "a737615245ea4e498f9752bed5368dde"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 28323
x-amz-cf-id: hfyM2bi_KhVVnJqo82hTthrLrU3asWlt28XF_shPcFI3dVtkZrnBmg==

GET
H2 200 100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 23 KB
23 KB 34ms
23ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/100773b4-lr-134712307-1_10ce0ik09f0ho01x00g01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 03:03:39 GMT
x-amz-version-id: 8iqJX8E1.Ogfj_uh8iQY.1mP1vdMhABr
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:39 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1411129
etag: "9e943cd62e2bfe0bc4e138564aa93a3e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 23241
x-amz-cf-id: wAzhORgvmZcjM_Dd_eLd_i9s9cEzTn5nb2dJ5XvEMxeAR_bPkLXl0A==

GET
H2 200 55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 92 KB
93 KB 30ms
19ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/55c22076-extracted-345080294-1-1_10bw0az0bd0ar008005028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 03:03:39 GMT
x-amz-version-id: EiYkU71nnHlipgQrhEUnOZbc58rHXPkJ
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1411129
etag: "49e2d3fbfeb102084be57d44c2246bb6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 94271
x-amz-cf-id: 5-E26_o-qt937GLfeksX-DsO62VPD6pbURhW9DlLZRdApuykDCnnfA==

GET
H2 200 d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 22 KB
22 KB 37ms
26ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d7376dba-adobestock-77164958-1-copy_10d40jn0830dl03303o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9689b5cde0d4bde9d17a2197a4d3377370273f63e33140d1e8512cc685fdc6eb

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 18:32:19 GMT
x-amz-version-id: aZqEi16nCre6RRYvX4f8tFGBiV3m5QYK
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 145809
etag: "06cee5bb33b3788c64335d10100c19bc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22305
x-amz-cf-id: PvjCE-u3GxpiRSWP9rsAGKwh0uAu4yNo7KzsD5NX6lUdF4z2XOV4CQ==

GET
H2 200 bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 78 KB
79 KB 32ms
21ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/bd7c9ef6-adobestock-123485680-1_10af0cv000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28e87c0c4bfb8589a9ca04d743ae23e71cd1828902cd8028990dae98a9479363

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: cfxokLnb7kR8rO8ugnqI.rcEFXBUdtRk
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "a22cced9b2b1e64e82054f74673fdad8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 80308
x-amz-cf-id: 8rUz4qcDaSLq3DJHhjM5yFRnDmOn1zr7ngtfHCN_v-uI0vy3lAPQGw==

GET
H2 200 d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 17 KB
18 KB 41ms
30ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d70288ad-adobestock-87210322-1_108s0ep00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cac9ffc12794b3df79bdbc912f5ce03a196226548ddd8f8d67d2d63113a72652

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 22:36:10 GMT
x-amz-version-id: W1tKX8J.2PZncLt4v4cpMlDJQDfj66xs
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 217578
etag: "5c862f7e64bc80bb22acc2ce28eae951"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 17799
x-amz-cf-id: WzZnkpzpLDALSaa4Cln5tAIkFlmSO2a2OP-zcS0PRrFcWvP1pXrgIg==

GET
H2 200 a72f1bbb-lr-283136986-1_109o0en000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 57 KB
58 KB 37ms
27ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/a72f1bbb-lr-283136986-1_109o0en000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ab989207f26bace33b33ac73513eba4e679923e3bb6e82e42ab69d46143c48a

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: bM9iOV9xfVy_Igqs9HybgVPnLW5WDKYQ
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "8d07dcabe68961eb8ccb71a41d1f8ec4"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 58792
x-amz-cf-id: udtCgL8U3YXqdgfHlAqli5EH9zBTjosQeZqmohvPISQQKchgOVNKeg==

GET
H2 200 d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 28 KB
29 KB 53ms
43ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/d150f539-goldenrevive-label-05042021-r4-01_10bf0d8000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb6d48fdc0f788c8ec7da729b014155f32d624e23ec1ea7a0d4a84dfd051f10d

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: 30aqn1N.p0GrYFst5C3bcMdqQS1s4BZd
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "ef4ac52be197791f7af2752d43153519"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 28814
x-amz-cf-id: AF3ftKvVh_oeLs1EY1nBYZkGr2rZX4P6HwWG1oUFo_kShl4phmWsaw==

GET
H2 200 da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 45 KB
45 KB 39ms
29ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10aw0ba08r0ao01f00m028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 10:38:04 GMT
x-amz-version-id: Ctk0bU3icGWnDcBpM.LdfDaUR9_2VCg4
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:41 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1038264
etag: "95c55c95d92c456dd43b16b64f4b3ff5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 45619
x-amz-cf-id: -DrRq-KDLvYBR6zsdHOBnbdnmC7xY0SX3qFLVhjaCu9EFjJ2-bRVaw==

GET
H2 200 5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
2 KB 41ms
32ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/5cee692a-quote-d54c27-orange-adobestock-152465838-converted-01_102a02b000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3e8224acfdae06b7abba666614274da655043db7c569f4035ce6e3c39545e46

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 18:32:19 GMT
x-amz-version-id: VM_aICCPJT.hCmqKEQBAefpkzcDWd2A6
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 145809
etag: "eb485ba35fb5f7de40b8195e68cdcf4c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1117
x-amz-cf-id: btUztrdZvR74UFtAC85C5c9v03F1NGdkCEWFuBGz6zCu7RmRsY1Hhw==

GET
H2 200 50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 926 B
1 KB 40ms
29ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/50b06592-pf-266e1b68-fivestarsoriginal_104w01g000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 06 Jul 2024 03:03:39 GMT
x-amz-version-id: mJQUkWZKWUIjqpo.2nmE_WLDEEBSR3Gi
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1411129
etag: "c4dea36dfe1ed65d42e45c3b855c61e3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 926
x-amz-cf-id: S56WkEwmad6nV0TWhytS_e0cp2tylJ0L9eRdNMNi6uTzxcXvUS9afg==

GET
H2 200 0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 67 KB
67 KB 54ms
43ms Image
image/jpeg 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0e914824-gr-verticalcollage-testimonials_100000000000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: uS4UWY0F6PiTDCXUhRGgEhq0GZWrOSLB
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "8a35e1ec124590183b3b65717bbdf858"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 68470
x-amz-cf-id: YNCBKLhQrREjDM3nFi8ZkzkagXToWDl-umEi-6TGe9CrOyF_xZETng==

GET
H2 200 52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 308 B
729 B 41ms
30ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 03:52:53 GMT
x-amz-version-id: catXoLjJkp6xDweMN7NooNXcacY_hJjP
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1753775
etag: "664e0b74b02a5184054577ac4e266e5d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 308
x-amz-cf-id: KU9n7nYHqYMCHMQXdk_qnC3_LYSxjEu2dDxiw8kdhlGWKpHZiaKqDQ==

GET
H2 200 7f01bac7-five-stars-original_103m012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 778 B
1 KB 54ms
44ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/7f01bac7-five-stars-original_103m012000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 10:38:04 GMT
x-amz-version-id: SufjjtxjGOA62qMqjcHKBb6JOVkGH8UF
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1038264
etag: "918ec8903473fef53c9ba0b9cf21cd8b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 778
x-amz-cf-id: dqDB4BvoBFU9Lg01nN1VmFFhV5tw1RoiEsHyB0CnjygKpMnGbhHF2Q==

GET
H2 200 8c77d1de-rightarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 41ms
31ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8c77d1de-rightarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c75287eb8ef38ca2040926b861f83fb1f78e8510bf0c217a89d15af4732dfc25

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 18:32:19 GMT
x-amz-version-id: Le44fLGZtV228R8hOIT2dSH6i0Rq6ZZV
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 145809
etag: "0ec57a94714f606141a207b72126eec4"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1114
x-amz-cf-id: pkbNWvISRuqbrKSWOMqsQ7pEZGMrjgAIhPgnS4KPqimO35z3_2ox9Q==

GET
H2 200 382a6532-leftarrow-angle_102n02m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 1 KB
1 KB 46ms
37ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_102n02m000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 10:38:04 GMT
x-amz-version-id: at9fdw6uS3RZ4rQ5AMZWUJvZspXLUp4h
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:39 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1038264
etag: "38636c9904e9e46c854a0c55d99255c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1060
x-amz-cf-id: iDx6eKgPpuTmfFtLFhmwiKcJpcBI-rIJBzzyTvt40XBdkuRH206qwA==

GET
H2 200 382a6532-leftarrow-angle_1046045000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 2 KB
2 KB 41ms
31ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/382a6532-leftarrow-angle_1046045000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 625f58b1e9ea302916ba236ceaf97e3b7467f4d37ab8409a30f6c7a0afb024aa

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 01:28:59 GMT
x-amz-version-id: 6br.60ddftOJv3RhGqPkBrwbpJVf1iBZ
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 34408
etag: "d675255d4be61980195f1341da89a5ae"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1903
x-amz-cf-id: Nb-QaNjSHCKMOPvp7YwSa89PfqlmcUrwjFKz-D7Qv-xmF2xG98NhFQ==

GET
H2 200 0a4cf109-rightarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 993 B
1 KB 55ms
46ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/0a4cf109-rightarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 466123a069cdf8ec57d29dcdfe0ecbf99cf201e7cf4608e4cebe812265cf0848

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 18:32:19 GMT
x-amz-version-id: 06u_c392rpDi07cRqSFNACczloAUi6HJ
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 145809
etag: "887f7e145b4e175f54d67765ec6b1b28"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 993
x-amz-cf-id: MGNBoZHrltmz0DnGmMt679gLvXD_icF2YeBjttJD9948-I-HjFrRxA==

GET
H2 200 29f0369a-lefftarrow-hr_102v02w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 941 B
1 KB 40ms
31ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/29f0369a-lefftarrow-hr_102v02w000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eceaae8316905c7a26e541fe7a89668e84df7f64efaca32b113cd1aac8e07579

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: Grsfv.MN0vRSnSYw_brDAlHJEgqBFkox
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "2ceca27d0f9f1e6cae21eb549bf87a0c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 941
x-amz-cf-id: -S1Mx_66a2XoZD3Qw4LkdJI_lYTYvoBLBko9-6VOohUc8qXY86J9zg==

GET
H2 200 32f07f71-whitecheck_100m00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 451 B
870 B 46ms
37ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/32f07f71-whitecheck_100m00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c7a01d3a1cffd801444fe03c7c3fddf9652845971982db95d03947a177aec46

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 02:44:58 GMT
x-amz-version-id: ydKOm6Vg0H88bd80X.iris12g_Zdg8P8
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 548250
etag: "8bdd7d0b19d158db6a1bb8f313c49edd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 451
x-amz-cf-id: Bg_mA7qsedZaAW0bdlTqDw-lnvxX9k2xkUzBLLFioX6sLROiv3E9ng==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 14 KB
14 KB 42ms
33ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_103p06z000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 355303d34a763f723b5706dbeaaa9f68304cd8a9641be0fea8013084bc70ff50

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 22:36:10 GMT
x-amz-version-id: Dh9MolgXLVvBLZ8OqFiiWDjqYcc2Cvk_
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 217578
etag: "3c0c0f518e84abb1c49af207d6548362"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 13939
x-amz-cf-id: _A_YQvlKqxMSJr3fgf-JT_elIb_kz3Zj9U3YFiPEKFYNNdAbziMZgg==

GET
H2 200 8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 63 KB
63 KB 55ms
47ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/8558abfe-shadow-goldenreviveplus-back-updated_109w0ip000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a7a5ef27244cbd69baf580ab2336d086bc3e5e0dfcdda9a96bcabd3cd28bca0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: hCm3ZYWVCrW9N4fmnP.4vYe.p4Uv.9NM
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "67af05f4ae1f601907459d4810746b38"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 64275
x-amz-cf-id: d99_TzxZ7KsoO5nKv7d9v1FsFW1GS7Mi_VOWYS91N3woPmEBCr_Evg==

GET
H2 200 2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 62 KB
62 KB 49ms
42ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/2e909c98-298502280-extracted-updated-rt_10dx09o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3afa4afc47b629e574480ead9591953a1340f05d5b58662d3b0d4623459d07c1

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: NPRTpxxmJujzJZfmatDtrDIKX1Qo7V4u
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "d69b6d13dc62cb7cbb1cf92e9d85ad73"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63104
x-amz-cf-id: RZuSRCQiE1plLX3tz-MXHo91JSKWNFOwuKjgVn1xuNlq9Ze7k0psOg==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 48 KB
49 KB 54ms
47ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_108b0fr000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2406fc64a1bec2b09941c5e45631de1ab70363b5f124fc08a98bcdb0115d269

