pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZ0b3BoZWFsdGh5Y2...
Effective URL:
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&sub...
Submission: On March 28 via api (March 28th 2023, 7:37:08 pm UTC) from BE — Scanned from DE

Summary HTTP 246 Redirects Behaviour Indicators

Summary

This website contacted 90 IPs in 9 countries across 80 domains to perform 246 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com. The Cisco Umbrella rank of the primary domain is 553578.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	170.187.185.18 170.187.185.18	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2	2606:4700:303... 2606:4700:3032::ac43:8948	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:310... 2606:4700:3108::ac42:2b71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.31.40.31 52.31.40.31	16509 (AMAZON-02) (AMAZON-02)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
2	52.222.174.14 52.222.174.14	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2600:9000:20e... 2600:9000:20e1:8400:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:d200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	34.236.88.218 34.236.88.218	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
4	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	44.236.178.245 44.236.178.245	16509 (AMAZON-02) (AMAZON-02)
8	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.127 13.32.99.127	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.137.164 18.66.137.164	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.119 108.138.17.119	16509 (AMAZON-02) (AMAZON-02)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b110:5d71:6695:b3d2:3b15	14618 (AMAZON-AES) (AMAZON-AES)
1	52.202.32.237 52.202.32.237	14618 (AMAZON-AES) (AMAZON-AES)
2	34.230.252.255 34.230.252.255	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	35.160.236.237 35.160.236.237	16509 (AMAZON-02) (AMAZON-02)
1	52.222.149.85 52.222.149.85	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:218c:be00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	143.204.192.5 143.204.192.5	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.164.52.40 18.164.52.40	16509 (AMAZON-02) (AMAZON-02)
6	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
9	52.222.250.12 52.222.250.12	16509 (AMAZON-02) (AMAZON-02)
1	176.34.146.200 176.34.146.200	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:20:... 2606:4700:20::681a:37a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 13	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.22.191.215 52.22.191.215	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:218... 2600:9000:218c:da00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	3.210.192.5 3.210.192.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.10.177.234 52.10.177.234	16509 (AMAZON-02) (AMAZON-02)
2 4	52.213.31.46 52.213.31.46	16509 (AMAZON-02) (AMAZON-02)
1 1	54.243.49.36 54.243.49.36	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.122.95 18.66.122.95	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	44.195.191.171 44.195.191.171	14618 (AMAZON-AES) (AMAZON-AES)
1 24	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 3	18.185.209.202 18.185.209.202	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 6	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.127.130.178 3.127.130.178	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
3 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	52.18.22.137 52.18.22.137	16509 (AMAZON-02) (AMAZON-02)
3 4	54.78.84.139 54.78.84.139	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.74.115.177 3.74.115.177	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2600:1f18:612... 2600:1f18:612b:4200:d1f0:6fd6:bfc0:39be	() ()
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.206.86.180 23.206.86.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.81.193 54.155.81.193	16509 (AMAZON-02) (AMAZON-02)
2	54.171.92.63 54.171.92.63	16509 (AMAZON-02) (AMAZON-02)
1	52.4.213.160 52.4.213.160	() ()
1	18.118.202.231 18.118.202.231	() ()
1 1	3.125.13.55 3.125.13.55	() ()
1 1	72.246.169.24 72.246.169.24	() ()
2 2	3.70.44.41 3.70.44.41	() ()
1	188.65.124.66 188.65.124.66	() ()
1 1	212.82.100.182 212.82.100.182	() ()
2 2	193.108.153.21 193.108.153.21	() ()
1 1	52.222.229.186 52.222.229.186	() ()
1	3.228.92.231 3.228.92.231	() ()
1	34.160.236.64 34.160.236.64	() ()
2 2	37.157.6.241 37.157.6.241	() ()
1	35.244.159.8 35.244.159.8	() ()
246	90

1 170.187.185.18 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: vsrv379.armadaservers.com

click.mwhealthcareconsulting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:8948 (United States)

ASN13335 (CLOUDFLARENET, US)

tophealthychoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b71 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.maxweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.40.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-40-31.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-14.cdg50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn1.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e1:8400:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.236.88.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-88-218.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:a9b0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.178.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-178-245.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-127.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-164.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-119.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:5d71:6695:b3d2:3b15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.32.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-32-237.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.230.252.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-252-255.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.236.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-236-237.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-85.cdg52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218c:be00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.192.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-192-5.lhr3.r.cloudfront.net

d3pkntwtp2ukl5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-40.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.222.250.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.146.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-146-200.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:37a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:932 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.22.191.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-191-215.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:218c:da00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.192.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-192-5.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.177.234 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-177-234.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.31.46 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-31-46.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.49.36 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-49-36.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-95.fra60.r.cloudfront.net

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.195.191.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-191-171.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.209.202 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.84 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.130.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-130-178.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.22.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-22-137.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.84.139 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-84-139.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.115.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-115-177.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:d1f0:6fd6:bfc0:39be (None, ) 1 redirects

ASN- ()

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.86.180 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-86-180.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.81.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-81-193.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.92.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-92-63.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.213.160 (None, )

ASN- ()

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.118.202.231 (None, )

ASN- ()

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.13.55 (None, ) 1 redirects

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (None, ) 1 redirects

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.44.41 (None, ) 2 redirects

ASN- ()

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (None, )

ASN- ()

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (None, ) 1 redirects

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.21 (None, ) 2 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.229.186 (None, ) 1 redirects

ASN- ()

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.92.231 (None, )

ASN- ()

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	wistia.com fast.wistia.com — Cisco Umbrella Rank: 3899 embed-ssl.wistia.com — Cisco Umbrella Rank: 7445 embed-cloudfront.wistia.com distillery.wistia.com — Cisco Umbrella Rank: 6047 pipedream.wistia.com	2 MB
24	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 276	20 KB
13	clickcertain.com 7 redirects a.clickcertain.com — Cisco Umbrella Rank: 3376	8 KB
12	cloudfront.net d34qb8suadcc4g.cloudfront.net d3pkntwtp2ukl5.cloudfront.net d9hhrg4mnvzow.cloudfront.net	62 KB
11	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 70 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	10 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3637 gum.criteo.com — Cisco Umbrella Rank: 392 mug.criteo.com — Cisco Umbrella Rank: 2797 sslwidget.criteo.com — Cisco Umbrella Rank: 1749 widget.us.criteo.com — Cisco Umbrella Rank: 18655 dis.criteo.com — Cisco Umbrella Rank: 686	29 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	534 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	417 B
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	170 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 912 trc.taboola.com — Cisco Umbrella Rank: 658 trc-events.taboola.com — Cisco Umbrella Rank: 1840 sync-t1.taboola.com sync.taboola.com Failed	22 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6058	1 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
6	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 389	6 KB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 23303	85 KB
6	yahoo.com 3 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1104 ups.analytics.yahoo.com — Cisco Umbrella Rank: 277 cms.analytics.yahoo.com	3 KB
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 104890 io.v2.customerlabs.co — Cisco Umbrella Rank: 116455	198 KB
6	upwellness.com pages.upwellness.com — Cisco Umbrella Rank: 553578 live.upwellness.com — Cisco Umbrella Rank: 586969 store.upwellness.com — Cisco Umbrella Rank: 535786	53 KB
4	360yield.com 3 redirects ad.360yield.com — Cisco Umbrella Rank: 651 match.360yield.com	2 KB
4	casalemedia.com 3 redirects r.casalemedia.com — Cisco Umbrella Rank: 1360 dsum-sec.casalemedia.com ssum-sec.casalemedia.com	3 KB
4	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 526	814 B
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2494 tr.outbrain.com — Cisco Umbrella Rank: 2407 sync.outbrain.com	7 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 58759 api.useproof.com — Cisco Umbrella Rank: 55516	601 KB
4	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 2647 rp.liadm.com — Cisco Umbrella Rank: 1507 rp4.liadm.com — Cisco Umbrella Rank: 7161 i.liadm.com — Cisco Umbrella Rank: 584	16 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	3 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1238 c1.adform.net	1 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 297	1017 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 331	12 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 762	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 617 script.hotjar.com — Cisco Umbrella Rank: 755 in.hotjar.com — Cisco Umbrella Rank: 1861	72 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 469	7 KB
2	stickyadstv.com 2 redirects ads.stickyadstv.com	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 596 usermatch.krxd.net Failed	673 B
2	tremorhub.com 1 redirects criteo-partners.tremorhub.com amazon.partners.tremorhub.com	698 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 352	279 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 588	227 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 322 token.rubiconproject.com Failed	560 B
2	usbrowserspeed.com 1 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 6212	390 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 432	1 KB
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 197340	200 B
2	remarketstats.com 2 redirects a.remarketstats.com — Cisco Umbrella Rank: 40954	1 KB
2	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 23107	563 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 57013 business.newsbreak.com — Cisco Umbrella Rank: 16942	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6816 flask.nextdoor.com — Cisco Umbrella Rank: 6390	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 708	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com — Cisco Umbrella Rank: 570442 assets.ubembed.com — Cisco Umbrella Rank: 9954	51 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 17857	37 KB
2	tophealthychoice.com tophealthychoice.com	2 KB
1	openx.net us-u.openx.net	304 B
1	mookie1.com odr.mookie1.com	213 B
1	samplicio.us usersync.samplicio.us	186 B
1	imdb.com 1 redirects www.imdb.com	880 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com	122 B
1	bluekai.com 1 redirects tags.bluekai.com	471 B
1	agkn.com 1 redirects aa.agkn.com	486 B
1	thebrighttag.com s.thebrighttag.com	268 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2189 sync-amazon.ads.yieldmo.com Failed	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4347	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28867	153 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 670 image2.pubmatic.com Failed image6.pubmatic.com Failed	581 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1362	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2784	274 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 814	235 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1911	172 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 521	35 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 587	802 B
1	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 47972	760 B
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 89010	715 B
1	gstatic.com www.gstatic.com	390 KB
1	wistia.net fast.wistia.net — Cisco Umbrella Rank: 7646	115 KB
1	decide.dev cdn1.decide.dev — Cisco Umbrella Rank: 21048	4 KB
1	welldaily.com 1 redirects go.welldaily.com — Cisco Umbrella Rank: 613924	2 KB
1	maxweb.com 1 redirects go.maxweb.com — Cisco Umbrella Rank: 309514	415 B
1	mwhealthcareconsulting.com click.mwhealthcareconsulting.com	389 B
0	ispot.tv Failed pi.ispot.tv Failed
0	ninthdecimal.com Failed lciapi.ninthdecimal.com Failed
0	exelator.com Failed loadus.exelator.com Failed
0	serving-sys.com Failed lm.serving-sys.com Failed
246	80