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 18:32:19 GMT
x-amz-version-id: voxRY4GFH8ObeSneyhfV_xjkMpboz6A2
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 145809
etag: "40be8d733e17c290ba3f195158f04f04"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 49229
x-amz-cf-id: JTWC_kLrJc7XkVB-tgMrZ9cgqJMBhbRZEyyRu6phYm4_cbenEn4WFA==

GET
H2 200 56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 15 KB
15 KB 46ms
39ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/56f40964-lr-adobestock-216305168-converted-_10ao0io08v0ge00w00v028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5db2abadf5f56d4386a387198ea15ff23a84c488827f2ba84fc560e4838a0a10

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 03:35:30 GMT
x-amz-version-id: vCkR6Q1CKlF3PJiTjBq3FRnBq7wAHeVU
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2024 17:53:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 545218
etag: "30f5602843442cc6cc87ec642aee2fd6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 14952
x-amz-cf-id: DH4Hi78Kix-KaibyZBN25RBOFL2-9eh6LrS6dJWMiVleJUvhSP_2-w==

GET
H2 200 85dd4373-newshadow-goldenrevive-rt-front_107x0f0000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/ 39 KB
39 KB 44ms
38ms Image
image/png 13.226.36.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-fps/85dd4373-newshadow-goldenrevive-rt-front_107x0f0000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-141.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a821d04787f7c819c15c225d04602efb044b94c22562c4c2766e9945829f058c

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 10:38:04 GMT
x-amz-version-id: xyfFUf.27t6lyttXhdHi.MT5FdMvnCTA
via: 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 14:17:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1038264
etag: "12b37f28c0f70c09ae391e1c28872d07"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 39620
x-amz-cf-id: 2fMmlcM322cMsbnt6Mi8jECKV5sW79xuwPwWhFnkfGthAxrmTZ4zMg==

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame 39ED 0
0 110ms
76ms Document
text/html 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 8a72f0467aa04325-EWR
content-length: 325
content-type: text/html
date: Mon, 22 Jul 2024 11:02:27 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUAzdHSvZfsUYMTRF0mTz4mnXtT3SEDdwZAIBrTmdnAxD63w%2F59WFZ7O5tB6I00CDQq3vNAbt7DhPt7umUA0PTmknpm6d1z%2Fp1G1%2BEmdmWjksQ%2BjHAUviuFgzt%2Bi%2FLBp63tvEIDqPGOZfzcwoON7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: Pj7cjVW5B+3VrQHUwkVLRmJf+gY1h6l+I6zGMNpfMmBf1Vq/QTeKPek0iPOaLYGKzFGsBgghNu2YPwzsPv2QaLscMlhGZr2GkewH3YV1SCw=
x-amz-request-id: WTGNW7ZVH6PDVFMW
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 99 KB
30 KB 11ms
10ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

adc9db9b3e5041761e9fdc9b24f7aea4e9177679e13655adc51e37d35045b36e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3029
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 30472
x-served-by: cache-iad-kcgs7200113-IAD, cache-lga21973-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:48 GMT
server: AmazonS3
x-timer: S1721646148.591127,VS0,VE1
etag: "b125dfa5ae47cfadbe4ec8254c25ecc9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 1

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 2 B
467 B 114ms
38ms XHR
application/json 2001:4998:60:807::1
YAHOO-CHA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jul 2024 10:07:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BQ7NBCK6ACBGF17E
age: 3326
content-length: 2
x-amz-id-2: ybusC0O9SSbYJWWnbudwzu9yMuNFDgJt2M5a32BJhBnU3PqV8cM3ex2FJoDoU6bCerHUL8dyRJw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 2 B
182 B 112ms
37ms XHR
application/json 2001:4998:60:807::1
YAHOO-CHA

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:60:807::1 , United States, ASN14196 (YAHOO-CHA, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 22 Jul 2024 10:10:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: A7ZD0G3HH80QN1PZ
age: 3126
content-length: 2
x-amz-id-2: +uZyUirfUEitcpeLkfpXwSC6BovbGNauh+Zr17kZ4vTsY8VPF0UEpvua98ezq2MVwzlTJ9QnwQGd3KxjyKZpsbYzRla1+vUX
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
24 KB 33ms
12ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 28 Jun 2024 07:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 2088088
x-amzn-requestid: 5eb21afe-a0d9-4111-97ea-219639b1eb3a
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: aEPixGOpIAMEmaA=
content-length: 23578
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-667e5fab-726c0acd1bbdc225773a2530
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pw0Pgc4Dki_KcQA_4-FFcI0iwa5C1oc9ADef0GkZYkp1a9RdMHwWGA==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 43ms
23ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 01:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 17831846
x-amzn-requestid: eed0e377-7110-4c6b-a9aa-86b56e41c575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: QrqosFo_IAMEoLw=
content-length: 23041
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-658e249d-3715c6b724c834df3251ecc2
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QqrcHNds2eqpv-LuB8nMMlwSNj5FgWV0sW49nB4WI9XxZwPGPEnHrw==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 38ms
18ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 06 Jun 2024 23:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 3930688
x-amzn-requestid: 78524898-2ae9-4266-b80e-9b98874b3213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Y99AmGqeoAMEjoA=
content-length: 22518
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-66624203-236266b610715aad21a53945
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vEKpfhjISPICuI9wVGRlZtCKF_JD_drS2_buNqrCkYEVO1lS4kzbMA==

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 24 KB
25 KB 41ms
21ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 28 May 2024 05:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 24448
via: 1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 4770870
x-amzn-requestid: 69021e13-f480-407a-b0ab-e51030daaee3
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Yd5yJG_KoAMEiBQ=
content-length: 24405
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 02 May 2023 15:30:00 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6655700d-47808d841c4621c21567d58b
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZOBPiB4mnmYCDGU-WF1ZM-m58SpctFh48BIdn9msHDcIAAl7JpXydQ==

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v53/ 28 KB
29 KB 47ms
27ms Font
font/woff2 108.139.29.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:900,regular,700,700italic%7COswald:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-53.jfk50.r.cloudfront.net

Software

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 03 Jun 2024 05:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 28512
via: 1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 4252299
x-amzn-requestid: 9ab3bb26-ab97-4e45-9de6-b0af4e1a95fb
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Yxr03FjsIAMEAyQ=
content-length: 28534
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-665d59b8-2eaf32ac7d4f928012431edf
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Vk00p-ZiI5UpCxtQ3W8Ww6Pbc3nX9CWnepu_iUxyEst2j9HGPR6MyQ==

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 301ms
81ms Image
text/plain 34.214.40.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&vrs=8.4&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=85179a56-feff-4fb2-8bf6-6c12bac74034&pageid=465fb70d-5838-45ba-90b2-95ea6a16799d&sessionid=4b5967ed-e4eb-4a42-b830-aef0d389ab3e&cd=%7B%7D
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.214.40.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-214-40-15.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
context-id: a523acfc-b42b-46a0-beaa-b7147446e927

GET
H3 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
64 B 79ms
31ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1721646147223&cv=11&fst=1721646000000&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLvj9qfF0mAMoyT1Zgjcdn5_djGBSv8g&random=1500345287&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
64 B 76ms
29ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1721646147247&cv=11&fst=1721646000000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLwrV4FqyQuUpcrGxlz6z_hpPMhuHfMg&random=3709875662&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/458254939/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=2049907839&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag...
https://www.google.com/pagead/1p-conversion/458254939/?random=2049907839&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1...

42 B
64 B

32ms
31ms

Image
image/gif

2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/458254939/?random=2049907839&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_m=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)*A%3Atrue%3A21%3Afalse*1&ec_sel=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)&ec_meta=A%3Atrue%3A21%3Afalse&ec_lat=0&ec_s=1&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjIGo2L-6hwMVMlNHAR2-jgnRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSKQDaQooLkEVVfjri-SLgRkDmdvS1nmhbkrmC_JHo3HPluORnlEz1BdEF&random=823363828

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/458254939/?random=2049907839&cv=11&fst=1721646147265&bg=ffffff&guid=ON&async=1&gtm=45be47h0v9101108372za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&label=tbmVCKDj2fcDENvUwdoB&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_m=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)*A%3Atrue%3A21%3Afalse*1&ec_sel=%23lp-pom-text-672%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)&ec_meta=A%3Atrue%3A21%3Afalse&ec_lat=0&ec_s=1&fdr=QA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKJ3RyaWdnZXI7bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjIGo2L-6hwMVMlNHAR2-jgnRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6HWh0dHBzOi8vcGFnZXMudXB3ZWxsbmVzcy5jb20v&is_vtc=1&cid=CAQSKQDaQooLkEVVfjri-SLgRkDmdvS1nmhbkrmC_JHo3HPluORnlEz1BdEF&random=823363828
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
64 B 78ms
32ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1721646147279&cv=11&fst=1721646000000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v897602535za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLVbnIMUNQSdNKTSm7yXlLpak8lCp3lw&random=2387830282&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
64 B 76ms
30ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1721646147308&cv=11&fst=1721646000000&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLBuI7Z4Y8mGmmZxvsNNlRxBv3EWKi-_3EpvKWr8W9uk-HNLZh&random=181343493&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 3 KB
2 KB 46ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1721646147720&data=%7B%22id%22%3A651%2C%22ii%22%3A%22%2Fuc-grplus-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3%22%2C%22vi%22%3A1721646147320%2C%22cv%22%3A%2220240720-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1721646147332%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 46ab0d4ca693b6aea2723ff874679d5f7c8dace80fede1923c5bf2e5ae6164ad

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms: 37
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.2565
x-fastly-to-nlb-rtt: 19421
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lga21970-LGA
x-log-content-encoding: gzip
server: nginx
x-timer: S1721646148.742364,VS0,VE37
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 321 B
726 B 119ms
21ms XHR
application/json 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1721646147744&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.12dfda17.1721646147.1e3836be
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=600
content-length: 186
x-pinterest-rid: 8846094322190047
pin-unauth: dWlkPU5tVXpOemxoTlRFdE5tUXhNQzAwWkdZNExUa3haR1V0TUdNelkyTTNZMlF5WkRaaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
667 B 57ms
19ms Image
image/gif 54.88.71.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2022%20Jul%202024%2011%3A02%3A27%20GMT&n=10&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&enc=UTF-8&yv=1.16.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.88.71.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-71-74.compute-1.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Jul 2024 11:02:27 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
244 B 56ms
20ms Image
image/gif 54.88.71.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&enc=UTF-8&yv=1.16.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.88.71.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-71-74.compute-1.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.121
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Jul 2024 11:02:27 GMT

GET
H2 200 27015508.js Show response
bat.bing.com/p/action/ 2 KB
961 B 24ms
23ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

039b3995bcd60d961e19a42693d7f41c32375d07c7f096154514c18ab7d754d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 22 Jul 2024 11:02:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13BEB061B9954F5499E5F09D37745DAB Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:27Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 64 KB
14 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.162&r=stable&domain=pages.upwellness.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56bc1f6a94faf271c27097cb96285b2242f066f4924304aa8165b0215a1c4cfe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jul 2024 11:02:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=64, mss=1328, tbw=64178, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: public
x-fb-debug: +O80oQqty7I7NyJ3oTLPC3YahyCjLRajn8POqM+f9NEExuYNlSBJnc3I/Cq8cFjfbAt6B51RHYR9qlOhbWqWIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 52ms
16ms Fetch 2620:100:a00b::26
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=102531&uid=e7039d57-efc9-436f-90d7-aae14f70d087&event_name=ItemPageView&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=fde7a2a1-4576-415c-9a2d-f41453478de6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::26 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"18072950059813430849","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 21ms
19ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jz7ox0tvgu?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240722T110227Z-15b94bb6ff94s8kmu55dtuug0s0000000h20000000002ypx
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 19a40f54-801e-0015-1438-d83968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 24ms
22ms XHR
text/plain 2607:f8b0:400d:c0d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1748623802&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1869666958&gjid=1406660756&cid=2006055145.1721646148&tid=UA-28307243-3&_gid=1122549409.1721646148&_slc=1&gtm=45He47h0n81M3S986Pv79737984za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1410561570

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 59ms
25ms XHR
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28307243-3&cid=2006055145.1721646148&jid=1869666958&gjid=1406660756&_gid=1122549409.1721646148&_u=YGBAiEABBAAAAGAAI~&z=1725392564

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jul 2024 11:02:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
503 B 38ms
21ms Fetch
image/gif 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215f60036%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1721646147824

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.12dfda17.1721646147.1e3836bf
content-type: image/gif
access-control-allow-origin: https://pages.upwellness.com
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 5245248629782354
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 30ms
30ms Script
text/javascript 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1721646147838&cv=11&fst=1721646147838&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a24a4494f46329ded93c99722c4798c93a0129f4538b130181c30309743f51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_a19ff03d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 147 KB
39 KB 32ms
31ms Script
application/javascript 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_a19ff03d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 075218352b10c9bbed538be75caf73f1011075caed59512ee8749889376a78ab

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 1c426e15
date: Mon, 22 Jul 2024 11:02:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024071114313119BB9121B77D656ADDAE
x-tt-trace-id: 00-24071114313119BB9121B77D656ADDAE-713ECF08A8AE5876-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-106-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01846de7b372ba8d535621e61fc1c226d27411360cd837f6ce71bb945baf785e1c5749a08e73fd562d32bd37e1b8e92b55820a73656555a1b3959134d8f341471b6d24bd1622916afd6650e4a7ed611a2d859ddbc3ad9fc05f3cabc2c2e90e7051
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39722

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 64ms
63ms Ping
text/plain 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c426e28
date: Mon, 22 Jul 2024 11:02:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24072211022786511ABAE1810420986D-247A4EBC70C0C79F-00
x-cache: TCP_MISS from a23-220-106-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=7, origin; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024072211022786511ABAE1810420986D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.220.106.14
x-tt-trace-host: 0180e0563fd48d5bb1dbc36bedbaa7d7743b32b5855ee341b8c80230d6d608de8f2b5dc67c975520ef0cccd280bbc6bfddfa167d76061ff57ca371675dd53620d691d0478d6e25a7e7467a72bf43840e9010b84d208b4650b61fe64c59fcc638c7
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jul 2024 11:02:27 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 24ms
24ms Fetch
text/plain 2607:f8b0:400d:c0d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-E56T163DF6&gtm=45je47h0v9126958639z879737984za200zb79737984&_p=1721646146816&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=2006055145.1721646148&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721646147&sct=1&seg=0&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&dt=&en=page_view&_fv=1&_ss=1&tfd=1973&_z=fetch
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 val.html
cdn.mediago.io/js/h/ Frame 854F 0
0 26ms
9ms Document
text/html 52.85.61.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 84165
content-length: 9619
content-type: text/html
date: Sun, 21 Jul 2024 11:39:44 GMT
etag: "b19d57b1d930ffeb6ce750fad83fe7fe"
last-modified: Wed, 19 Jun 2024 07:00:32 GMT
server: AmazonS3
vary: Origin
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
x-amz-cf-id: pIUl2S22uAvfSwWzJy0gqgFuS9PXqH6q218l9Jl3b0OEC0lS4hIPCg==
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: Oaanq82uoPsdCaYCvkBaR3PJCyZ8RQO_
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 510 KB
125 KB 30ms
9ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/videoThumbnail.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

827d9260911830f9fc5f799abc6b84f5b7d116101ac969a55a3271e46a914a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1901
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 127761
x-served-by: cache-iad-kjyo7100094-IAD, cache-lga21956-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:48 GMT
server: AmazonS3
x-timer: S1721646148.103200,VS0,VE0
etag: "2f775b894830b4770275e4a7ef486fd5"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39, 40

GET
H2 200 0b76a8eda7c331eb805ad8af326f611e.png
embed-ssl.wistia.com/deliveries/ 96 KB
96 KB 116ms
23ms Image
image/png 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/0b76a8eda7c331eb805ad8af326f611e.png?image_crop_resized=1920x1080
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 13:28:36 GMT
access-control-request-method: *
via: 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 164032
edge-cache-tag: 0b76a8eda7c331eb805ad8af326f611e
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 314
content-disposition: inline
surrogate-key: 0b76a8eda7c331eb805ad8af326f611e thumbnail-delivery
last-modified: Thu, 23 Sep 2021 14:58:31 UTC
server: envoy
etag: MCRQ8DYfj2ieeWrQGMrwuPDRHns=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: jjYGzw6RHRqYnYs6ytW0hX_cqFng4V9x11zcHHw0NiZPwFaAOGxm8A==

GET
H2 200 27015508 Show response
bat.bing.com/p/insights/t/ 711 B
883 B 237ms
236ms Script
application/x-javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/27015508

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/27015508.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0efb3a0ff3d9bf6ff086f5397faa52fcff745830ef05edd58d671528301be41b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 Jul 2024 11:02:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C92C0EF274E4B58976C4ADDE8465620 Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:28Z
vary: Accept-Encoding
x-azure-ref: 20240722T110228Z-17f987cfdd7qlqbk4xx0yx5ef400000008m000000001ek6b
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 603
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 204 0
bat.bing.com/action/ 0
361 B 23ms
22ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=bf196399-94d0-401f-990e-4b19be7f241f&sid=e2681f40481911efbe4fcbd4cff9a2fc&vid=e2684970481911efac0d939767a9e0a4&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&r=&lt=1608&evt=pageLoad&sv=1&cdb=AQAQ&rn=938833

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jul 2024 11:02:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2E925DD7BDF84CE4B5E615C8A1DC5271 Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:28Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 53ms
17ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&rl=&if=false&ts=1721646148230&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721646148228.20127083946658192&ler=empty&cdl=API_unavailable&it=1721646147798&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2871, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jul 2024 11:02:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1019 B 139ms
104ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302615157369859&ev=ContentView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&rl=&if=false&ts=1721646148230&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721646148228.20127083946658192&ler=empty&cdl=API_unavailable&it=1721646147798&coo=false&rqm=FGET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 22 Jul 2024 11:02:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394413901724033016", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=14, mss=1328, tbw=6736, tp=-1, tpl=-1, uplat=88, ullat=0
pragma: no-cache
x-fb-debug: ZuRhRBK+BLhQBoQrrwJz2IzVPXdreBbydfg5vauqjcXwjavOg46aolZKkghkT3q0SMbyuKsZjQZX7+bk56oDGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394413901724033016"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 52ms
18ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&rl=&if=false&ts=1721646148233&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1721646148228.20127083946658192&ler=empty&cdl=API_unavailable&it=1721646147798&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2871, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jul 2024 11:02:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 117ms
83ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302615157369859&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&rl=&if=false&ts=1721646148233&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4126&fbp=fb.1.1721646148228.20127083946658192&ler=empty&cdl=API_unavailable&it=1721646147798&coo=false&rqm=FGET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 22 Jul 2024 11:02:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394413902972197210", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=14, mss=1328, tbw=3253, tp=-1, tpl=-1, uplat=66, ullat=0
pragma: no-cache
x-fb-debug: zT2V4ADY2q/DteF9Do1xo+6zrz7Rg+WSi7ksLbuAZxrBELMzpuY0QsDxVRNCHxvaUE2nU7Nb9eyYdUmD5pygkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394413902972197210"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 49ms
15ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_&rl=&if=false&ts=1721646148236&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1721646148228.20127083946658192&ler=empty&cdl=API_unavailable&it=1721646147798&coo=false&rp_url=e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2871, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jul 2024 11:02:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1020 B 139ms
105ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=302615157369859&ev=LPVisit_GRPfps&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_&rl=&if=false&ts=1721646148236&sw=1600&sh=1200&v=2.9.162&r=stable&ec=2&o=4126&fbp=fb.1.1721646148228.20127083946658192&ler=empty&cdl=API_unavailable&it=1721646147798&coo=false&rp_url=e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289&rqm=FGET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 22 Jul 2024 11:02:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394413902337639318", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=14, mss=1328, tbw=7777, tp=-1, tpl=-1, uplat=89, ullat=0
pragma: no-cache
x-fb-debug: vDkaev2rqHI8OHWca+869HiZHg6pIbKSPJxH7KKxXr+iSeEllwu/LJs1r5T5zQSjXaCKrgg2Iwu+UAqAdimMCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394413902337639318"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
700 B 69ms
68ms Ping
text/plain 23.212.250.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.250.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-250-14.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c4270cf
date: Mon, 22 Jul 2024 11:02:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407221102283E16308B3B7B42A5E06E-6F56101A867DFA4D-00
x-cache: TCP_MISS from a23-220-106-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=10, origin; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407221102283E16308B3B7B42A5E06E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.220.106.14
x-tt-trace-host: 0180e0563fd48d5bb1dbc36bedbaa7d7743b32b5855ee341b8c80230d6d608de8f449ebca6557870c01010fb7edc5d5cb0f563905e5fb8f29434284e328715e8e238ebe90d7f0ca67f4cf042bd6b7207ba16c04ec0d6d2b0c20952f54d004666c4
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jul 2024 11:02:28 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
64 B 29ms
29ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1721646147838&cv=11&fst=1721646000000&bg=ffffff&guid=ON&async=1&gtm=45be47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=539193016.1721646147&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLpL-JCy732WsOMv9_MFSS7QavjzlgxFmyNyazTqQ8eLsW_prY&random=1661287381&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 10ms
9ms Image
image/gif 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2622
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-lga21956-LGA
x-browser-version: 126
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1721646148.315899,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6387208, 105

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 11ms
10ms XHR
application/x-mpegurl 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
via: 1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 46074
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 34
content-length: 935
x-request-id: 6d0bc960-72f3-4895-bb38-f2943e3f9500
x-served-by: cache-iad-kiad7000102-IAD, cache-lga21956-LGA
x-runtime: 0.033278
x-browser-version: 126
server: envoy
x-timer: S1721646148.327066,VS0,VE1
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jpDT7yb8nx_1l7gI20ATOIgSxRsKH0K6MBPkHYgMi44kMHBQMu_F1g==
x-cache-hits: 2481, 0

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
284 B 134ms
89ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Mon, 22 Jul 2024 11:02:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 a18adcb3fe4d694342677106235399fede11a10f.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 54ms
19ms XHR
application/vnd.apple.mpegurl 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 13:54:43 GMT
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 594465
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 310
content-length: 13708
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EpGK6ytC1f1tQFB-J7uBgvjSJG4TEqkFW2HJzwi2NKHqOihSgj0VFQ==
expires: Tue, 15 Jul 2025 13:54:43 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 10ms
9ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

343e195b43bec5eb57d8b9475f0789dd34e8279eab95cc503fe9f6b628bb42f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1472
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18352
x-served-by: cache-iad-kiad7000132-IAD, cache-lga21956-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:48 GMT
server: AmazonS3
x-timer: S1721646148.370466,VS0,VE0
etag: "a11f23804133ec25d4f1937fffc932da"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54, 40

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ffd838d73e88fd6f4e77ef73ec03f4499b938eb378e15880535d6396dedba3d

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Inter-Extended.woff
fast.wistia.com/assets/external/fonts/ 21 KB
21 KB 9ms
8ms Font
font/woff 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/fonts/Inter-Extended.woff

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c11543a28fe6614b141106cf0375c62af8c8f65dbdb4b49a92c88b40bbabd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 466
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21400
x-served-by: cache-iad-kiad7000177-IAD, cache-lga21956-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:51 GMT
server: AmazonS3
x-timer: S1721646148.425223,VS0,VE0
etag: "eb57772375a66db232881cc122a7d145"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28, 2

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/ 2 MB
2 MB 18ms
18ms XHR
video/mp2t 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/a18adcb3fe4d694342677106235399fede11a10f.m3u8/seg-1-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 08:21:49 GMT
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 268838
edge-cache-tag: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 275
content-length: 1690872
surrogate-key: a18adcb3fe4d694342677106235399fede11a10f-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6apXwn38AAfl1HQOp6mN2PDKTEIJVp29qw4N4VRz5RRa072htF1CAQ==
expires: Sat, 19 Jul 2025 08:21:49 GMT

GET
H2 200 0.7.32 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 27ms
26ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.32