	Domain	Requested by
24	s.amazon-adsystem.com	1 redirects pages.upwellness.com s.amazon-adsystem.com
15	fast.wistia.com	pages.upwellness.com fast.wistia.com
13	a.clickcertain.com	7 redirects pages.upwellness.com a.remarketstats.com a.clickcertain.com tag.trovo-tag.com
9	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
9	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
8	www.facebook.com	pages.upwellness.com
8	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
7	embed-cloudfront.wistia.com	fast.wistia.com
7	www.google.de	pages.upwellness.com
7	www.google.com	pages.upwellness.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	googleads.g.doubleclick.net	www.googletagmanager.com
5	io.v2.customerlabs.co	pages.upwellness.com cdn.js.customerlabs.co
5	gum.criteo.com	4 redirects dynamic.criteo.com
4	ib.adnxs.com	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	match.prod.bidr.io	2 redirects a.clickcertain.com tag.trovo-tag.com
4	trc-events.taboola.com	cdn.taboola.com
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
3	dpm.demdex.net	2 redirects
3	ups.analytics.yahoo.com	2 redirects
3	x.bidswitch.net	2 redirects
3	distillery.wistia.com	fast.wistia.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	ct.pinterest.com	s.pinimg.com pages.upwellness.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
2	c1.adform.net	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	match.360yield.com	2 redirects
2	beacon.krxd.net	s.amazon-adsystem.com
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	s.amazon-adsystem.com
2	rtb-csync.smartadserver.com	s.amazon-adsystem.com
2	pixel.rubiconproject.com	1 redirects
2	secure.adnxs.com	1 redirects
2	dis.criteo.com
2	a.usbrowserspeed.com	1 redirects tag.trovo-tag.com
2	pixel.tapad.com	2 redirects
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	a.remarketstats.com	2 redirects
2	sp.analytics.yahoo.com	pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	events.ub-analytics.com	pages.upwellness.com
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	pages.upwellness.com
2	tophealthychoice.com	tophealthychoice.com
1	ssum-sec.casalemedia.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	odr.mookie1.com	s.amazon-adsystem.com
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	dsum-sec.casalemedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	s.thebrighttag.com
1	pipedream.wistia.com	fast.wistia.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	match.sharethrough.com
1	contextual.media.net
1	tag.trovo-tag.com	a.clickcertain.com
1	i.liadm.com	1 redirects
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	in.hotjar.com	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	d3pkntwtp2ukl5.cloudfront.net	pages.upwellness.com
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	flask.nextdoor.com	pages.upwellness.com
1	embed-ssl.wistia.com	pages.upwellness.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.hotjar.com	pages.upwellness.com
1	business.newsbreak.com	static.newsbreak.com
1	mug.criteo.com	pages.upwellness.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	cdn.js.customerlabs.co	click.mwhealthcareconsulting.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	fast.wistia.net	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	cdn1.decide.dev	pages.upwellness.com
1	pages.upwellness.com	tophealthychoice.com
1	go.welldaily.com	1 redirects
1	go.maxweb.com	1 redirects
1	click.mwhealthcareconsulting.com
0	sync.taboola.com Failed	s.amazon-adsystem.com
0	image6.pubmatic.com Failed	s.amazon-adsystem.com
0	sync-amazon.ads.yieldmo.com Failed	s.amazon-adsystem.com
0	pi.ispot.tv Failed	s.amazon-adsystem.com
0	lciapi.ninthdecimal.com Failed	s.amazon-adsystem.com
0	loadus.exelator.com Failed	s.amazon-adsystem.com
0	token.rubiconproject.com Failed	s.amazon-adsystem.com
0	image2.pubmatic.com Failed	s.amazon-adsystem.com
0	usermatch.krxd.net Failed	s.amazon-adsystem.com
0	lm.serving-sys.com Failed	s.amazon-adsystem.com
246	124

This site contains no links.

Subject Issuer	Validity	Valid
click.mwhealthcareconsulting.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
pages.upwellness.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cdn1.decide.dev R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
live.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
store.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-02-07` - `2023-06-02`	4 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-02-23` - `2023-05-31`	3 months	crt.sh
trovo-tag.com Amazon RSA 2048 M01	`2023-03-01` - `2023-06-06`	3 months	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-02-16` - `2023-05-17`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Frame ID: F4A0A4116152FFD786502C3655BB2D2C
Requests: 155 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 67CC681ED950770719652F1E1AF6F2B1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: B804EAC24787A8DE67E54C3B6A7530DD
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0795FE911F00DE43249C6E0E52A47701
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE
Frame ID: 562CDC085296581BD82629FDD6301212
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 59EE8617E6EF66D2219FF03D35F73A82
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060&dcc=t
Frame ID: 2F6CB06176BC22E2D56AB044CFC1A4FF
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 5B1BB7F31DA478B56BC0F696B9BE3DE4
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30
Frame ID: 4F610FCD7E2D9984537581AE9790584D
Requests: 27 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Frame ID: A0D9BCB825C3D8E72911F86977108BA2
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMk... Page URL
https://tophealthychoice.com/7urw Page URL
https://go.maxweb.com/6755/302/2/?&subid=4magiop0327goldenrevive HTTP 302
https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230328193614136&aff_sub... HTTP 302
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=t... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

246
Requests

77 %
HTTPS

27 %
IPv6

80
Domains

124
Subdomains

90
IPs

9
Countries

4932 kB
Transfer

9293 kB
Size

91
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZ0b3BoZWFsdGh5Y2hvaWNlLmNvbSUyRjd1cnc= Page URL
https://tophealthychoice.com/7urw Page URL
https://go.maxweb.com/6755/302/2/?&subid=4magiop0327goldenrevive HTTP 302
https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230328193614136&aff_sub=302 HTTP 302
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://rp.liadm.com/j?dtstmp=1680032220961&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Ftophealthychoice.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1680032220961&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Ftophealthychoice.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6Mw%3D%3D&n3pc=true

Request Chain 53

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=csbzzHxXSlRKZmtTVUpVTHVkam5DZWw3U29HR05nbFYwWjRzaW9abnllVUJpRkVKWlJkOVRZbjFkYXc1UmNMRkg2cUJXYnEwVWVITjJWWWJuQ2VRaGtKQjF6TzhaeW8zclRnUlVlb2MzSEp6d0xPeHN6TER4cEdRWkxLR2Q5T1hrWHdGdTF0b2Z3Q2FVcHU0K2xqUW96Z21uYXN1R0FvL2JReXJUVFRUZGR6cXgxSWdLTk9TVEJWbmxlYjFCWEQ2cjRaeDIwSUg0bG1wcUR4NE1TV25MTjFTaFBoSHoyMXFucUVjWVRuYmNnOE9pVlR4UG5heW5TUUtkNkh4aTlWRTJSNFNKNGh2bmxlNXI3TWZ3anhhVkZlVGlkZz09fA&cppv=2

Request Chain 97

https://sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Ftophealthychoice.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=P-uNVV9KRkd6S2Z0UVlUNVhVJTJCSVduOGFkOTZSeGpVdkE5R0FUdDh3OVA0VUd4bk5LVHlqejA5RDA1TkJBck5NdWVzWHklMkJ2d0xxUmVrJTJGV28lMkZ4NWNwJTJCTDFsVTBMRlBLaExNTGVoWVJDbFZQciUyRlNvdmNDcFJOZGZxem1ZY250YVR1dW4xeUpxODVBOEY1MlU4cVZKczYzTzM1NFElM0QlM0Q&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10299e621b2b1d934068d6d5f18560%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Ftophealthychoice.com%252F&dtycbr=75837 HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Ftophealthychoice.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=P-uNVV9KRkd6S2Z0UVlUNVhVJTJCSVduOGFkOTZSeGpVdkE5R0FUdDh3OVA0VUd4bk5LVHlqejA5RDA1TkJBck5NdWVzWHklMkJ2d0xxUmVrJTJGV28lMkZ4NWNwJTJCTDFsVTBMRlBLaExNTGVoWVJDbFZQciUyRlNvdmNDcFJOZGZxem1ZY250YVR1dW4xeUpxODVBOEY1MlU4cVZKczYzTzM1NFElM0QlM0Q&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10299e621b2b1d934068d6d5f18560%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Ftophealthychoice.com%252F&dtycbr=75837

Request Chain 124

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0 HTTP 302
https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0 HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

Request Chain 155

https://a.clickcertain.com/px/ta/?ccid=9851e8b4-c948-4fec-8704-6b13634008eb HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=9851e8b4-c948-4fec-8704-6b13634008eb&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=9851e8b4-c948-4fec-8704-6b13634008eb&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=548fef76-cf7f-4b33-9e69-49e897a2241c

Request Chain 156

https://a.usbrowserspeed.com/cs?puid=9e9cf5ce-36c1-5e25-80e4-087b41fe1eb0&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=ec0a4d85-b3d4-4b2b-9064-14441f910d0d&hem=

Request Chain 157

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 158

https://a.clickcertain.com/px/r/?ccid=9851e8b4-c948-4fec-8704-6b13634008eb HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=9851e8b4-c948-4fec-8704-6b13634008eb&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d9851e8b4%25252dc948%25252d4fec%25252d8704%25252d6b13634008eb%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=9851e8b4-c948-4fec-8704-6b13634008eb&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d9851e8b4%25252dc948%25252d4fec%25252d8704%25252d6b13634008eb%252526anx_uId%25253d%252524UID HTTP 302
https://a.clickcertain.com/px/li/https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d9851e8b4%252dc948%252d4fec%252d8704%252d6b13634008eb%2526anx_uId%253d%2524UID