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/27015508

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 22 Jul 2024 11:02:28 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 14999
last-modified: Fri, 10 May 2024 17:30:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B4E6B8565D64EDB9D4553D173E472DE Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:28Z
etag: W/"0x8DC7116E7C400CE"
vary: Accept-Encoding
x-azure-ref: 20240722T110228Z-17f987cfdd7thzmqzu97tu5gng0000000avg00000000z644
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8490d5e7-101e-0028-6e40-d84f73000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 81 KB
21 KB 11ms
11ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ae37538ceacf2b3b1bac1208621fbd98393d4f3a402931ce7ffda5cb73245dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 684
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21819
x-served-by: cache-iad-kjyo7100115-IAD, cache-lga21956-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:48 GMT
server: AmazonS3
x-timer: S1721646149.500866,VS0,VE0
etag: "66d2391bf93be270dc0b6ebe090be9cb"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1724, 36

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6159
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_cm&google_hm=ay1JTXg1NTVVbEpKNnV3LVNOaHgxVE5FVndhRlFQOFpOM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_gid=CAESEJv1x2r5O1Go0Qi_lK0yh3c&google_cver=1&google_ula=913071,0

43 B
370 B

45ms
15ms

Image
image/gif

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_gid=CAESEJv1x2r5O1Go0Qi_lK0yh3c&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1343162
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&google_gid=CAESEJv1x2r5O1Go0Qi_lK0yh3c&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 6159
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vW5YupUlJJ6uw-SNhx1TNEVwaFQDYEx1G6qqng&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vW5YupUlJJ6uw-SNhx1TNEVwaFQDYEx1G6qqng&expires=30

43 B
510 B

27ms
26ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vW5YupUlJJ6uw-SNhx1TNEVwaFQDYEx1G6qqng&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 11:02:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vW5YupUlJJ6uw-SNhx1TNEVwaFQDYEx1G6qqng&expires=30
Date: Mon, 22 Jul 2024 11:02:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 6159
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4839716578752447538

43 B
370 B

31ms
29ms

Image
image/gif

74.119.117.16
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4839716578752447538

Protocol

Server

74.119.117.16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5622315
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
an-x-request-uuid: 8327f507-7508-4a14-aa53-2ec43988808c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4839716578752447538
x-proxy-origin: 5.181.234.132; 5.181.234.132; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 6159
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&custom=&tag_format=img&tag_action=sync&custom=&cb=d5b8a6b4-d8c2-460b-b1f3-aa6dbe4...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-IMx555UlJJ6uw-SNhx1TNEVwaFQP8ZN2PhmXyQ&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=d5b8a6b4-d8c2-460...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4839716578752447538&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=e2af3450-4819-11ef-9476-37083da6b2ac?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=e2af3450-4819-11ef-9476-37083da6b2ac?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=3b57ba819182ea43aa0bb66ba630d571&tag_format=img&tag_action=sync&cb=640785821
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=f354958a-f2fd-4fc8-ad41-d8ae4fca8cf5&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=e2af3450-4819-11ef-9476-37083da6b2ac&cb=1721646148906&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=fc569ac6-7005-4852-8f3f-f0c7ee21ebda&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1721646148906
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=e2f05c00-4819-11ef-8355-ff500750bb6d

0
406 B

17ms
17ms

Image
text/plain

34.199.79.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=e2f05c00-4819-11ef-8355-ff500750bb6d
Protocol: H2
Server: 34.199.79.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-79-177.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 22 Jul 2024 11:02:29 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=e2f05c00-4819-11ef-8355-ff500750bb6d
date: Mon, 22 Jul 2024 11:02:29 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 6159 43 B
688 B 67ms
17ms Image
image/gif 23.105.12.172
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3zhTNZUlJJ6uw-SNhx1TNEVwaFQObCB52Lh5AQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.172 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6159 0
373 B 62ms
8ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-r61JC5UlJJ6uw-SNhx1TNEVwaFQm0G-TO8Cq9g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7333

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 6159 49 B
342 B 47ms
10ms Image
image/gif 195.244.31.11
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-bJ9kDpUlJJ6uw-SNhx1TNEVwaFRKnf8dGRsnAg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 6159
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GLY2HE1ECby3XpPiS-NNYhf1Zoaa5aal

62 B
581 B

574ms
202ms

Image
image/gif

23.220.132.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GLY2HE1ECby3XpPiS-NNYhf1Zoaa5aal
Protocol: H2
Server: 23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-132-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
bk-server: fb75
date: Mon, 22 Jul 2024 11:02:29 GMT
content-length: 62
x-request-id: 1de84e6805822c64fa538a44754d6fe5
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GLY2HE1ECby3XpPiS-NNYhf1Zoaa5aal
date: Mon, 22 Jul 2024 11:02:28 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 587359
content-length: 0

GET
H3

200

rum
r.casalemedia.com/ Frame 6159
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ClOOupUlJJ6uw-SNhx1TNEVwaFRXY4rj_yDjyQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ClOOupUlJJ6uw-SNhx1TNEVwaFRXY4rj_yDjyQ&C=1

43 B
720 B

46ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ClOOupUlJJ6uw-SNhx1TNEVwaFRXY4rj_yDjyQ&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvXiiJ7L1CYRXf11wtjV6FVkh7tWJ8JFdjvqulttfv1%2BS3niuFavVctkGxH27QFh1FSmcasY8ppVe%2F%2B7fOa6wPAYDmWLfFwFIwZIKAYbyAWFHywa7dtiW%2B%2BwSNtrsntq6aa6"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8a72f04cbb7d42d4-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGRmrpNJ%2FGLAnjgQ7lSGsxQWBwaEZ7oKd2G%2Bd%2FsL7c2cjiW3rGRQi0dVkdko%2ByjsTBGn11uYUbYEIqxHTaz97dHjzsRPjIcvqaTOah7lbyoC8uPKhX906FaaBW0hB2QXpsXm"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-ClOOupUlJJ6uw-SNhx1TNEVwaFRXY4rj_yDjyQ&C=1
cache-control: no-cache
cf-ray: 8a72f04c8b5a42d4-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 6159 43 B
663 B 612ms
136ms Image
image/gif 63.251.28.210
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-osEVDZUlJJ6uw-SNhx1TNEVwaFTU_gdXcEGwKw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.210 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jul 2024 11:02:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1721646149050087-281

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6159
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Q4e7iJUlJJ6uw-SNhx1TNEVwaFTvnxIN4U1fqw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q4e7iJUlJJ6uw-SNhx1TNEVwaFTvnxIN4U1fqw

43 B
446 B

18ms
17ms

Image
image/gif

35.171.156.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q4e7iJUlJJ6uw-SNhx1TNEVwaFTvnxIN4U1fqw
Protocol: H2
Server: 35.171.156.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-156-64.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Jul 2024 11:02:28 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q4e7iJUlJJ6uw-SNhx1TNEVwaFTvnxIN4U1fqw
access-control-allow-origin: *
date: Mon, 22 Jul 2024 11:02:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

sync
pippio.com/api/ Frame 6159
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mItM-5UlJJ6uw-SNhx1TNEVwaFR0C4rnNTX45A
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4e9f492b-7b48-4b2c-b613-9462935b525b
https://p.rfihub.com/cm?pub=39342&in=1&userid=29439186-4148-4c76-bc88-a92740fde381%3A1721646148.7614567&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D29439186-4148-4c76...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1976306201563678936&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D294391...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=29439186-4148-4c76-bc88-a92740fde381%3A1721646148.7614567&pid=500040&it=1&iv=29439186-4148-4c76-bc88-a92740fde381%3A1721646148.7614567&_=172...
https://pippio.com/api/sync?it=1&pid=500040&_=1721646148.763271&iv=29439186-4148-4c76-bc88-a92740fde381:1721646148.7614567

42 B
569 B

130ms
41ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1721646148.763271&iv=29439186-4148-4c76-bc88-a92740fde381:1721646148.7614567
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1721646148.763271&iv=29439186-4148-4c76-bc88-a92740fde381:1721646148.7614567
Date: Mon, 22 Jul 2024 11:02:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 cksync.php
contextual.media.net/ Frame 6159 60 B
815 B 128ms
95ms Image
image/gif 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-gxLWa5UlJJ6uw-SNhx1TNEVwaFRAQhSFBXAqww

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 Jul 2024 11:02:28 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 60
x-mnet-hl2: E
expires: Mon, 22 Jul 2024 11:02:28 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 6159 0
967 B 66ms
17ms Image
text/html 34.237.207.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-1OOpRJUlJJ6uw-SNhx1TNEVwaFSwWWcD9dIEig
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.207.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-207-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 6159 42 B
395 B 23ms
22ms Image
image/gif 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k--lV60pUlJJ6uw-SNhx1TNEVwaFRBEFDesxS1YQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0336ED7009314279B9B77BE0BDC71B43 Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:28Z
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 6159 43 B
533 B 383ms
97ms Image
image/gif 44.237.21.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-2k_uJJUlJJ6uw-SNhx1TNEVwaFQMV01ZeszAlQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.21.44 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-21-44.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 6159 0
360 B 35ms
13ms Image
text/plain 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-l2ZwypUlJJ6uw-SNhx1TNEVwaFQTDtCWBYoiyw&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 5a1d104b1ffcc9c67b18085eb445a91b
content-length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6159 42 B
581 B 239ms
80ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-l6kljZUlJJ6uw-SNhx1TNEVwaFQrs-8zfdn8xw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 22 Jul 2024 11:02:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pixel_sync
trends.revcontent.com/cm/ Frame 6159 0
0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6159 42 B
1 KB 544ms
136ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-XC_sd5UlJJ6uw-SNhx1TNEVwaFQplR1vJSIJ1A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 6159 68 B
301 B 62ms
14ms Image
image/png 52.91.202.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-dFh1a5UlJJ6uw-SNhx1TNEVwaFR3vePtbKsfbg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.91.202.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-91-202-27.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame 6159 0
383 B 78ms
43ms Image
text/plain 2600:9000:2305:7e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-LkyWRZUlJJ6uw-SNhx1TNEVwaFTLVoA3diUgbQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:7e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
cache-control: no-cache, must-revalidate
via: 1.1 e7e267d22aaab825174c9e30c630f528.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD89-P2
x-amz-cf-id: w4MphBj2jYwQv5JZEZFK_Yg632yCEx07FTAhz0xJK3a8d-gLAjfmZQ==
x-cache: Miss from cloudfront

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 6159 95 B
532 B 80ms
30ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2052&ta_partner_did=k-o89fpZUlJJ6uw-SNhx1TNEVwaFRUQnx0VhmsmA&ta_format=png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2 200 um
criteo-sync.teads.tv/ Frame 6159 23 B
278 B 74ms
22ms Image
image/gif 23.223.253.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-Nw7RgJUlJJ6uw-SNhx1TNEVwaFTmGNfX3zbsNg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.253.75 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-223-253-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 22 Jul 2024 11:02:28 GMT
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 6159 43 B
399 B 50ms
15ms Image
image/gif 2600:1f18:612b:4280:f33e:3dd1:2496:1725
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-0P_ibpUlJJ6uw-SNhx1TNEVwaFSeQgCp_goGIw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:f33e:3dd1:2496:1725 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 22 Jul 2024 11:02:28 GMT
server: nginx
content-type: image/gif

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 6159 68 B
259 B 313ms
228ms Image
image/jpeg 2600:1408:c400:16::17d4:f807
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-CZKLnZUlJJ6uw-SNhx1TNEVwaFTGyncfYyQWpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:16::17d4:f807 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Mon, 22 Jul 2024 11:02:29 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.245:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2

200

pixelct.tpmn
ad.tpmn.io/ Frame 6159
Redirect Chain

https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ

170 B
622 B

228ms
190ms

Image
image/png

34.102.166.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ
Protocol: H2
Server: 34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary: accept-encoding
content-type: image/png;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ
date: Mon, 22 Jul 2024 11:02:28 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: accept-encoding

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8DC405F583364203AD4EA5465C25EF0C&RedC=c.clarity.ms&MXFR=10B715998DC869543664015D89C8673E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8DC405F583364203AD4EA5465C25EF0C&MUID=0A932501B1E56E7B0C2231C5B0976F3E

42 B
441 B

21ms
20ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8DC405F583364203AD4EA5465C25EF0C&MUID=0A932501B1E56E7B0C2231C5B0976F3E
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
server: Microsoft-IIS/10.0
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D619496F0D14554AFACC101981010FB Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:28Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8DC405F583364203AD4EA5465C25EF0C&MUID=0A932501B1E56E7B0C2231C5B0976F3E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 22ms
16ms Script
application/javascript 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.12dfda17.1721646148.1e384348
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
content-length: 2108

GET
H2 200 ct.html
ct.pinterest.com/ Frame 980F 0
0 66ms
18ms Document
text/html 23.220.128.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-128-196.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.12dfda17.1721646148.1e3843b5
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 22 Jul 2024 11:02:28 GMT
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6980197436712661

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
329 B 94ms
18ms Fetch
text/plain 2600:9000:266a:3c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:3c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Jul 2024 11:02:28 GMT
via: 1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 0
content-length: 2
x-amz-cf-id: CkZjMVojopvqBiLprY1CFjH1vw0oGBMK-ldoldz3Li65idM89pTJ0g==

POST
H2 200 pageview
gtrace.mediago.io/api/bidder/track/pixel/ 0
60 B 36ms
36ms Ping
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrace.mediago.io/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=cfda0409fb2a4e14b2dabb53e1509928&ptd=&tkd=&acd=&cpid=&v=162662171
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 eplist Show response
gtrace.mediago.io/ju/cs/ 346 B
873 B 112ms
37ms Script
application/javascript 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://gtrace.mediago.io/ju/cs/eplist?acid=&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fpages.upwellness.com&mcb=mmgg_1721646148546_680
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 00441cb5f3a0e3c58f19e0fdd8f58b1e8f620988186443480d9ac506113e5684

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https%3A%2F%2Fpages.upwellness.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
284 B 79ms
53ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Mon, 22 Jul 2024 11:02:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 204 x Show response
bat.bing.com/p/insights/c/ 0
213 B 54ms
49ms XHR
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/x

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jul 2024 11:02:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 38CD71231DB24708A74B5C60B7FC6C60 Ref B: EWR30EDGE0819 Ref C: 2024-07-22T11:02:28Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 setuid
ib.adnxs.com/ Frame 6159 43 B
1 KB 13ms
13ms Image
image/gif 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-jjpYa5UlJJ6uw-SNhx1TNEVwaFQ62XSoiNgLjA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:28 GMT
an-x-request-uuid: 3ffa671c-4ca4-4f3a-991d-b85ed8615143
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.132; 5.181.234.132; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 13 KB
14 KB 18ms
17ms XHR
application/vnd.apple.mpegurl 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 08:59:05 GMT
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 439403
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 198
content-length: 13708
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gp3A8ih37S2GByxOlm5fLB_pf-2my-RRRvTwI9mAmBG4fxstvhAKvg==
expires: Thu, 17 Jul 2025 08:59:05 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 268 KB
269 KB 19ms
19ms XHR
video/mp2t 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-2-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 19:35:52 GMT
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 401196
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 191
content-length: 274104
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dCBlyiBeGjDHQhtpHY5EgyasmVnMZkmVGpAWty1T4fYg5AsY4f-x2g==
expires: Thu, 17 Jul 2025 19:35:52 GMT

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 265 KB
266 KB 262ms
261ms XHR
video/mp2t 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-3-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 251
content-length: 271096
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tpL4KiL6DmIeG8rL-SdpTMiZO1pjSyAWZvyWyS1kYj3itgdK801hMg==
expires: Tue, 22 Jul 2025 11:02:29 GMT

GET
H2 200 setuid
ib.adnxs.com/ 43 B
1 KB 35ms
35ms Image
image/gif 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=529&code=120f067c7167e7022nigrs00lywvnyj1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
an-x-request-uuid: 0b780910-0358-4b04-b839-7f1aa2a80f90
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.132; 5.181.234.132; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
243 B 27ms
25ms Image
image/png 142.251.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=120f067c7167e7022nigrs00lywvnyj1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 crum
dsum-sec.casalemedia.com/ 43 B
732 B 28ms
25ms Image
image/gif 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=120f067c7167e7022nigrs00lywvnyj1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IydiVU0PsGNFfnpC3xnB7nSzQlOVQ0JkTSaiQEO3rnU0oT%2BSK4f008HQhKHSdJ9s8JUUPNUxDcnUv4wLzOaS2vtK97IqiyaB8JXWawpi87FI1%2F%2BO%2BTr5Mi1sfuzvIifdSRpmhcc9M3sF1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8a72f04f7e6642d4-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 200 e8xcaqkjm4.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
187 B 10ms
9ms XHR
application/x-mpegurl 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e8xcaqkjm4.m3u8

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 1
x-amz-cf-pop: IAD89-C3
x-cache: HIT
x-envoy-upstream-service-time: 34
content-length: 935
x-request-id: 6d0bc960-72f3-4895-bb38-f2943e3f9500
x-served-by: cache-lga21956-LGA
x-runtime: 0.033278
x-browser-version: 126
server: envoy
x-timer: S1721646149.078940,VS0,VE1
etag: W/"0fa56fcfcf95ba949a3a9883d09eca6a"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jpDT7yb8nx_1l7gI20ATOIgSxRsKH0K6MBPkHYgMi44kMHBQMu_F1g==
x-cache-hits: 1

GET
H2 200 a3591ba5e949a37083cc6f5a4191e903.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 37ms
9ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2d9e600cc97a563d568d616671db47dac1576938a377d50e92c3d0d250e14ba3

Security Headers

Name	Value
Content-Security-Policy	style-src * 'unsafe-inline'; font-src * data:; base-uri 'none'; object-src 'none'; media-src ; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; worker-src blob:; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src blob: data:; default-src 'none'; frame-ancestors 'self' *.sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=a7a8e312bdf9e5faa0dbade495bbc313bb8a2681
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: style-src * 'unsafe-inline'; font-src * data:; base-uri 'none'; object-src 'none'; media-src *; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; worker-src blob:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src * blob: data:; default-src 'none'; frame-ancestors 'self' *.sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=a7a8e312bdf9e5faa0dbade495bbc313bb8a2681
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jul 2024 11:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 12
x-envoy-upstream-service-time: 25
content-length: 1299
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-799974c9b7-n2d6j, cache-chi-klot8100079-CHI, cache-lga21983-LGA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
632 B 87ms
31ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1761&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1721646149087&vi=1721646147320&ri=8d18b12d586f55db8bb04fe720bbb776&sd=v2_4efe316c387955fd124f5db2f8ea7e4d_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQkOlKGPjN7dCNMiABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
633 B 86ms
29ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1764&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1721646149090&vi=1721646147320&ri=f2b110313fcff97f2bdfc12fad48e11d&sd=v2_ef9d6761be2038fe4cad5226165076ac_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQqv9cGPjN7dCNMiABKAMw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1225872/log/3/ Frame 0
0 186ms
30ms Preflight 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1761&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1721646149087&vi=1721646147320&ri=8d18b12d586f55db8bb04fe720bbb776&sd=v2_4efe316c387955fd124f5db2f8ea7e4d_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQkOlKGPjN7dCNMiABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 22 Jul 2024 11:02:29 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1523626/log/3/ Frame 0
0 182ms
28ms Preflight 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1764&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=1500&msa=15353&rv=1&tim=1721646149090&vi=1721646147320&ri=f2b110313fcff97f2bdfc12fad48e11d&sd=v2_ef9d6761be2038fe4cad5226165076ac_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQqv9cGPjN7dCNMiABKAMw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 22 Jul 2024 11:02:29 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 favicon-152.png
www.upwellness.com/wp-content/uploads/2015/10/ 18 KB
18 KB 187ms
32ms Other
image/png 23.23.204.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.23.204.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-204-175.compute-1.amazonaws.com
Software: Pagely-ARES/1.20.1 /
Resource Hash: c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 12 Aug 2024 08:12:12 GMT
x-gateway-request-id: aa027052e8883f2eb07b6c88f9133180
date: Mon, 22 Jul 2024 11:02:29 GMT
last-modified: Fri, 23 Sep 2022 23:00:59 GMT
server: Pagely-ARES/1.20.1
etag: "4700-5e96026b3c0c0"
x-gateway-skip-cache: 0
content-type: image/png
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18176
x-gateway-cache-status: HIT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 6159
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cKvEGBm3hPZT_4jjzJCj8KMzyO6LCbLW
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cKvEGBm3hPZT_4jjzJCj8KMzyO6LCbLW

42 B
714 B

21ms
20ms

Image
image/gif

52.204.124.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cKvEGBm3hPZT_4jjzJCj8KMzyO6LCbLW

Protocol

Server

52.204.124.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-124-17.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v062-046d16f18.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ABWfl/ZHQus=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v062-029bee899.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: OQQzhVB5T0M=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cKvEGBm3hPZT_4jjzJCj8KMzyO6LCbLW
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 6159
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=pQYCT7DQJHRsHo4lg4r9TFiGuGvwscJT

43 B
656 B

59ms
20ms

Image
image/gif

108.138.106.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=pQYCT7DQJHRsHo4lg4r9TFiGuGvwscJT
Protocol: H2
Server: 108.138.106.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-37.jfk50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P3
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: dUmRUDE2SPKIeDyxVMo-hFhnqLEVzpY7HHq3bKjV7LJ3Pk1YZCuO8g==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=pQYCT7DQJHRsHo4lg4r9TFiGuGvwscJT
date: Mon, 22 Jul 2024 11:02:29 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 997651
content-length: 0

POST
H2 204 x
distillery.wistia.com/ 0
0 60ms
18ms Fetch 18.165.98.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.98.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-98-80.iad55.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 ef066a0102f66b719933dbbef3bc5968.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: IAD55-P4
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: hpo5zOvMre7jXg47RZVDF_i89cK97HpuxnpLSKAoARqkbIahpUkmxg==

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 48 KB
12 KB 10ms
10ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed2bc704e3fc26b8ee33210578b918016eab1d881e7db60e44e4afbbeeb5b2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://pages.upwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1142
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12251
x-served-by: cache-iad-kjyo7100031-IAD, cache-lga21956-LGA
x-browser-version: 126
last-modified: Tue, 16 Jul 2024 14:48:47 GMT
server: AmazonS3
x-timer: S1721646150.531681,VS0,VE0
etag: "c71c49acde6f4cac3c778ccc6f496292"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd36ef2cf79e0d4c6a9f7fd609491b19a6c23e0
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 50, 38

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 20ms
18ms Fetch
text/plain 2600:9000:266a:3c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:3c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Jul 2024 11:02:29 GMT
via: 1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 2
content-length: 2
x-amz-cf-id: W72c1xrSfdvS8hVd6dUih3_MWz01ZIHq58EGkqI5iVWN9c6LvW1G2w==

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 19ms
17ms Fetch
text/plain 2600:9000:266a:3c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:3c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Jul 2024 11:02:30 GMT
via: 1.1 0d76e6edae5033f18d154191a74f12b6.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: fsGBC8QEP_kne1k4999IDjInyc9Pkxet3vZ8v2apVvYSGCGfJC2mSA==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
284 B 31ms
30ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Mon, 22 Jul 2024 11:02:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 seg-4-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/ 276 KB
277 KB 18ms
17ms XHR
video/mp2t 2600:9000:2305:3200:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/577f3270a4263d0fcb0af4e8f17a06003ca4628e.m3u8/seg-4-v1-a1.ts
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:3200:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2

Request headers

Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 21:31:53 GMT
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 307838
edge-cache-tag: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 208
content-length: 283128
surrogate-key: 577f3270a4263d0fcb0af4e8f17a06003ca4628e-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5rGMDklrFnhEkXbORSpAv2M2-GzFNjxG1qtRwOhTPsecc40dC58vAg==
expires: Fri, 18 Jul 2025 21:31:53 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
632 B 30ms
29ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4765&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1721646152091&vi=1721646147320&ri=8d18b12d586f55db8bb04fe720bbb776&sd=v2_4efe316c387955fd124f5db2f8ea7e4d_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQkOlKGPjN7dCNMiABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
632 B 32ms
31ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4766&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1721646152092&vi=1721646147320&ri=f2b110313fcff97f2bdfc12fad48e11d&sd=v2_ef9d6761be2038fe4cad5226165076ac_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQqv9cGPjN7dCNMiABKAMw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1YTMzOGNmMw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
Attribution-Reporting-Eligible: trigger
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 Jul 2024 11:02:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1225872/log/3/ Frame 0
0 27ms
26ms Preflight 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4765&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1721646152091&vi=1721646147320&ri=8d18b12d586f55db8bb04fe720bbb776&sd=v2_4efe316c387955fd124f5db2f8ea7e4d_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQkOlKGPjN7dCNMiABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 22 Jul 2024 11:02:32 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1523626/log/3/ Frame 0
0 27ms
27ms Preflight 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4766&scd=0&ssd=1&est=1721646147325&ver=36&isls=true&src=i&invt=3000&msa=15353&rv=1&tim=1721646152092&vi=1721646147320&ri=f2b110313fcff97f2bdfc12fad48e11d&sd=v2_ef9d6761be2038fe4cad5226165076ac_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQqv9cGPjN7dCNMiABKAMw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE&ui=d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3&ref=null&cv=20240720-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-fps%2F%3Foffer%3D67%26session_id%3D102ad9e183f34593b01fc41a774a2b%26n%3Dtune%26AFFID%3D477232%26subid%3D1_TH240715PM&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://pages.upwellness.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 22 Jul 2024 11:02:32 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Domain: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Domain: app.unbounce.com
URL: blob:https://app.unbounce.com/45620950-b47f-4de1-947e-a43632c71554