Request Chain 160

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=eb500049-cd9f-11ed-b2fd-7730f31d3f96 HTTP 302
https://a.clickcertain.com/px/smart/a/?c=24d1add2443e239&type=img&partner_rid=eb500049-cd9f-11ed-b2fd-7730f31d3f96&partner_id=193f0456 HTTP 302
https://a.clickcertain.com/px/img/?c=24d1add2443e239 HTTP 302
https://a.clickcertain.com/px/img/g/?start_cm=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1 HTTP 302
https://a.clickcertain.com/px/img/g/?google_gid=CAESEPzCac5T02PMz1m6swN_k4k&google_cver=1

Request Chain 162

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 169

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060&dcc=t

Request Chain 173

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YogZCrtXFqPan2_VO1A6nEEOheKC-PcEy8t2Wg&google_cm&google_hm=ay1Zb2daQ3J0WEZxUGFuMl9WTzFBNm5FRU9oZUtDLVBjRXk4dDJXZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YogZCrtXFqPan2_VO1A6nEEOheKC-PcEy8t2Wg&google_gid=CAESENc2wVafIaEaYQcql8cpzj0&google_cver=1&google_ula=913071,0

Request Chain 175

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3650126625467607358

Request Chain 176

https://secure.adnxs.com/setuid?entity=52&code=k-QvBBaLtXFqPan2_VO1A6nEEOheLyrkEHzdzxOQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QvBBaLtXFqPan2_VO1A6nEEOheLyrkEHzdzxOQ

Request Chain 187

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YjnaGLtXFqPan2_VO1A6nEEOheIyzAHbIUbpKQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YjnaGLtXFqPan2_VO1A6nEEOheIyzAHbIUbpKQ&C=1

Request Chain 188

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YquZSbWKqVtW6MEC498RsHztGqv_BQaD HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YquZSbWKqVtW6MEC498RsHztGqv_BQaD

Request Chain 189

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-WBXvQrtXFqPan2_VO1A6nEEOheIf3rN8c5l2Mw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-WBXvQrtXFqPan2_VO1A6nEEOheIf3rN8c5l2Mw

Request Chain 199

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=H3PtJhFV1K5FvbHbWiwxjG4baaSk_mI3

Request Chain 201

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sBnqxXT0whPGYlHpN0miPt9JthAPcp8n

Request Chain 203

https://ib.adnxs.com/setuid/a9?entity=188&code=k9CKJ4c8Reu88KvC5nihtw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=k9CKJ4c8Reu88KvC5nihtw

Request Chain 204

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=nEuGYxmPRBKzmH59-hFVrQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=7c9b21c2-6efc-4552-bb75-3df6109dae10

Request Chain 206

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=216613104469004841392&ex=neustar.biz

Request Chain 207

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=H-BCax7hTs-iSSQAQCB9mw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCNB4vW7SCjQxmesRMYr3gAA

Request Chain 208

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=a5e04fbd085b54cca61eeb81c8cb0abe

Request Chain 209

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 210

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Sdr2JLFlSQa4U755k7hkew HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Sdr2JLFlSQa4U755k7hkew

Request Chain 211

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=839eefda-fc94-4be4-b993-0bcc765c61de

Request Chain 212

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=b878f00b125149ea8db73d81008c67f5

Request Chain 214

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-60SonFlE2pGVmXpCCNScQ2ADh.zv4dSM55CN~A&status=OK&ex=gemini

Request Chain 215

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 216

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 218

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7c9b21c2-6efc-4552-bb75-3df6109dae10&ex=improvedigital.com

Request Chain 220

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10f7a7f7a1ec4bbee

Request Chain 221

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AfIiCKdFRTyoy5Y_nXdz1A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AfIiCKdFRTyoy5Y_nXdz1A

Request Chain 222

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=C9YpPN-bRSaCdveSYtH0sw&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=C9YpPN-bRSaCdveSYtH0sw

Request Chain 223

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=p-LtsxSCQzqv89LNuamU0A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=24634985065433856903315103196366162142

Request Chain 225

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5386738429647593537

Request Chain 226

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=ed1935f6-cd9f-11ed-8595-1fe3cd8f0206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ed19358c-cd9f-11ed-8595-1fe3cd8f0206

Request Chain 227

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%226c916066-d589-4784-ae92-a1833c871ed3%22,%22Time%22:%2220230328T193707.900085%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEC4lLe1EWd0kgzw8nDrzN7Y&google_cver=1

Request Chain 230

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=09152d03d4989325370406154467d01a

Request Chain 232

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LXF20qWPAlCglCSYPaNF6zc4ZO84ZgIC

Request Chain 234

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CEBF4DD92A6E893F

Request Chain 235

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8029378976828790987&ex=appnexus.com

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=EQZ4dX_WS826oNoRNhE5aA& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

246 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
click.mwhealthcareconsulting.com/ 81 B
389 B 217ms
107ms Document
text/html 170.187.185.18
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZ0b3BoZWFsdGh5Y2hvaWNlLmNvbSUyRjd1cnc=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.187.185.18 Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

vsrv379.armadaservers.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 28 Mar 2023 19:36:58 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 7urw Show response
tophealthychoice.com/ 655 B
1 KB 391ms
134ms Document
text/html 2606:4700:3032::ac43:8948
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tophealthychoice.com/7urw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8948 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389aff115aba28f6bd5a20042a1728d07125a4b8c2d739ca8cf3821cb0c99800

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://click.mwhealthcareconsulting.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af25337ebc93643-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Tue, 28 Mar 2023 19:36:58 GMT
expires: Mon, 07 Jul 1777 07:07:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN3hEcssRaumiV%2Bm8mMVx4uXFqI2q4C7ZOsHDudcx9GdZyepvPbUNmdr8GSQA%2BwasUBB0wRsLc9hgwEGzFoLSQtoos%2FDetlecV%2BXCVuSQPFvEuO876Gv%2FE51xkStgwfOxPLV4F3ayQBtLRFJH1DUVNw%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-redirect-powered-by: Pretty Link Executive 3.3.2 http://prettylink.com
x-robots-tag: noindex, nofollow
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 javascript-redirect.js
tophealthychoice.com/wp-content/plugins/pretty-link/pro/js/ 99 B
494 B 51ms
50ms Script
application/javascript 2606:4700:3032::ac43:8948
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tophealthychoice.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.3.2

Requested by

Host: tophealthychoice.com
URL: https://tophealthychoice.com/7urw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8948 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tophealthychoice.com/7urw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by: Engintron
age: 938852
cf-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 13 Feb 2023 09:40:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aKC8%2FoiJkFWmJ77ET%2BCvLjwrMuG7rcSFxOcD3ydSl%2F1MFW9ftoLJHqX3cWJ7p%2BQy%2BfG3nvZ5Ens1cwAfrMg9UNtNL0erAgXsB%2BRXHSd0u85Yqe3leKK1n%2FVKI5YfNrE9B%2BSn6FAx60G4U9JOQ4oGcRYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7af25338cdb33643-FRA
expires: Sun, 16 Apr 2023 22:49:27 GMT

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-vsl01-aff-2/
Redirect Chain

https://go.maxweb.com/6755/302/2/?&subid=4magiop0327goldenrevive
https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230328193614136&aff_sub=302
https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

99 KB
19 KB

214ms
90ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Requested by: Host: tophealthychoice.com
URL: https://tophealthychoice.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.3.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 38203fde3b708cb87a218241002c32f6dc0eb0736d10f98f649314bbcf3e02fa

Request headers

Referer: https://tophealthychoice.com/7urw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 18108
content-location: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 19:37:00 GMT
etag: "ak:2b633dedfa854a928c7338f79ee52aa8"
link: <https://pages.upwellness.com/uc-grplus-vsl01-aff-2/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: fbe91892-5070-465e-914a-d53bab95f199
x-unbounce-variant: ak
x-unbounce-visitorid: 2b633ded-fa85-4a92-8c73-38f79ee52aa8

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 28 Mar 2023 19:37:00 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 10299e621b2b1d934068d6d5f18560
X-Request-Id: dfffacdaee10cb28842e9d662880dc6b
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 205ms
48ms Stylesheet
text/css 52.222.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-14.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:22:01 GMT
content-encoding: gzip
via: 1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 5768100
etag: "3d27e56a34e34b278ab5e182cbc3b587"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: PDygMDQhe3jQxubatUHrNBQoeMD0oJb46q2npVstsv5fdRl-MaT9iA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 156ms
54ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9764473ce60098276bdbe04bc4f1972ce8e085bac3bd8466f4ebcb825974c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68965
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 rainmakeradventures_lander.js Show response
cdn1.decide.dev/tracking/ 8 KB
4 KB 186ms
47ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.decide.dev/tracking/rainmakeradventures_lander.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 5fcf16da104a4c57a805b0b7d4f4b86972e5ef555ce33d5c6961f27e3806c491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 16:48:56 GMT
etag: "851d4fc77aafaf706108376b638e6a36"
x-hw: 1680032220.cds334.fr8.hn,1680032220.cds052.fr8.c
content-type: application/javascript
cache-control: max-age=3134
accept-ranges: bytes
timing-allow-origin: https://decide.dev
content-length: 3393

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 185ms
50ms Script
application/javascript 2600:9000:20e1:8400:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e1:8400:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 21:45:18 GMT
content-encoding: gzip
via: 1.1 726c1817cdd65c9f70abf7d94b29ae84.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
x-amz-cf-pop: CDG50-C2
age: 1633903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1865
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HVwLsMQgV8SfS5ktuRRBU57inR6McucOPpuf9NItG_boP66tDF3C_A==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 170ms
44ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06d62a2b9c28af272fe93e33a1a3fbcec1fdbbd3d8cb53e934ff5896fc6c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 1924
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: CgYN7GIsjoEFZDw=