Domain: app.unbounce.com
URL: blob:https://app.unbounce.com/97713285-8b74-47ca-82de-559bfcd77f97

Domain: views.unsplash.com
URL: https://views.unsplash.com/v?app_id=27955&photo_id=0tgmnmiyq9y,0tgmnmiyq9y,0tgmnmiyq9y

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-3fvbEZUlJJ6uw-SNhx1TNEVwaFQuvEcFYbNouQ

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

133 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/rainmaker-splashdaily-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_4efe316c387955fd124f5db2f8ea7e4d_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQkOlKGPjN7dCNMiABKAEw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE
.taboola.com/rainmaker-upwellness-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_ef9d6761be2038fe4cad5226165076ac_d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3_1721646147_1721646147_CNawjgYQqv9cGPjN7dCNMiABKAMw4QE4kaQOQNWmD0jZiNcDUPUDWABgAGj56q6fj4j7nZYBcAE
pages.upwellness.com/uc-grplus-fps/	1970-01-21 02:39:03	Name: ubpv Value: an%2C6d2c7105-ebae-455a-91f2-47af4209ed5f
.liadm.com/j	1970-01-21 07:50:06	Name: lidid Value: 4e9f492b-7b48-4b2c-b613-9462935b525b
i.liadm.com/s	1970-01-20 22:57:18	Name: _li_ss Value: CggKBgiiARC6GA
links.thealternativedaily.com/	1970-01-20 22:21:18	Name: _session_id Value: 569b02dc613da529c11386648254e9da
go.welldaily.com/	1970-01-20 22:24:10	Name: enc_aff_session_67 Value: ENC0303c0ae7f5ad760792d9b191a9bc9f56faf43232119f709232f96d6f18e0f37c38cb3299e0d715a54efe713b4dc4d649dc10d505466091e47a9f3424e93ec18736bb84d4ecb548f13d6da4995fe004410737c32be8b58801afaf45ff9d29a45c459f86bb71dc4a579e73863669cc070b9c6b3aa023ab3f821d0936172a434c63c051b4a1f
go.welldaily.com/	1970-01-21 07:50:06	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-21 02:33:18	Name: ubvs Value: f733aae4-5af5-4f8f-aba9-7e277fafd4e8
.upwellness.com/	1970-01-20 22:18:25	Name: ubvt Value: v2%7Cf733aae4-5af5-4f8f-aba9-7e277fafd4e8%7C6d2c7105-ebae-455a-91f2-47af4209ed5f%3Aan%3Aweighted%3Aweighted
.pages.upwellness.com/	1970-01-20 22:14:07	Name: __cf_bm Value: uFZdx0h32uqI1wcqiFhmFDrDRoIwhpYsj7ennePXPqM-1721646146-1.0.1.1-0uhk0_RKLke1rgfpMdqnDXyVtRbvgmp4.UblfUUXSpUCelVd9WU.XwCAcVKbGJD4vSkFyQR1E.WpeUJIvNgi4A
.js.ubembed.com/	1970-01-20 22:14:07	Name: __cf_bm Value: 5.a5vB0Yn10EC14bPHe5FvIVXnX_oGQ6oc9aujO0dwM-1721646146-1.0.1.1-KGfUYjmC2h1cOVpLllju0G_Tx8PaY1AyPYg7A_VUBauSUsnhEM5PX1FbO3NiCm9Y0YN.jS6l61vQtH7PIQOsoA
store.upwellness.com/	1970-01-20 22:24:10	Name: AWSALB Value: DnGPRE/3iRra0DZpaCb58H6eTo8oolnY1CgIViQP/XLs1Cnd2vogJcv9oY94tTqCSD2YHrQ/8UmvncFAGCEIl/h7YWpHzL1WluV0HshuOuW0bQ+DPj7Wh4E4KrRH
store.upwellness.com/	1970-01-20 22:24:10	Name: AWSALBCORS Value: DnGPRE/3iRra0DZpaCb58H6eTo8oolnY1CgIViQP/XLs1Cnd2vogJcv9oY94tTqCSD2YHrQ/8UmvncFAGCEIl/h7YWpHzL1WluV0HshuOuW0bQ+DPj7Wh4E4KrRH
.tiktok.com/	1970-01-21 07:35:42	Name: _ttp Value: 2jbByAMGmqUxdB2Lb1DRjkzFrvB
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-21 07:50:06	Name: _lc2_fpi Value: f0f26c15fa8f--01j3d1pshn6bvdwrv572v11pn0
.upwellness.com/	1970-01-21 07:50:06	Name: _lc2_fpi_meta Value: {%22w%22:1721646147125}
.criteo.com/	1970-01-21 07:35:42	Name: uid Value: e7039d57-efc9-436f-90d7-aae14f70d087
.criteo.com/	1970-01-21 07:35:42	Name: receive-cookie-deprecation Value: 1
.upwellness.com/	1970-01-21 00:23:42	Name: _gcl_au Value: 1.1.539193016.1721646147
.doubleclick.net/	1970-01-21 07:50:06	Name: IDE Value: AHWqTUlI0-XAKF_DNK9U8_-drBj4tpL7-LW4e8rr0u6-A5Okr4aFX-mFh2b2-UaM
.taboola.com/	1970-01-21 06:59:42	Name: t_gid Value: d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3
.taboola.com/	1970-01-21 06:59:42	Name: t_pt_gid Value: d5b4ea4a-9b4a-42a6-877f-d45e70d7020d-tuctd97c1c3
.upwellness.com/	1970-01-21 07:43:30	Name: cto_bundle Value: YjWan181aUlWZ1dTSGhmNiUyRlMwazc5ckRJcDladXBjR0ZmV1J2V1FGSUZyQ0RwU3JJTjVxb3lGVzhYY2RVJTJCR0lJJTJCZzFXMSUyRjdaeFFYWlVsU215Mmkzb2swa2NrejNjUGZIYnJtaGxvYUhSZmwwWHQ3clc2SkpQOUk3UHJyOXNHMk44WVdoY2ZVbmh5S0NsMXBzQW1WRXdaQjI5WDNPcFlRS1pWbFlTdkoyMDF1OVZ5dyUzRA
.upwellness.com/	1970-01-21 07:50:06	Name: __nbpix_uid Value: 1-mtbfykuf-lywvnxc2
.liadm.com/	1970-01-21 07:50:06	Name: lidid Value: 4e9f492b-7b48-4b2c-b613-9462935b525b
.unsplash.com/	1970-01-21 06:59:42	Name: ugid Value: c6355c3c709be2d714e8b7c7c20e6c355738820
www.clarity.ms/	1970-01-21 06:59:42	Name: CLID Value: 57d3af1ff8d34935a94570379e0e83f7.20240722.20250722
.upwellness.com/	1970-01-20 22:58:44	Name: ndp_session_id Value: 4b5967ed-e4eb-4a42-b830-aef0d389ab3e
pages.upwellness.com/	1970-01-20 22:14:06	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1721646147751%7D
.upwellness.com/	1970-01-20 22:15:32	Name: _gid Value: GA1.2.1122549409.1721646148
.upwellness.com/	1970-01-20 22:14:06	Name: _dc_gtm_UA-28307243-3 Value: 1
.yahoo.com/	1970-01-21 07:00:03	Name: A3 Value: d=AQABBEM8nmYCEK_M4xR6ysZF39S1gQoIe8sFEgEBAQGNn2aoZtxC0iMA_eMAAA&S=AQAAAhw3oTSJMPguosxVzg-lwFc
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.pinterest.com/	1970-01-21 06:59:42	Name: ar_debug Value: 1
.upwellness.com/	1970-01-21 07:35:42	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-21 07:35:42	Name: _ttp Value: MmqSCnUp77D4Iq9bQF7w5a0eNES
.upwellness.com/	1970-01-21 07:50:06	Name: _ga_E56T163DF6 Value: GS1.1.1721646147.1.0.1721646147.0.0.0
.upwellness.com/	1970-01-21 07:50:06	Name: _ga Value: GA1.1.2006055145.1721646148
.upwellness.com/	1970-01-21 06:59:42	Name: _mg_ckp Value: eyJja1RrZERGIjoiIn0=
.pages.upwellness.com/	1970-01-21 06:59:42	Name: _pin_unauth Value: dWlkPU5tVXpOemxoTlRFdE5tUXhNQzAwWkdZNExUa3haR1V0TUdNelkyTTNZMlF5WkRaaA
.upwellness.com/	1970-01-21 06:59:42	Name: _clck Value: t9vo9z%7C2%7Cfno%7C0%7C1664
.bing.com/	1970-01-21 07:35:42	Name: MUID Value: 0A932501B1E56E7B0C2231C5B0976F3E
.bat.bing.com/	1970-01-20 22:24:10	Name: MR Value: 0
.upwellness.com/	1970-01-21 00:23:42	Name: _fbp Value: fb.1.1721646148228.20127083946658192
.bat.bing.com/	1970-01-21 07:35:42	Name: MSPTC Value: gMRWWYjPj0P5twOtQq8sfd698TMgZHS0ng7PRuA9J5o
.upwellness.com/	1970-01-20 22:15:32	Name: _clsk Value: jap5zf%7C1721646148482%7C1%7C1%7Cx.clarity.ms%2Fcollect
.upwellness.com/	1970-01-20 22:15:32	Name: _uetsid Value: e2681f40481911efbe4fcbd4cff9a2fc\|1hb6zuj\|2\|fno\|0\|1664
.upwellness.com/	1970-01-21 06:59:42	Name: __mguid_ Value: 794c161d87574015a0f10965d3b1da37
.omnitagjs.com/	1970-01-20 22:57:18	Name: ayl_visitor Value: 06ac94065a236d7e0791266f03093c9d
.casalemedia.com/	1970-01-21 06:59:42	Name: CMID Value: Zp48RNHM6W8AAFMsAEQ-awAA
.casalemedia.com/	1970-01-21 00:23:42	Name: CMPS Value: 3539
.casalemedia.com/	1970-01-21 00:23:42	Name: CMPRO Value: 3539
.smartadserver.com/	1970-01-21 07:44:20	Name: pid Value: 2619670317321328294
.smartadserver.com/	1970-01-21 07:44:20	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 06:59:42	Name: csync Value: 79:k-3zhTNZUlJJ6uw-SNhx1TNEVwaFQObCB52Lh5AQ
.adnxs.com/	1970-01-21 00:23:42	Name: XANDR_PANID Value: kYv5bK5g5fsQKAG15r3mXoWHsgIe6DJJR4PPpmyvJbbGlRMGsa77n85C4pVTbE-xb-exsfYqvPocjQ7x85wadW2jqs_UMHLfuYF2kJnK4mQ.
.adnxs.com/	1970-01-21 07:50:06	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:23:42	Name: uuid2 Value: 4839716578752447538
.360yield.com/	1970-01-21 00:23:42	Name: tuuid Value: f341b020-2283-4894-9328-545f18f42ee9
.360yield.com/	1970-01-21 00:23:42	Name: tuuid_lu Value: 1721646148
.bidswitch.net/	1970-01-21 06:59:42	Name: tuuid Value: ed963a9e-3166-4681-9bf3-21fc04d9a39e
.bidswitch.net/	1970-01-21 06:59:42	Name: c Value: 1721646148
.bidswitch.net/	1970-01-21 06:59:42	Name: tuuid_lu Value: 1721646148
.mediawallahscript.com/	1970-01-21 07:50:06	Name: mCookie Value: e2af3450-4819-11ef-9476-37083da6b2ac
.mediawallahscript.com/	1970-01-21 07:50:06	Name: mUserCookie Value: %7B%7D
.360yield.com/	1970-01-21 00:23:42	Name: um Value: !38,6SfNr1-uit4EoHCEqMGiQwn2O.Y-Z2r2Ww2myRZpDtSrxn67Cxc4OXTSM.BIPmkAuCAbQK-X,1729422148
.360yield.com/	1970-01-21 00:23:42	Name: umeh Value: !38,0,1783854148,-1
.c.bing.com/	1970-01-20 22:24:10	Name: MR Value: 0
.upwellness.com/	1970-01-21 07:35:42	Name: _uetvid Value: e2684970481911efac0d939767a9e0a4\|5sxdqb\|1721646148677\|1\|1\|bat.bing.com/p/insights/c/x
exchange.mediavine.com/	1970-01-20 22:34:15	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22e2b91f60-4819-11ef-9fa4-5579ae72ad87%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:34:15	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22e2b91f60-4819-11ef-9fa4-5579ae72ad87%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:34:15	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22e2b91f60-4819-11ef-9fa4-5579ae72ad87%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:34:15	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22e2b91f60-4819-11ef-9fa4-5579ae72ad87%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 22:34:15	Name: criteo Value: %7B%22id%22%3A%22k-1OOpRJUlJJ6uw-SNhx1TNEVwaFSwWWcD9dIEig%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 06:59:42	Name: visitor-id Value: 3646477480813248000V10
.media.net/	1970-01-20 22:57:18	Name: data-c-ts Value: 1721646148
.media.net/	1970-01-20 22:57:18	Name: data-c Value: k-gxLWa5UlJJ6uw-SNhx1TNEVwaFRAQhSFBXAqww~~3
.crwdcntrl.net/	1970-01-21 04:42:54	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 04:42:54	Name: _cc_id Value: 3b57ba819182ea43aa0bb66ba630d571
.smaato.net/	1970-01-20 22:44:20	Name: SCM Value: c584103658
.smaato.net/	1970-01-20 22:44:20	Name: SCM1001851 Value: c584103658
.rezync.com/	1970-01-21 07:35:42	Name: zync-uuid Value: 29439186-4148-4c76-bc88-a92740fde381:1721646148.7614567
.teads.tv/	1970-01-21 06:58:15	Name: tt_viewer Value: bf784f28-b089-46f6-876e-470ae736624f
.tapad.com/	1970-01-20 23:40:30	Name: TapAd_TS Value: 1721646148829
.tapad.com/	1970-01-20 23:40:30	Name: TapAd_DID Value: 36f4bc01-72c2-4d76-94c8-731a71681534
.tremorhub.com/	1970-01-21 07:00:03	Name: tvid Value: 78d00df42f8e4811b29de26df75cb9c7
.tremorhub.com/	1970-01-20 22:57:18	Name: tv_UICR Value: k-0P_ibpUlJJ6uw-SNhx1TNEVwaFSeQgCp_goGIw
.adsrvr.org/	1970-01-21 06:59:42	Name: TDID Value: f354958a-f2fd-4fc8-ad41-d8ae4fca8cf5
.adsrvr.org/	1970-01-21 06:59:42	Name: TDCPM Value: CAEYBSABKAIyCwjW_IWikJKVPRAFOAE.
.pubmatic.com/	1970-01-20 22:57:18	Name: KRTBCOOKIE_97 Value: 3385-uid:k-l6kljZUlJJ6uw-SNhx1TNEVwaFQrs-8zfdn8xw&KRTB&23037-uid:k-l6kljZUlJJ6uw-SNhx1TNEVwaFQrs-8zfdn8xw&KRTB&23144-uid:k-l6kljZUlJJ6uw-SNhx1TNEVwaFQrs-8zfdn8xw&KRTB&23286-uid:k-l6kljZUlJJ6uw-SNhx1TNEVwaFQrs-8zfdn8xw
.pubmatic.com/	1970-01-20 22:57:18	Name: PugT Value: 1721646147
.rqtrk.eu/	1970-01-20 22:24:10	Name: browser_id Value: 1:fc569ac6-7005-4852-8f3f-f0c7ee21ebda
.c.bing.com/	1970-01-21 07:35:42	Name: SRM_B Value: 0A932501B1E56E7B0C2231C5B0976F3E
.mediawallahscript.com/	1970-01-20 22:15:32	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_07_2024 Value: %7B%221pVtae%22%3A1%7D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:35:42	Name: MUID Value: 0A932501B1E56E7B0C2231C5B0976F3E
.c.clarity.ms/	1970-01-20 22:24:10	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:14:06	Name: ANONCHK Value: 0
.mediago.io/	1970-01-21 06:59:42	Name: __mguid_ Value: 120f067c7167e7022nigrs00lywvnyj1
gtrace.mediago.io/	1970-01-21 06:59:42	Name: cst_44 Value: ts=1721646149
gtrace.mediago.io/	1970-01-21 06:59:42	Name: cst_70 Value: ts=1721646149
gtrace.mediago.io/	1970-01-21 06:59:42	Name: cst_78 Value: ts=1721646149
.postrelease.com/	1970-01-21 06:59:42	Name: visitor Value: 8b364b04-efbe-4050-9211-bee018965f37
.postrelease.com/	1970-01-21 06:59:42	Name: status Value: 0
.rfihub.com/	1970-01-21 07:35:42	Name: rud Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDMyMDQ1MzYzt7A0NhPiM9QNM4xyTy8tdM52Si0EAEb2BhIlAAAA
.rfihub.com/	1970-01-21 07:35:42	Name: eud Value: H4sIAAAAAAAA_5skbG5kaWJsaWhhpmtiaGKha5JsbqablGxhoZtoaWRuYpCWkmpsYWhlaG5kaGZiBlShZw4kTc3MZwnzwgUtDYyMFqHyjQGexQElWgAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_w3KsRGAMAwDwIZ1zGFHkWy2gRAGYXLSfPXfpii08qTBkYYh2j0y7aoQjveZLf10hRNcY9eyUz--XVFDOgAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrQ0NzM2MDMyMDQ1MzYzt7A0NhPiM9QNM4xyTy8tdM52Si0EAEb2BhIlAAAA
.adnxs.com/	1970-01-21 00:23:42	Name: anj Value: dTM7k!M41$E:2jUF']wIg2Hbyse-:e!A#F8(<h!zS[j?WZ61rPTzWFeFL!C#ocmMw]wLdt?14A%p<MFrpWDnH)K9p0q)Pm'o]B-2f/dkl(j'm?-2hjT`%j^RAA8Hgkq=v'J--vgrkZosmW`TQDFz:1f0%.1cORjRcBU-3PVX23nXm/!4rA06.$K
.tpmn.co.kr/	1970-01-20 22:57:18	Name: criteo Value: k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ
.ads.stickyadstv.com/	1970-01-20 22:57:18	Name: UID Value: b7268e6eaa44a5188fe2ca5152a02577
.ads.stickyadstv.com/	1970-01-20 23:40:30	Name: uid-bp-11554 Value: k-osEVDZUlJJ6uw-SNhx1TNEVwaFTU_gdXcEGwKw
live.rezync.com/	1970-01-21 07:35:42	Name: sd-session-id Value: .eJwNytEKgzAMQNF_ybMdTRuTtD8jrmZQNt2w7mXiv68vFy6cE6aP7eu82XZAPvavDVBetV-DfEKrv9WekAGTcPQcPI4cWTRFhmuAZq3V9zbVpZuQKCZUdoSkjoqwuxdVN6cg5B-LRcWMEpCJu7hJ78gC1x-JrCTN.Zp48RQ.EUwoW08VmEzfF0e0UinAhYnN7YM
.bluekai.com/	1970-01-21 02:33:18	Name: bkdc Value: phx
.bluekai.com/	1970-01-21 02:33:18	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LUUliEE0zeP65Db3B/TGY1Q1NFUpiXh/1TpvE6y6EDp19xYtNHVu
.bluekai.com/	1970-01-21 02:33:18	Name: bku Value: uUW99WxX7ZSGXgDQ
.rubiconproject.com/	1970-01-21 06:59:42	Name: audit_p Value: 1\|MROSgRJSG6EWo123wvCsuuM5lE/Dk90KsA8Vo8aBkqzFwpmMCvAS5n1MjVdsD9fCyU+UBkEG7HMwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTQXaTNg9X/p45i/nqddvhpgI09/nIbWimfz8j94j6kE0XenwyyGh26Z16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.rubiconproject.com/	1970-01-21 06:59:42	Name: khaos Value: LYWVNYNO-1I-59WS
.rubiconproject.com/	1970-01-21 06:59:42	Name: khaos_p Value: LYWVNYNO-1I-59WS
.rubiconproject.com/	1970-01-21 06:59:42	Name: audit Value: 1\|MROSgRJSG6EWo123wvCsuuM5lE/Dk90KsA8Vo8aBkqzFwpmMCvAS5n1MjVdsD9fCyU+UBkEG7HMwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTQXaTNg9X/p45i/nqddvhpgI09/nIbWimfz8j94j6kE0XenwyyGh26Z16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.rubiconproject.com/	1970-01-21 00:23:42	Name: receive-cookie-deprecation Value: 1
.demdex.net/	1970-01-21 02:33:18	Name: demdex Value: 06591102586159285581869927498724990781
.dpm.demdex.net/	1970-01-21 02:33:18	Name: dpm Value: 06591102586159285581869927498724990781
.pippio.com/	1970-01-21 06:59:42	Name: did Value: 14fAxE8mvRWdJVg_
.pippio.com/	1970-01-21 06:59:42	Name: didts Value: 1721646149
.pippio.com/	1970-01-20 23:40:30	Name: nnls Value:
.pippio.com/	1970-01-20 23:40:30	Name: pxrc Value: CAA=
.criteo.com/	1970-01-21 07:35:42	Name: cto_bundle Value: EOKZEV9PWEw5SVlaOVglMkJUSThOcXJFSVNURUt3TEtMTmpHczI2R3BSS3d1UDZ0emdVNk5RNk1IV09PbTBYYVZLT0Fiajc
.tpmn.io/	1970-01-20 22:57:18	Name: criteo Value: k-3wg4G5UlJJ6uw-SNhx1TNEVwaFQvD9HSEAwRHQ
.taboola.com/	1970-01-21 06:59:42	Name: receive-cookie-deprecation Value: 1
.agkn.com/	1970-01-21 06:59:42	Name: ab Value: 0001%3AFqKlxbIBy7Swie5D13KC9NP4eiU0QhZg