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 163ms
48ms Script
application/javascript 2600:9000:223c:d200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 02:14:20 GMT
content-encoding: gzip
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 62560
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: aqdZzAJQBTuaybURxGB5-cs3WwdCM0POP4W4vv7_Dsz0On-TTNF0hw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 79ms
70ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e843d0472f7524f2e50f8aaedf34579dc66adb1a3e2bb76b5fec62fb40d26a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51592
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 61ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dda4fefbe89feab6f6fbe266c46c8c6996cd6a995f15c715bbc42914580509a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51592
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
75 KB 129ms
121ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425fd7c33a2a4631ece1abff87efa627d44cf42eadf79689510c9d2375bbfe9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76621
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 186ms
91ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

def564fc498bc5147cf79aa16e5a6f93789115cc0f4740b0b089df37fa6ba132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 aeu9oe7qwy.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 252ms
133ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e72ac596eba62521f2d7e2e9182f96ba7409a304a6e3d1f3755613b18aea45b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 13854
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1830
x-request-id: 5df694d0f1181a878e4988d97bccfc53
x-served-by: cache-iad-kiad7000112-IAD, cache-hhn-etou8220020-HHN
x-runtime: 0.059068
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032221.637418,VS0,VE1
etag: W/"e72ac596eba62521f2d7e2e9182f96ba"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 75, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 632 KB
115 KB 162ms
43ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

194b61ea7c150cd887afff564f576ac2fd1d96e8d210feb18f43d2d5bdc90f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3046
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117209
x-served-by: cache-iad-kcgs7200050-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032221.637388,VS0,VE0
etag: "cec2176cb63a6ce990ceb31dacdd0252"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 416

GET
H2 200 swatch
fast.wistia.com/embed/medias/aeu9oe7qwy/ 4 KB
4 KB 232ms
129ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
access-control-request-method: *
via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 273060
edge-cache-tag: 70fbf40348dd63aaaf45d99e420da13d
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 137
content-disposition: inline
content-length: 4021
x-served-by: cache-iad-kiad7000125-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Wed, 23 Mar 2022 20:25:50 UTC
x-timer: S1680032221.636878,VS0,VE1
etag: lrM1Y6_QEry13u2N8o5VL3hEPrc=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache, max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RqWRSrFZowkUxO8IzNWHERUTXSiB4o_X32PfvZrrEMSLz9PUP8Hzwg==
x-cache-hits: 282, 1

GET
H2 200 tmmqdtznyg.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 236ms
133ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/tmmqdtznyg.jsonp

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9abfe2e64f8fe1d51ec458aa9c38886240600d589d8013a1d2e5ff033b45391d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 13854
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1817
x-request-id: d32f4cdf12623664a888adb5f2bc2938
x-served-by: cache-iad-kcgs7200078-IAD, cache-hhn-etou8220020-HHN
x-runtime: 0.049551
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032221.637365,VS0,VE2
etag: W/"9abfe2e64f8fe1d51ec458aa9c388862"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78, 1

GET
H2 200 swatch
fast.wistia.com/embed/medias/tmmqdtznyg/ 4 KB
5 KB 158ms
132ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/tmmqdtznyg/swatch

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
access-control-request-method: *
via: 1.1 5840e9664aef77d9be1f708259e60d56.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2
age: 273060
edge-cache-tag: 3d63ce184da0f56b6950516693e7887c
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 114
content-disposition: inline
content-length: 4324
x-served-by: cache-iad-kcgs7200153-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 13 Apr 2021 18:37:38 UTC
x-timer: S1680032221.637364,VS0,VE1
etag: bEpX6TOqD88vZ49D9em1U_6D-sE=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache, max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nRwWZQ3jgZ5Ezuzah1VIPkcgQFyFS53vA3QKy1Jhu-doWoFv-NEnIg==
x-cache-hits: 291, 1

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 507ms
232ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
812 B 456ms
136ms Script
text/javascript 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-88-218.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 279ms
125ms Script
text/javascript 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-88-218.compute-1.amazonaws.com

Software

Apache /

Resource Hash

fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 744

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 632 KB
115 KB 140ms
44ms Script
text/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

194b61ea7c150cd887afff564f576ac2fd1d96e8d210feb18f43d2d5bdc90f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3046
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117209
x-served-by: cache-iad-kcgs7200042-IAD, cache-fra-eddf8230078-FRA
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032221.783908,VS0,VE0
etag: "cec2176cb63a6ce990ceb31dacdd0252"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22, 81

GET
H2 200 main.bundle-e1f0b93.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
34 KB 71ms
64ms Script
application/javascript 52.222.174.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-14.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 23:57:42 GMT
content-encoding: gzip
via: 1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
x-amz-version-id: 17zN0KsTjJudzmBpRx16GR4geRdzQrok
last-modified: Thu, 09 Feb 2023 23:08:27 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P2
age: 4045159
etag: "66a5c759b0a898469971e281c08667e4"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33858
x-amz-cf-id: XqBSmt4ucUZl7xmFcLRTP9pAcdoCO6rJ-LQ5C71-kKROIGV7--IG3A==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 166ms
54ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XPPVXV74HJGSFZPS
age: 36920045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: iFZMTmqYDg1vFLpWrsN+2ZZJD8Hqaw8yStR3XTY5ak3D17lu0EYIO3Lz38i7xBtuX7agJVjQqn8=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvZOv9lyH%2FQSfZBwipLGkPs8XR2UmDx5STDTk8CJyBGvO8cLr8SUlOYyv9epNtyIKaKvhicgYfq12V%2Bl9I8agLTVby7mR6y8JyngxDLZZqQ5qw%2Fji0Vj9bx6TKCPXB6WHo9%2BpMDdCgKbRASf6%2BE7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7af2534418c4bb43-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 140ms
45ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 19:37:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2UTXPVT44eQlzfJEkJ3b/b9EuWpbEah3jiNekEnnmHQBxaUkkDOfu2pl9gZq+SMRReflEKh94Tkxgec507P9yQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 20 KB
7 KB 146ms
41ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Mar 2023 14:14:18 GMT
Server: AkamaiNetStorage
ETag: "f5b26a8a79c33830b47954a53cc355f9:1679753797.689802"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6385
Expires: Tue, 28 Mar 2023 19:57:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
752 B 176ms
41ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ff8380e1cd4e31ccf877aff589c0f0ac4dc16f0d3d4476d9001f69f0c42c98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
x-cdn: fastly
etag: "e524dc72fce18b784da6f9faf16ef525"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 484

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 389ms
51ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:36:39 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: G11E13TBFEKS12GC
age: 24
x-amz-server-side-encryption: AES256
x-amz-id-2: 8HTZFf+7v76BXem20T133sHPJ9oZXnlByC+9fyNTRiUoRMKboYRjZSjxttuHrlB+pJhAL/e7TAs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 237ms
142ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dd7d12d4cc195e05cd72a9623588ecabf14c71d7037558b22cee18309ee35b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: lbGvRh7bbdHCjxZmiWng2jlHfLOJD8Ds
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Mar 2023 19:37:00 GMT
x-amz-request-id: 2TZYH0YKP2K382BH
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 18202
x-amz-id-2: GfVrAUe0zwvp79SraURuxaTfy3OIAqL6svfVgbFIeslN3kHj4pMKzPaZ6yIMF+nAOu2ItikLvhI=
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Sun, 26 Mar 2023 11:19:51 GMT
server: AmazonS3
x-timer: S1680032221.865571,VS0,VE102
etag: "90223f6bb30466ad3ded8b0890170164"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 650ms
205ms Script
application/javascript 44.236.178.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.178.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-178-245.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Sat, 25 Mar 2023 00:58:31 GMT
server: istio-envoy
etag: W/"641e4737-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 288ms
152ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d57fb1e6ef031860f2be97c45c3483595ad43dcea544cce26af8eeebd2c224f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 30cbbb48.21571c2c
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 103,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=19, inner; dur=2
content-length: 1364
pragma: no-cache
server: nginx
x-tt-logid: 202303281937016578CA576059A7841AD3
x-cache-remote: TCP_MISS from a23-39-229-76.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.39.229.76
x-tt-trace-host: 01f6bb0cf4844e897ed9b879250ec23f0f0833f0b888afb7226f3529443615244bef0f88a11ab303b78baed0a62f6a2118c0d433efb75cc2061e0139e573b1ece7174338e4a4b86c2c2f36b94738252a00e2b1be02ef632f816aa18d9aa81f3adbb4c0dec54838e48ae84df0eb9e6cf459
expires: Tue, 28 Mar 2023 19:37:01 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 149ms
40ms Script
application/javascript 13.32.99.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1680048000000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Tue, 28 Mar 2023 13:53:04 GMT
x-amz-cf-pop: FRA60-P3
age: 20637
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: kMITpMbXyevV85fqn2-tFHAY53LsD0mTDhzIpfKP4z72bapih5uZhg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
64 KB 97ms
93ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd4e0adbc96f35ad5364693737b842784352fba23f784be1f46d348919feada2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65419
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 220ms
137ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ca4b0a1491f3835658e0d32322e580be33525720ca169662e855a77b521a6503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 96ab6368.21571c2d
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 93,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=7, inner; dur=3
content-length: 1367
pragma: no-cache
server: nginx
x-tt-logid: 20230328193701C54923F5E929EE713096
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.19
x-tt-trace-host: 01f6bb0cf4844e897ed9b879250ec23f0f0833f0b888afb7226f3529443615244bd0dcfe262b489c963486989648a2edc502ad6c891f7e2753e4ccc36c3758447f73e5d626efddac3fd348c7637734b36d254ac1501dec4a9dfc56d3775b082d4258169eeb60436d8e29e12dbce6bc9a3f
expires: Tue, 28 Mar 2023 19:37:01 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 154ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1680032220551&cv=11&fst=1680032220551&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&hn=www.googleadservices.com&frm=0&auid=1549491255.1680032221&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b6b88998539a1da1c2c2c20f6710f021a152d51bac4c20d847ae2b70f2e982e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d8cb20b0e5a195687ff0b072588be3ef3d3f6e6f587b13abc5013a28d38078d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51606
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9332d5be64d5e995c8782b2c7ecb020424c563edb6846409fead5bacccbf3d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51616
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
75 KB 86ms
86ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