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM(Line 9) Message: Not allowed to load local resource: blob:https://app.unbounce.com/45620950-b47f-4de1-947e-a43632c71554
javascript	error	URL: https://pages.upwellness.com/uc-grplus-fps/?offer=67&session_id=102ad9e183f34593b01fc41a774a2b&n=tune&AFFID=477232&subid=1_TH240715PM(Line 9) Message: Not allowed to load local resource: blob:https://app.unbounce.com/97713285-8b74-47ca-82de-559bfcd77f97
network	error	URL: https://pages.upwellness.com/assets/8a08425b-6e72-4bbd-969d-2a7489d04e3a/rightarrow-hr.original.png?1615572696 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
aa.agkn.com
ad.360yield.com
ad.tpmn.co.kr
ad.tpmn.io
ade.clmbtech.com
ads.nextdoor.com
ads.stickyadstv.com
amplify.outbrain.com
analytics.tiktok.com
app.unbounce.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
business.newsbreak.com
c.bing.com
c.clarity.ms
cdn.js.customerlabs.co
cdn.mediago.io
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
exchange.mediavine.com
fast.wistia.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
i.liadm.com
ib.adnxs.com
jadserve.postrelease.com
js.sentry-cdn.com
links.thealternativedaily.com
live.rezync.com
live.upwellness.com
match.adsrvr.org
match.sharethrough.com
measurement-api.criteo.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
p.rfihub.com
pages.upwellness.com
partner.mediawallahscript.com
pipedream.wistia.com
pippio.com
pixel.rubiconproject.com
psb.taboola.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
tags.bluekai.com
tapestry.tapad.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
views.unsplash.com
visitor.omnitagjs.com
wave.outbrain.com
ws.rqtrk.eu
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.upwellness.com
x.bidswitch.net
x.clarity.ms
app.unbounce.com
store.upwellness.com
trends.revcontent.com
views.unsplash.com
104.18.10.34
104.18.19.37
104.18.36.155
104.36.113.107
107.178.254.65
108.138.106.37
108.139.29.53
13.225.63.10
13.226.34.65
13.226.36.141
141.226.124.48
141.226.224.48
142.251.167.157
151.101.1.44
151.101.65.44
18.165.83.40
18.165.98.80
18.172.122.85
18.211.100.102
18.67.66.87
195.244.31.11
198.8.71.130
20.110.205.119
20.114.190.119
2001:4998:60:807::1
209.85.201.154
23.105.12.172
23.212.250.14
23.220.125.76
23.220.128.196
23.220.132.230
23.223.253.75
23.23.204.175
23.50.124.22
2600:1408:c400:16::17d4:f807
2600:1f18:612b:4280:f33e:3dd1:2496:1725
2600:1f18:730:b120:610:c1c8:8651:5a13
2600:9000:2305:3200:1e:c86:4140:93a1
2600:9000:2305:7e00:1b:5138:8a40:93a1
2600:9000:23cb:f600:8:8845:1500:93a1
2600:9000:266a:3c00:3:471f:5240:93a1
2606:4700:3034::ac43:a9b0
2606:4700:3035::6815:2f0c
2606:4700::6811:180e
2607:f8b0:4004:c06::61
2607:f8b0:4004:c19::9c
2607:f8b0:400d:c0b::9a
2607:f8b0:400d:c0d::8b
2607:f8b0:400d:c0d::93
2620:100:a00b::12
2620:100:a00b::26
2620:100:a00b::a
2620:1ec:bdf::40
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:200::729
2a04:4e42:600::644
2a04:4e42:77::84
3.213.14.63
3.93.168.254
34.102.166.132
34.111.113.62
34.199.79.177
34.214.40.15
34.237.207.209
35.171.156.64
35.208.249.213
35.211.178.172
35.238.129.105
44.237.21.44
51.222.241.106
52.0.215.179
52.204.124.17
52.223.40.198
52.40.189.238
52.85.61.59
52.85.61.83
52.91.202.27
54.187.143.159
54.236.93.106
54.83.17.184
54.88.71.74
63.251.28.210
64.202.112.255
68.67.160.75
69.173.151.100
74.119.117.16
00441cb5f3a0e3c58f19e0fdd8f58b1e8f620988186443480d9ac506113e5684
0082eeaf682ef8871b677f57c699fa2f627961324140f1adf673efc0f3cef9c3
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
01439dddb0622f696a157c473b0ae1a49305c85bf8445a70b3bb90da181053ce
018330acd256ded2afc2a8a4ae96cc32e64b5097d2eb1424ecc68781a169be29
02757fc39095d68c5fa5235479990f3226d99814d8dd17dd8feadafb13265e24
039b3995bcd60d961e19a42693d7f41c32375d07c7f096154514c18ab7d754d5
075218352b10c9bbed538be75caf73f1011075caed59512ee8749889376a78ab
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09e3b924154134e4eec9deccb040b354820cdab5ac8f442e0c12a637361ae4d3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7a01d3a1cffd801444fe03c7c3fddf9652845971982db95d03947a177aec46
0d0518a6b35aa7a5ad21c3fd031e6e963fcec23e700bd1267d8cb4caad243ea7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0efb3a0ff3d9bf6ff086f5397faa52fcff745830ef05edd58d671528301be41b
0fa56fcfcf95ba949a3a9883d09eca6aefd84613a8aa0ba9e7cc88e1116dda18
115331f3aa1fa4b58abb49d57743ade02ea93be370af954f1322f169c59c8b9c
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
1a24a4494f46329ded93c99722c4798c93a0129f4538b130181c30309743f51e
1ae37538ceacf2b3b1bac1208621fbd98393d4f3a402931ce7ffda5cb73245dd
1c11543a28fe6614b141106cf0375c62af8c8f65dbdb4b49a92c88b40bbabd64
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d5103d6d9980eb4c11f5e35bfa6fa1abf2ad28ca999b7692e0f5cbfc6155d85
240f07b2d5912479dd1b9c14dedc84d4b86c956f19461baee4a9595b92730dcd
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
28e87c0c4bfb8589a9ca04d743ae23e71cd1828902cd8028990dae98a9479363
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab989207f26bace33b33ac73513eba4e679923e3bb6e82e42ab69d46143c48a
2b2431a0240ed1cdb15054ea92932a591eed5bc801d3a36ac4c64f5f1e6f57d5
2d9e600cc97a563d568d616671db47dac1576938a377d50e92c3d0d250e14ba3
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
2ecefb5809e37a48cbbde3e05b7644e9e5ce8bf50cff86c9b8c8860566338203
2fa4ca6b70211d73c63898ffb5ede1d7d4c6723e3027edbe74ee5e1d3cfeb7c4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
343e195b43bec5eb57d8b9475f0789dd34e8279eab95cc503fe9f6b628bb42f8
355303d34a763f723b5706dbeaaa9f68304cd8a9641be0fea8013084bc70ff50
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a1cbaa47e2e01dc2f43b6e10894923f4d690092b3b5f4fe0319e17f5c9fe53b
3afa4afc47b629e574480ead9591953a1340f05d5b58662d3b0d4623459d07c1
3aff85d678148ae04d80813ad2718bf9d68276c9827b474613c100efa8ee377f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a492378959ce9779c9f2105125ead284f0694cfdaf10d6845fbff42bcbc883
451f6ebc54746eb56022d52c8692938318c6694f71187525111b4888880f62c6
466123a069cdf8ec57d29dcdfe0ecbf99cf201e7cf4608e4cebe812265cf0848
46ab0d4ca693b6aea2723ff874679d5f7c8dace80fede1923c5bf2e5ae6164ad
4928e8ff74e762e0ac3cc22f6149fc8fe3cbda131ea61c10d37b2032a793dc36
4aad912c2cd691de68d2614db4cd8a553d89e55e942e67570a20d56cfa0904b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd2ec142ec315e0886f417f23342bc1457c902870865b0615e964a1ec1a1069
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb65c9738aa1dbc09541d3272111f264d8ff8d08f8b90d6b99e3e44f243ae1c
50018be8d122d61af741e6b276e49bac6d61362069ec32e219225790918a3071
505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c
5129638f2a3885d9a64c037aee442e91edacde2eb85f42207557e8f49ed689cc
535fb04dc7a6eacc45d430295d7eca65b3712441dbd2f9831b62cd06af13cf54
53fceb04b202aa40b035bf8a47bd1f2a613049b6706c9fbf8815f71d91293bb9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56bc1f6a94faf271c27097cb96285b2242f066f4924304aa8165b0215a1c4cfe
574a2a09f304d95c3d37d0a4b67b49c06f1cf82a41219c423fdda53ef9e13ee3
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5d8ac7d8a665d28608fa0aaf1f0f046da239c1c481fac0aa2d0860d3a8e66811
5db2abadf5f56d4386a387198ea15ff23a84c488827f2ba84fc560e4838a0a10
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
62150c950dd8f99ab4d1df5842e30a6f30cf39654c70556be0286dda16c83af2
625f58b1e9ea302916ba236ceaf97e3b7467f4d37ab8409a30f6c7a0afb024aa
64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
6ac684f0d7bbe2947da03a4ef906bace5ea3d477b948cf2d0c83448db9731814
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
75e19cfaf1f4af7ae7f6de3d2b180126876b3fc895b2cf8df6834eec44638c05
7955f1923c559ed4416f4256cd933ee7d1b9d57079a754921848fae4ad05f34c
7a6a3ab92eb57a2d5005a905426ac0111c7410591335595788f5e676e06e73a3
7cecfaabceb831e4142db41aba15050527bc5c3bb3182f115739dda6e90a3aaa
7e1ced1298f789668c25c00b6282329b1d1fb45bb4104b1336587acd8261af23
827d9260911830f9fc5f799abc6b84f5b7d116101ac969a55a3271e46a914a59
8489534bde4ad3c3cedebecd11b9babe653de6b413922ec2b877c5bfcb33ee3e
893960c5a12c40bfbec2db2f48e1f8fe8d36bb38f7a36f6fa7003243bb74634f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0e7e3afee39fdf54ecfda43d23886e66d72453d9652166573b64389c61f26d
8c82a9a6c6bbc4c0164dd5d134b8b796da18e617d33e052ac872f87e4feb2f0d
8e7254dd9e801bacf701a8b7b7adaf764ec3ca64dcfd675785a21d099af31474
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9689b5cde0d4bde9d17a2197a4d3377370273f63e33140d1e8512cc685fdc6eb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98eae7d8712b01cb6d7f168a4169b448460ee6f06fdec99eb6f609f5652a6b2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7a5ef27244cbd69baf580ab2336d086bc3e5e0dfcdda9a96bcabd3cd28bca0
9e60edd0cddc2dada0c5a48d7ff0c5915b24b50ae27aeee39196eca351c5b7f9
9fbddea61a3f48d29dd3edf38a67cff111506221fa50e3becbcbfc9d23c1907c
9ffd838d73e88fd6f4e77ef73ec03f4499b938eb378e15880535d6396dedba3d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ed1fd156e16b95275ef30f2229c0509ea00eeb1cce4173678dea14ba033c67
a3c78e2cfd04611e069c3edfc58f8f9866c89a0a383e3556bbdeff54ddceef74
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a821d04787f7c819c15c225d04602efb044b94c22562c4c2766e9945829f058c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268
adc9db9b3e5041761e9fdc9b24f7aea4e9177679e13655adc51e37d35045b36e
ae486ff02d889851bda63226c9a39d002c58c522339ff51581521ec8131fe7a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b5a2924ce2c6e88c1c67695c8d2d9dd16b10ef11e733bf1336399800a2bc5396
bb7094c95568cc14bcce044afc3ab2700111c361b670ba4afad984a871beeab8
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
c07bfeefed302d67a76171191f344946d6500f468664a2ae0e8ac1c412a623e4
c0c879faf9291904fa0bdd234bc665accd77070cf6b79e9117f72c83f9898ee3
c2406fc64a1bec2b09941c5e45631de1ab70363b5f124fc08a98bcdb0115d269
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
c665299a16156bdb7b3dfc2ea106c6988460db56657609763c9d991f9d638127
c75287eb8ef38ca2040926b861f83fb1f78e8510bf0c217a89d15af4732dfc25
c7f92a3f343fc7205119e03b1bc80aa7401ce780d3afc74c4b4a9575ca8f029e
c84a6bfc027c476c666c489c50c2611877eca16db056447023d200f5d40ab8bf
cac9ffc12794b3df79bdbc912f5ce03a196226548ddd8f8d67d2d63113a72652
cb6d48fdc0f788c8ec7da729b014155f32d624e23ec1ea7a0d4a84dfd051f10d
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cd67108bfcb47b5184059b16a4b7f8d39d0dd26b6d717628f2280bd770afa2f7
cd872b7a081510020e0ec3c0d2cf3bca2063366ff2ac5857f668304f8d2de019
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
da8b40bfd5c0d0418874ab2a43d1ad8d6ba7be698e2f43ac964f4aeabc7bf484
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c2ed94fe556413f6276acdaa093bae03b6a162f5c05d5e4d66305fab48906
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389
eceaae8316905c7a26e541fe7a89668e84df7f64efaca32b113cd1aac8e07579
ed2bc704e3fc26b8ee33210578b918016eab1d881e7db60e44e4afbbeeb5b2fd
eee0b11d48ea095a4dc484d65f7a2b1197c7943f25e5860a5fe5adfc6a6e4568
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1d5055ef8df05be8830805e5633f4758ffaaf2afdd1d7dfd1499c3d237eadcb
f3e8224acfdae06b7abba666614274da655043db7c569f4035ce6e3c39545e46
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa8906ad9420d4c55bdc1445dd384779d3a367c3c78e201f7fc902d6d1c82011
fed35a643a522ed7fffd657d0315f810687e13e381f6e98a2b4f00f8afe46003

pages.upwellness.com Open in urlscan Pro 104.18.19.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

90 %HTTPS

30 %IPv6

66 Domains

99 Subdomains

79 IPs

3 Countries

6816 kBTransfer

10847 kBSize

133 Cookies

0 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
104.18.19.37 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

90 %
HTTPS

30 %
IPv6

66
Domains

99
Subdomains

79
IPs

3
Countries

6816 kB
Transfer

10847 kB
Size

133
Cookies

213 HTTP transactions
3 data transactions