186d0a6821fe745ffd646bc6459cd58b564525f1c7183dc156e80250983ccf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76602
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 178ms
90ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1680032220600&cv=11&fst=1680032220600&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&hn=www.googleadservices.com&frm=0&auid=1549491255.1680032221&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f44818015513d7704b241155e4f5317652e92991180d6f2f1aa654bc7f3c506c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
1 KB 165ms
88ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1680032220620&cv=11&fst=1680032220620&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&hn=www.googleadservices.com&frm=0&auid=1549491255.1680032221&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e39692840819ae83b8d09032153847a906c71c485648e44ca34db43cbedcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
2 KB 91ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1680032220662&cv=11&fst=1680032220662&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&hn=www.googleadservices.com&frm=0&auid=1549491255.1680032221&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e1c4a6fd0266a004c53debeb4eec7002bcfb753fa26f3abbeba97a602cb82ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1300
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 147ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 18:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5510
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 20:05:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42dc4e01565a25b6ec9af8bb2e591c17cf165052abaa1cdfcc1751addf3390fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51587
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 19:37:00 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 196 KB
197 KB 192ms
51ms Script
binary/octet-stream 18.66.137.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: click.mwhealthcareconsulting.com
URL: https://click.mwhealthcareconsulting.com/?t=c&ids=NDQ2MDI4MjI1__NDI5Mg==__ODYwODU1MDc=__ODk4__1052&url=aHR0cHMlM0ElMkYlMkZ0b3BoZWFsdGh5Y2hvaWNlLmNvbSUyRjd1cnc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-164.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: q7mG7hlker5FRiUNkg8qVdDD2fjHsOUI
date: Tue, 28 Mar 2023 19:32:07 GMT
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 201018
last-modified: Mon, 20 Feb 2023 17:59:47 GMT
server: AmazonS3
etag: "cef37c380b37f6c7fbe85e3594e7f2d8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: XYcid635UXKR1GqE-YoUoFbVAV0Mu53HvbxtNfMZ7UsQIqUd-Do6cQ==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 167ms
53ms Script
application/javascript 108.138.17.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:56 GMT
content-encoding: gzip
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1215366
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: zc8MTdylY9Y7lFQosQxbx7YNs2O71C7fM-YJ4kkERMwN3T0wBq00qg==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 56ms
56ms Script
application/javascript 2600:9000:20e1:8400:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e1:8400:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 05:05:45 GMT
content-encoding: gzip
via: 1.1 726c1817cdd65c9f70abf7d94b29ae84.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C2
age: 2385076
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: 8PLRcY5jKbxZaW8kGr46HUazWOkxwGFwXEa42KfRLXrZ6kXF0CS_5w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
2 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1680032220758&cv=11&fst=1680032220758&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&hn=www.googleadservices.com&frm=0&auid=1549491255.1680032221&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

820f3f72f3ffa9f84894ba2dd01f6a90048e82124d005169f78f29e3ff5793a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 67CC 15 KB
6 KB 154ms
50ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

04971705dcd7ef441d0cdfed3de59b62af5c279b75c2b60d14116a1ccaf23acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 19:36:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 961460
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1680032220961&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%2...
https://rp4.liadm.com/j?dtstmp=1680032220961&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%...

13 B
553 B

422ms
120ms

XHR
application/json

52.202.32.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1680032220961&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Ftophealthychoice.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6Mw%3D%3D&n3pc=true

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Server

52.202.32.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-32-237.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
x-pixel-event-id: e5c217f0-dc80-437e-8f1d-ad17b112f89a
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 726508c305d42dd4
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 28 Mar 2023 19:37:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1680032220961&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&wpn=lc-bundle&refr=https%3A%2F%2Ftophealthychoice.com%2F&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&i6=MmEwMTo0YTA6MTMzODo5Mjo6Mw%3D%3D&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: 8a4f21282de4b89f
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 383ms
119ms Image
image/gif 34.230.252.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1680032220984&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&refr=https%3A%2F%2Ftophealthychoice.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=497a3b14-caac-45ab-901d-4dd353403b7a&dtm=1680032220983&vp=1600x1200&ds=1600x1251&vid=1&sid=26dfa9d3-30c1-4718-96d2-c4ec2ba40512&duid=a6f51f72-59a8-4b6f-9fe7-f761d610d25f&uid=2b633ded-fa85-4a92-8c73-38f79ee52aa8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJzaW5nbGUifX1dfQ
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.252.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-252-255.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1680032220991&cv=11&fst=1680032220991&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&hn=www.googleadservices.com&frm=0&auid=1549491255.1680032221&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb9d969ff4fb88d8db556a6f9d8886e684e29e68dbb7aa4d705f4a0a6f47509a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 125 KB
31 KB 42ms
41ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c36c35defd7d43c06001ead5fdacefba8baa03194a67da2de6463352715000d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3047
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 31342
x-served-by: cache-iad-kcgs7200084-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032221.094491,VS0,VE0
etag: "016203285cbc7b972a7d08a7da0fa549"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 43

GET
H2

200

sid Show response
mug.criteo.com/ Frame 67CC
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=csbzzHxXSlRKZmtTVUpVTHVkam5DZWw3U29HR05nbFYwWjRzaW9abnllVUJpRkVKWlJkOVRZbjFkYXc1UmNMRkg2cUJXYnEwVWVITjJWWWJuQ2VRaGtKQjF6TzhaeW8zclRnUlVlb2MzSEp6d0xPeHN6TER4cEdRWkxLR2...

433 B
657 B

303ms
53ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=csbzzHxXSlRKZmtTVUpVTHVkam5DZWw3U29HR05nbFYwWjRzaW9abnllVUJpRkVKWlJkOVRZbjFkYXc1UmNMRkg2cUJXYnEwVWVITjJWWWJuQ2VRaGtKQjF6TzhaeW8zclRnUlVlb2MzSEp6d0xPeHN6TER4cEdRWkxLR2Q5T1hrWHdGdTF0b2Z3Q2FVcHU0K2xqUW96Z21uYXN1R0FvL2JReXJUVFRUZGR6cXgxSWdLTk9TVEJWbmxlYjFCWEQ2cjRaeDIwSUg0bG1wcUR4NE1TV25MTjFTaFBoSHoyMXFucUVjWVRuYmNnOE9pVlR4UG5heW5TUUtkNkh4aTlWRTJSNFNKNGh2bmxlNXI3TWZ3anhhVkZlVGlkZz09fA&cppv=2

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a5f6328ce26514370dcdfda78a7e12e1a9fd8d574205b7e27c22ca60f180331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 10168535
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=csbzzHxXSlRKZmtTVUpVTHVkam5DZWw3U29HR05nbFYwWjRzaW9abnllVUJpRkVKWlJkOVRZbjFkYXc1UmNMRkg2cUJXYnEwVWVITjJWWWJuQ2VRaGtKQjF6TzhaeW8zclRnUlVlb2MzSEp6d0xPeHN6TER4cEdRWkxLR2Q5T1hrWHdGdTF0b2Z3Q2FVcHU0K2xqUW96Z21uYXN1R0FvL2JReXJUVFRUZGR6cXgxSWdLTk9TVEJWbmxlYjFCWEQ2cjRaeDIwSUg0bG1wcUR4NE1TV25MTjFTaFBoSHoyMXFucUVjWVRuYmNnOE9pVlR4UG5heW5TUUtkNkh4aTlWRTJSNFNKNGh2bmxlNXI3TWZ3anhhVkZlVGlkZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 448719
content-length: 0
expires: 0

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 521ms
123ms Script
application/javascript 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:01 GMT
X-TraceId: b148f8da19451d136d50d7055431b89c
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 503ms
117ms Image
image/gif 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0307559057065083&referrer=https%3A%2F%2Ftophealthychoice.com%2F&marketerId=00ecfc580bbba23ea48e25b4bb418ef655%2C00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:01 GMT
Cache-Control: no-cache
X-TraceId: 10429be0a94b9042c6b28036fef1c6fc
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfe8af3b10655f0863d2428e52f52699ac3f3b7d0fdfd3887cb35efc8242e10c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 19:37:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110392
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6ZA1DOjocFEo425PZm3HuQmYBPisXnZazdSK+GztTdoaLSn99gf03HXaUdqji+vJUH1g7b2KIPZc19wd7ELLaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 thumbnailTextOverlay-v2.js Show response
fast.wistia.com/assets/external/ 84 KB
26 KB 47ms
43ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9b0d91e8e65b08938cb76ceefafb488c027824895e531f72260b1c2c89992a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3045
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 26746
x-served-by: cache-iad-kcgs7200042-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032221.167052,VS0,VE0
etag: "ed1b57de50f73a772d40dc97b4ddabdc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 3

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 71 KB
20 KB 48ms
45ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ed9e0d5afcaed5fe18ebb7d938824c4712703e31d79a3e53c26ea9bae9db9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3047
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19997
x-served-by: cache-iad-kjyo7100110-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032221.167412,VS0,VE0
etag: "69b0cb3b82b79199bbc48f067146ef5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11, 15

GET
H2 200 main.7ba116b9.js Show response
s.pinimg.com/ct/lib/ 56 KB
17 KB 44ms
42ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.7ba116b9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bea1fcc84e0690ef12eebaa114be35c46f92e19022767f32b962788a60b3e1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
x-cdn: fastly
etag: "9c6e2e41656c92a4def190e70014e481"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 17420

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 632ms
203ms Ping
application/json 35.160.236.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1585718645907906561&uid=1-idbs5d07-lfsnt2c1&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&ts=1680032220495&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20111&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1680048000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.236.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-236-237.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 73ms
64ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1680032221220&data=%7B%22id%22%3A651%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680032221215%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22e%22%3A%22https%3A%2F%2Ftophealthychoice.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680032221219%2C%22ref%22%3A%22https%3A%2F%2Ftophealthychoice.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e71f579a75f30206c82ba1728603d650583f110b9e8b91d83318f65514f44b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms: 24
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230064-FRA
server: nginx
x-timer: S1680032221.250489,VS0,VE24
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 9 KB
4 KB 193ms
51ms Script
application/javascript 52.222.149.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.149.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-149-85.cdg52.r.cloudfront.net

Software

Resource Hash

0d587f248ea1c0d1c3b3a3fc4d5d5c9b6a46ec99da9389b7bb5c846b5cee0938

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 19:36:57 GMT
via: 1.1 33f7e3e8ae7caf5d589fe55fdfeb705c.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
age: 4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/07b01d059696e3e73ca027a41af7f115
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: CUASBx8XX-fslN2Iy8oVgAu9K8jKfJEltVKE1MXUeaspKG5kuZxSiA==

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 208 B
1023 B 242ms
241ms Script
text/javascript 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=https%3A//tophealthychoice.com/&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff-2/%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-88-218.compute-1.amazonaws.com

Software

Apache /

Resource Hash

92757c48c846b8f8c1954ccb09a3a4b7e086ca408e4e346cf09c8085dc6ea2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 137

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
455 B 163ms
59ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1680032220662&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1768581154&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
108 B 162ms
58ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1680032220662&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1768581154&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 118ms
60ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1680032220551&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=950636165&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
455 B 151ms
55ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1680032220551&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=950636165&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTU1Nzk2ZDUwMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 259 KB
68 KB 45ms
44ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 457a6bbd32523a72293e8041d1ba07046b5f2c936c20b63b3e6786545ecfcb7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 21571e0e
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230328150706EFAD1E9937FA0FA77000
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e612b859293f53b173e8b9478df2340e08a9d0aac307e5ce56efe001f4ba18079c3d7eeea8f61afd69922332cf47b5f1bfc664fc7a236fa07e882f15737719de60381a29f68846cce858cc6905115aaae52a7c36251d178e405fa6111cc41e93
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=12
content-length: 69107

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1680032220620&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2800317584&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1680032220620&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2800317584&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 54ms
54ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1680032220600&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3932703105&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 59ms
59ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1680032220600&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3932703105&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTU1Nzk2ZDUwMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
65 KB 60ms
60ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cb922ba96736c011c5c8e3bad8312a52b45f3afd24ed8791d050c52ea2b2f407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 21571e10
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202303281506484FD1F270E6F4BC9DE306
vary: Accept-Encoding
x-cache: TCP_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018a6390255bd0a08117a175a6f461aa8d51d5d7f9fab8015f227a45d63e3a420591f89f06a01431f17553be6f2de5e4a454100adca87dc14341845c23cb51c80fafffd5fbac1c1937222118876e3e1acd79353c681a3a203aaa31db5d0717417a
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
content-length: 66186

GET
H2 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
108 B 52ms
51ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1680032220991&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=335136832&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
108 B 59ms
58ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1680032220991&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=335136832&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
375 B 131ms
52ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:45:46 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: T3Y1VKF21JVZPFEW
age: 31877
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: qj4zCobCRPTjmO/Fa2f6FYEAVjtdxmkHPXsQ7JnYduv5RUecIztBFyHZuhYSDT6AvqNqiY2oat4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
678 B 130ms
51ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:31:04 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DQM2R9JAP8BT3R79
age: 7558
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: GuZrJcBzkFNMePj7iCgz/4gtsk8kZbkUYmFl7ayH+ALD0WqC0oaSb7FdmhQqBGwG0v+tx8U0+0Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 160ms
47ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28307243-3&cid=1993990626.1680032221&jid=1492209788&gjid=772749006&_gid=2134981432.1680032221&_u=YGBAiEABBAAAAEAAI~&z=1744357409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 19:37:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
189 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=298420016&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&dr=https%3A%2F%2Ftophealthychoice.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=1492209788&gjid=772749006&cid=1993990626.1680032221&tid=UA-28307243-3&_gid=2134981432.1680032221&gtm=45He33r0n81M3S986P&z=382815724

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5510
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1680032220758&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1039917516&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 57ms
56ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1680032220758&cv=11&fst=1680030000000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ref=https%3A%2F%2Ftophealthychoice.com%2F&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1039917516&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
857 B 241ms
74ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1680032221423&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7ba116b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.d0d5ce17.1680032221.533b0c7a
x-envoy-upstream-service-time: 4
content-length: 372
x-pinterest-rid: 1544126502507525
pin-unauth: dWlkPVlqVmlOMkl4WVRJdFlqVTBZUzAwWW1ZeExUaG1NR1V0Wm1VM01EUTBPREE0TjJNeg
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 138ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032221546&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 138ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032221547&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 143ms
46ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032221548&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 143ms
47ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032221548&sw=1600&sh=1200&v=2.9.100&r=stable&ec=3&o=30&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 144ms
47ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032221548&cd[content_name]=replay%2C%20rt&sw=1600&sh=1200&v=2.9.100&r=stable&ec=4&o=30&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 73ms
73ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22ref%22%3A%22https%3A%2F%2Ftophealthychoice.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%227ba116b9%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1680032221595

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.d0d5ce17.1680032221.533b0c8a
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 3178139436986750
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d0a1fb999ec98584973653dd06314b37.png
embed-ssl.wistia.com/deliveries/ 74 KB
75 KB 229ms
65ms Image
image/png 2600:9000:218c:be00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1920x1080
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:be00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 34578cbb643e46bf7c804a6f3d09d73b2cb6b5943a19d89a31d5bcf722f66aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 12:29:13 GMT
access-control-request-method: *
via: 1.1 5321ce1f67b98139d1f43997aea9b44a.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 532514
edge-cache-tag: d0a1fb999ec98584973653dd06314b37
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 269
content-disposition: inline
surrogate-key: d0a1fb999ec98584973653dd06314b37 thumbnail-delivery
last-modified: Wed, 23 Mar 2022 20:25:49 UTC
server: envoy
etag: tJ3EleqAZ47Lgdp3kPTx6wApZy0=
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: rxXpte6PlEaKBWVvFsZ43Dqdzhx-SFpHzJZ7a46CovsQ8f7FEku8CA==

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 485 KB
112 KB 42ms
42ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe50ae8e0cade09e78b21fd77b1985ea3a282d373c2e61041dd2c612718f9770

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3047
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 114500
x-served-by: cache-iad-kiad7000075-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032222.743419,VS0,VE0
etag: "f88c296f9a532f5148353f2f53fc4e7d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 138

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 196ms
63ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2028%20Mar%202023%2019%3A37%3A01%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&e=https%3A%2F%2Ftophealthychoice.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Mar 2023 19:37:01 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 196ms
64ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&e=https%3A%2F%2Ftophealthychoice.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Mar 2023 19:37:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 79ms
78ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1993990626.1680032221&jid=1492209788&_u=YGBAiEABBAAAAEAAI~&z=1962856569

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
79ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1993990626.1680032221&jid=1492209788&_u=YGBAiEABBAAAAEAAI~&z=1962856569

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 236ms
207ms Image
text/plain 44.236.178.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ndclid=&rf=https%3A%2F%2Ftophealthychoice.com%2F&sem=&tm=0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.178.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-178-245.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:01 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
context-id: 71c66d83-ea82-440f-8774-8da28799b847

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 3 KB
1 KB 62ms
61ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1680032221736&data=%7B%22id%22%3A223%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1680032221215%2C%22cv%22%3A%2220230326-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22e%22%3A%22https%3A%2F%2Ftophealthychoice.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1680032221224%2C%22ref%22%3A%22https%3A%2F%2Ftophealthychoice.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ea332cb555764d1ec34555647a4db67cb86f554e028c6923bd0100f571d2945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230064-FRA
server: nginx
x-timer: S1680032222.758316,VS0,VE19
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Ftophealthychoice.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=P-uN...
https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Ftophealthychoice.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=P-uN...

8 KB
4 KB

506ms
134ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Ftophealthychoice.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=P-uNVV9KRkd6S2Z0UVlUNVhVJTJCSVduOGFkOTZSeGpVdkE5R0FUdDh3OVA0VUd4bk5LVHlqejA5RDA1TkJBck5NdWVzWHklMkJ2d0xxUmVrJTJGV28lMkZ4NWNwJTJCTDFsVTBMRlBLaExNTGVoWVJDbFZQciUyRlNvdmNDcFJOZGZxem1ZY250YVR1dW4xeUpxODVBOEY1MlU4cVZKczYzTzM1NFElM0QlM0Q&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10299e621b2b1d934068d6d5f18560%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Ftophealthychoice.com%252F&dtycbr=75837

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4b4608ac8cc4da5e555eeb284d6292438aac8e80b0d6fd9042c313ec5153c1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 18533240
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Ftophealthychoice.com&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=P-uNVV9KRkd6S2Z0UVlUNVhVJTJCSVduOGFkOTZSeGpVdkE5R0FUdDh3OVA0VUd4bk5LVHlqejA5RDA1TkJBck5NdWVzWHklMkJ2d0xxUmVrJTJGV28lMkZ4NWNwJTJCTDFsVTBMRlBLaExNTGVoWVJDbFZQciUyRlNvdmNDcFJOZGZxem1ZY250YVR1dW4xeUpxODVBOEY1MlU4cVZKczYzTzM1NFElM0QlM0Q&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10299e621b2b1d934068d6d5f18560%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302&pu=https%253A%252F%252Ftophealthychoice.com%252F&dtycbr=75837
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11858913
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK uba.js Show response
d3pkntwtp2ukl5.cloudfront.net/ 4 KB
2 KB 146ms
44ms Script
application/javascript 143.204.192.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3pkntwtp2ukl5.cloudfront.net/uba.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.192.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-192-5.lhr3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f18a5d228906cf78085b322bc7a3cb24fd01ec1aedd3fc865c6fdd43dfb0cef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 22:27:58 GMT
Content-Encoding: gzip
Via: 1.1 b5a534d08b2c383ce078e25aff3f2348.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Jan 2023 00:17:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: LHR3-C1
Age: 76147
x-amz-server-side-encryption: AES256
ETag: "9bc7a2a273a418c874990b6b630cfd2e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1425
X-Amz-Cf-Id: gwGb6PWI0o2irJL468nrfTqG21ippkH44EdHAb3ow_Iwo0-6AT4_JA==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 181ms
74ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 28 Mar 2023 19:37:01 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 10348A0E482342FAB45AEA7E45CBF8F1 Ref B: FRA31EDGE0615 Ref C: 2023-03-28T19:37:01Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 modules.3f303823017921c313c7.js Show response
script.hotjar.com/ 264 KB
68 KB 167ms
58ms Script
application/javascript 18.164.52.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3f303823017921c313c7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-40.cdg50.r.cloudfront.net

Software

Resource Hash

86986d6474300ea909176542575649e86e28b033e68b9af6177deef7bb8b91ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c0d1c71355dba844bcbee0b54705b9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 38754
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69090
last-modified: Tue, 28 Mar 2023 08:50:20 GMT
etag: "b1bcc4fd7382665a4f4986bf6ddf6294"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tlXWRBD8gzXFKTCzHIxNvYfC8I2U0eagI0xzDh-nMWWBJFYE4DVWkA==

GET
H2 200 identify_08840.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 42ms
42ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_08840.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-akamai-request-id: 2157211f
date: Tue, 28 Mar 2023 19:37:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202303281506493AC68598D9C7757FF8F3
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0123107fb3ce74a4fff5703a37a40d78c915e696f2352806f9a156c4b922d20bb74b7ad52f6fb07461bdbc917f4849c611701558581efef3b60f11b0e7b9d91996f82076f1b94a3fcb39f8d8fc76fb56de217d49519a9d3efb9a1959eed25611e3
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30626

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
697 B 161ms
159ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f239c0ef.215721ce
date: Tue, 28 Mar 2023 19:37:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 114,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=27, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303281937015E4DBBDD3774E8B4EB59
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.104.7
x-tt-trace-host: 01f6bb0cf4844e897ed9b879250ec23f0f0833f0b888afb7226f3529443615244bf6f1c235351038fb20cd537e915954ff1624e70b535934ae7339f28b3ce0b9bb33d15702f27984af6489e1d24441c5d019b68bc045f735d5644ccc0ae2bf7042747197a11437c9d3b4bce0936b05701f
expires: Tue, 28 Mar 2023 19:37:01 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 165ms
163ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f239c022.215721cf
date: Tue, 28 Mar 2023 19:37:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 117,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=30, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202303281937018C6DC054220014AD4D9C
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.220.104.7
x-tt-trace-host: 01f6bb0cf4844e897ed9b879250ec23f0f0833f0b888afb7226f3529443615244bf6f1c235351038fb20cd537e915954ffebe50a6ef8c1a61957f1bf7d2d0fd1bdca1764aeb526b8836529b45dcd1565bca465464ae23b0607d53a5ff050965082f8d6b1678999f196f23d4e667b911b0d
expires: Tue, 28 Mar 2023 19:37:01 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
695 B 210ms
209ms Ping
text/plain 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3bd4bf98.215721d0
date: Tue, 28 Mar 2023 19:37:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-parent-response-time: 164,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=83, inner; dur=71
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230328193701DDB57A70E2EF038C0169
x-cache-remote: TCP_MISS from a23-39-229-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 83,23.39.229.31
x-tt-trace-host: 01f6bb0cf4844e897ed9b879250ec23f0f0833f0b888afb7226f3529443615244be58e0666e32a9bb73b2502b0ad9ecdb1fc40b317479b7ac8daa0ff97fa48b791b1b9b1acc98e1a8cf6a2de4538e9aad8fb8bb732c9a827f4245deb5a9ce10b171fa3db50cfc5ce286daea026a451a5e8
expires: Tue, 28 Mar 2023 19:37:02 GMT

GET
BLOB 200
OK 79708b5e-6e0d-4280-958b-f6c7a31f264f
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/79708b5e-6e0d-4280-958b-f6c7a31f264f
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 5579
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 8 KB
1 KB 199ms
43ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

0cbbcfca95bcebbe80abb951e011dd0cefe9db438f44013c85ab3b3dfba0069b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 68587
x-amzn-requestid: e47519a2-dc83-471f-92af-177592cde547
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Cd1eIFpfoAMFiPA=
content-length: 787
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-642235f3-585a9a012e3ef6653c706d73
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: PAoTe0ZsbD2-ByeV-44smdg3IwMScExz-vESFjj9fbhgzOQt8b7V-Q==

GET
H2 200 ab7be666-white-speakericons-02_100x00o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 393 B
777 B 192ms
40ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ab7be666-white-speakericons-02_100x00o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: fB7hh2GXY4xH776rhFjDB.huUnYxlijz
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "3ff814e5236412c48f322c8898ef45bc"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 393
x-amz-cf-id: 143L1LfzxS1QnQadOwXRKWqneQ4Dsi8npkP7ZM8J_vEJ4IxnBCP0zA==

GET
H2 200 aa65686b-white-speakericons-01_100x00o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 404 B
787 B 193ms
41ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/aa65686b-white-speakericons-01_100x00o000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: SdpeYUy0MO5YORzMSVuy8_Viz6BsrTAT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "6d0abbec035ce0c4075e7e7b8ee68550"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 404
x-amz-cf-id: BcMOknHj7y0D-ZR1bkclLZ1L1eW9X4RPiwkwkqDSRiK_x8kOSjaQxw==

GET
H2 200 d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 9 KB
10 KB 196ms
45ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: .Gmi3My6fK6MRfntnmzV58_muKV8_4QH
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "6ca7442dfba9d9e783f10f04dfcaa249"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 9585
x-amz-cf-id: p8VByAwH0DYv3BjmwCSsZYfm6g7INI6FoC3Yg0Qa5b83xYbX-mCWxA==

GET
H2 200 c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 3 KB
4 KB 198ms
47ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: oeBknaNPvoQLDq5Vjl9iPaLAFTFHWQjA
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "b5c5f324193b5e16bbbeba489c9bf2f9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3345
x-amz-cf-id: uEoigHrLiGkFxD5TOz3_6h9UypaOBkKtlxwP2OSmaZPhHRRTKofb7w==

GET
H2 200 8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 742 B
1 KB 178ms
47ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: fJ1BeroDHIx_Jv06TKxztRzLjZ4lL_OX
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "b02c898ea0b0b138b4c46168d31ebc9b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 742
x-amz-cf-id: LWOu330IYW6ekEaLukRvHz_dO0LN0J1Vsh-VsKH1cM_0QhFdi--DZg==

GET
H2 200 a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 1 KB
1 KB 171ms
41ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: yum4p_rhAkm1nTYFAGE2wq7M_hUm20HT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "9ac72e37f90441dec8054ca9fad4f958"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1035
x-amz-cf-id: z_AmZabLxdQDgLXSD686K3d4GRG8TJDrnabogXFxX59VcmZV4kTtBw==

GET
H2 200 6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 3 KB
3 KB 47ms
46ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:34:51 GMT
x-amz-version-id: aDyvpqKXp41xw8HEvbuyhdy1xg3ZIqih
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4626132
etag: "3e5b99433b8b72478180f7e404014a0b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2978
x-amz-cf-id: p93GPd2n6pjBOc-S9QqH730DgEMymeL5SydkRWpXuHRjU56eG27vsA==

GET
H2 200 b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 1 KB
2 KB 47ms
47ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:42:27 GMT
x-amz-version-id: LRC9xH_tyLGqDeQoL2zKv3xFiu5U7Sws
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4643676
etag: "c3187d70acad4469f04dd3d18fa9e6c3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1275
x-amz-cf-id: -dvQZBhZ1t091fJ-MbJbD4nTR5fqvExz0pKjGisxDDjMHXpiW0PNyg==

GET
H2 200 d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ 5 KB
5 KB 79ms
78ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:17:38 GMT
x-amz-version-id: jAiQ1UJX3wNdQ.JEFJt3JzS5Nlzcc4b1
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4612765
etag: "86140e94391c453d7e943ecd2c76a385"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4874
x-amz-cf-id: Neems0E5_xTXlgGkUAUE55Jpq5xWgFhR2e6SwigMNaMAl3suiiLmow==

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame B804 325 B
811 B 430ms
429ms Document
text/html 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7af2534bee60bb43-FRA
content-length: 325
content-type: text/html
date: Tue, 28 Mar 2023 19:37:02 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTtYRWj8G2gRz7L3DP4nnbulZiMSrcB6bJIudTHlLrlbA1Az4TcI%2F6blrwD2KIoRHGj0EH8SYMTSHMcSp6YfEmgae8cPXcUtrD9Pyh0tjQgaAybJlSHFo7Gb5djOJ5NScUGT%2BLpQUTB6xt55%2Bbl6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: fBrXB321B4xsIaDWRmVjUdcFWCF0AT9NctVv3Ev658L2tPmkuxfNVueewba7cxlk3kMXetAxjpM=
x-amz-request-id: ECB2NCKYWCNXTX1K
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
544 B 178ms
167ms Stylesheet
text/plain 34.236.88.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.7014348251393696&r=https%3A%2F%2Ftophealthychoice.com%2F&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.88.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-88-218.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:02 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 aeu9oe7qwy.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 149ms
57ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5fdb0e547028256fdb5662c9e84afcf84927ea56148435c521ba356e7b6f0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:02 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 4
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 935
x-request-id: c58f7dc7c1223ec74a2585a10813a383
x-served-by: cache-iad-kjyo7100174-IAD, cache-hhn-etou8220045-HHN
x-runtime: 0.029943
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032222.210787,VS0,VE3
etag: W/"f5fdb0e547028256fdb5662c9e84afcf"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 134, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 149ms
58ms Image
image/gif 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits: 20, 156
date: Tue, 28 Mar 2023 19:37:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3048
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn-etou8220045-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 18:44:01 GMT
x-timer: S1680032222.215426,VS0,VE0
etag: "64233571-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i
events.ub-analytics.com/ 43 B
281 B 141ms
139ms Image
image/gif 34.230.252.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1680032222106&e=se&se_ca=external-conversion&se_ac=conversion&tv=js-2.14.0&tna=sp-ub-ext&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=24c69ae5-7231-45b0-b81d-9cc785d15b56&dtm=1680032222102&vp=1600x1200&ds=1600x1251&vid=1&sid=26dfa9d3-30c1-4718-96d2-c4ec2ba40512&duid=a6f51f72-59a8-4b6f-9fe7-f761d610d25f&uid=2b633ded-fa85-4a92-8c73-38f79ee52aa8&refr=https%3A%2F%2Ftophealthychoice.com%2F&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJleHRlcm5hbF9jb252ZXJzaW9uIiwiZXZlbnRNZXRhZGF0YSI6WyJjb252ZXJzaW9uIl0sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.252.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-252-255.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:02 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
118 B 141ms
140ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 28 Mar 2023 19:37:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0628EE6DA6AB4614955B4336D8D24947 Ref B: FRA31EDGE0615 Ref C: 2023-03-28T19:37:02Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 64ms
64ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=6235551b-5d3b-41e1-8ece-e674e8bef014&sid=e99b34d0cd9f11ed907ef5ceb833021c&vid=e99b51a0cd9f11edbf6833eb335109f2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&r=https%3A%2F%2Ftophealthychoice.com%2F&lt=2952&evt=pageLoad&sv=1&rn=662246

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 19:37:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14D0DCFD83AE4E2E9CA0448591BFE4E8 Ref B: FRA31EDGE0615 Ref C: 2023-03-28T19:37:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/795540/ 148 B
323 B 293ms
148ms XHR
application/json 176.34.146.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3f303823017921c313c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 176.34.146.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-146-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0810d0e635f12e1297c2f6f3bd6be187d2a7ad8f79e17f5dd16aea281d529709

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 19:37:02 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0
https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

3 KB
2 KB

252ms
251ms

Script
text/javascript

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e69a7ebc74fae03088b04bb833ad54daf80f9d22969466d36e3a5dde33e40bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:04 GMT
content-encoding: br
x-frontend: cc-nginx-7dc7d4cd6f-wvtwk:cc-nginx-7dc7d4cd6f-wvtwk
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 685beb1c-a20e-4bb9-aad5-aef89f95d5c2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKK2FDbROBzqhfKFELuTDR72PgYnRcORjybmO34v3B4Nif5%2BH59bq5JXuZ6w%2BMtwHJ2ms2Asa7knZFfr3gdYRQ9Leb6E1ijGRSW8uaK%2B2PQLtcfBzFKlPUvkxhL5wjSM6Kfv1L1aZf3FeZ67zToEKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7af2535949d4694b-FRA

Redirect headers

date: Tue, 28 Mar 2023 19:37:04 GMT
x-frontend: cc-nginx-7dc7d4cd6f-fd8jk:cc-nginx-7dc7d4cd6f-fd8jk
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 778d4a23-6930-494b-b8b3-c7065b186354
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXs4orotG5ewY3frkH%2FGGq9oLrdd0rNlP4vt3%2BA9CIudK5vCWiqqiTa3NtHtWob%2Fd9L0A7%2BqvifR8DTPahuIzpfIjuC1F4v5wA2XZ09jrtpYk976%2FWn6gtoSmyGgqpDN8CUNCse94KrIqoxeOmcy0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
cf-ray: 7af253505bb0694b-FRA

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 614ms
180ms Image
application/json 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0&id=cl4975ot4arrr6&uid=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 10 KB
11 KB 138ms
44ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 10104
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 10300720
x-amzn-requestid: 5ee39d7f-03c2-4a56-8fa7-101ecc9b2189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cXgrOG9UIAMFxyA=
content-length: 10127
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-638614ae-7f0f9074637e0bc574dfb42d
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jXMC_1DU88pHnL6G6kjOqcOpdpS1Jzf_HWIoQwiMb6ZNSKOUXzC99g==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 23 KB
24 KB 137ms
53ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3716960
x-amzn-requestid: 509c95d3-d3f5-450b-8dc9-809d9e060ac8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ASqTvGLXoAMF24w=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63ea8a7e-62e0d88b0540430257ad28f9
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6yRNIKPF3lUhdxkfhhW-aejAiiE9j0_S85NdlR5MuB-tbwwAhaCrhg==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 177ms
93ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 01:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15744
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1535417
x-amzn-requestid: bc80415a-38b4-412f-b431-11a6b999608a
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Bl4V8EYCoAMF7XQ=
content-length: 15767
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-640bd425-1ceecde01fec85fc66f458a6
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7K3aK9YtwhxjkNAXplFWH9wKUIQAoOSTwU4sx78gwW_2t5b4Uy1SRg==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 165ms
84ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15860
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2590336
x-amzn-requestid: e2ee13a0-ae51-4ddb-b17f-cf1621b41c86
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: A9o2xE3nIAMF4Qg=
content-length: 15883
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63fbbb5e-349c0b256f27effa782e5f55
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zGLE4tLx-OoJMaGdqemlThbjjLxYoxTi34puWNXSRR4TkgQCfp4xCQ==

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 0795 0
75 B 62ms
58ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://pages.upwellness.com
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://pages.upwellness.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 19:37:02 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 163ms
102ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 00:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15740
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3610172
x-amzn-requestid: a358f42d-c53e-42ee-b392-742c7974cbb4
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: AWvBdFB8oAMFviQ=
content-length: 15763
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63ec2ba2-0c8553043a02442b027a697a
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1r_6i6ZcDWKk6oFbCmwuSHg4QR9TMD-yDauYVmvl7kXDNYONodlnFg==

GET
H2 200 9f0335df980cfbc99b1506756335ffffa06da899.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 105 KB
105 KB 205ms
62ms XHR
application/vnd.apple.mpegurl 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 876de18e83e13739b393e42acd0287e6ec5fcc9d7f589a253026a2f9adb2595a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 11:42:31 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 460593
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
x-cache: Hit from cloudfront
content-length: 107228
surrogate-key: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BdiT7Z9VttPa07ooq-HondX7WaUGsyIr_XJXKjPeC2wj9-FeO0Mn1A==
expires: Fri, 22 Mar 2024 11:40:29 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame B804 389 KB
390 KB 138ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:13 GMT
x-content-type-options: nosniff
age: 523909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398319
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 18:05:13 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame B804 112 KB
112 KB 48ms
47ms Script
application/javascript 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:02 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KANG42Q0C9APJ6FB
age: 24247926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: 8PDk2zGeJ79BDndcONzUIVPyJ10oJ43AbUXFVlgVD4ErQCUWnKIxBTOInl/86yz5l1g6xaTGwO4=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0uy897uJriPxiQuRa3NtjXg1on3oROfdjGcK6A0xfJurdYtj8tm1CJrPLyMfWRjxgke591NIPWwNL%2Bf7%2BtRRWPxRPF5WrqZTdAtsqrtNPoQ8pUNhNWBxEzKuGfFRnKC6rVuGwVa20hqjOLKaCMT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7af2534eab09bb43-FRA

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/ 473 KB
474 KB 59ms
56ms XHR
video/mp2t 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 08:52:46 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 216475
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
content-length: 484664
surrogate-key: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VpCjoFggx_b0OSweDV9svT05aIL0TGTFq_rkchavsAMyDpJp-bmBiA==
expires: Mon, 25 Mar 2024 07:29:07 GMT

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
324 B 364ms
129ms Ping
text/plain 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 28 Mar 2023 19:37:02 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK firstVisit
io.v2.customerlabs.co/cl/ 0
324 B 398ms
163ms Ping
text/plain 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 28 Mar 2023 19:37:02 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
324 B 364ms
130ms Ping
text/plain 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Tue, 28 Mar 2023 19:37:02 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 42ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032222572&sw=1600&sh=1200&v=2.9.100&r=stable&ec=6&o=30&cs_est=true&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&eid=cl4975ot4arrr6ae0d47cb-37fb-41fc-a7cf-42130390da7d&tm=1&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 48ms
47ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&rl=https%3A%2F%2Ftophealthychoice.com%2F&if=false&ts=1680032222585&cd[start_time]=2023-03-28T19%3A37%3A02.572Z&cd[customerlabs_user_id]=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0&sw=1600&sh=1200&v=2.9.100&r=stable&ec=7&o=30&fbp=fb.1.1680032221545.1696314317&it=1680032221103&coo=false&eid=cl4975ot4arrr696832893-5d83-44df-9e1a-c67c31848e46&tm=2&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 19:37:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 438ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1590&scd=0&ssd=1&est=1680032221217&ver=36&isls=true&src=i&invt=1500&msa=51&rv=1&tim=1680032222807&vi=1680032221215&ri=119e1dcc8c6c3ab8e6de0d096a85ef98&ref=https%3A%2F%2Ftophealthychoice.com%2F&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 28 Mar 2023 19:37:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 438ms
44ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1591&scd=0&ssd=1&est=1680032221217&ver=36&isls=true&src=i&invt=1500&msa=51&rv=1&tim=1680032222808&vi=1680032221215&ri=47de4a45914741d28562a07ef0588be4&ref=https%3A%2F%2Ftophealthychoice.com%2F&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 28 Mar 2023 19:37:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
BLOB 200
OK 7500a42e-70cc-4154-a2ea-da1073224e9d
https://pages.upwellness.com/ 89 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/7500a42e-70cc-4154-a2ea-da1073224e9d
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Length: 91220
Content-Type: text/javascript

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame B804 178 B
1023 B 448ms
334ms XHR
application/json 2606:4700:3034::ac43:a9b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a9b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:03 GMT
via: 1.1 ab53e702b8e47433720e4402b160be84.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 178
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-P2
x-amzn-requestid: f3a51483-39e6-4b97-9a3e-66f494ac3cf8
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: Cgc66F5MoAMFVJg=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTb5uMpMBwNw1NhpQkx8ZQalxvf00CZLxVBWk1fWr19Rxj0FsmjwK1I8PRVYK%2BRh5WqIbUiQZx2JMkgqtvVnGkZ8wdeBkphESujlTozweagsCA%2FYEL9cUnnkfWdsEiFHm3V8tx2QClThPOX6FfEL"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7af25351dd389176-FRA
x-amzn-remapped-date: Tue, 28 Mar 2023 19:37:03 GMT
x-amz-cf-id: vS2zmFGJfK_qvIkI_5gWG0oQP9WS20uN_SX0uKTG90RTonPEPIyDyw==
expires: 0

GET
H2 200 2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 105 KB
105 KB 60ms
60ms XHR
application/vnd.apple.mpegurl 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: a25d2674b1e57094f1abce6ba27f63e639fbbf339bb164ed30d107d9d92f71bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:41:01 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 208561
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 93
content-length: 107228
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OweDT0eUq_kaH89qp6A8BHTRQ8-iuv9In7_o_tHgpFdeucYMcQ32SA==
expires: Mon, 25 Mar 2024 09:41:01 GMT

GET
H2 200 seg-19-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 268 KB
269 KB 59ms
57ms XHR
video/mp2t 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-19-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8e8bcffc1a544adc3948e0dbf31ca6be52ff083f5f68f952b96612922f399a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 14:19:46 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 278237
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
content-length: 274104
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CrwlLLIW5WU_veS7MewhBUh2ic4I4grwXjh7RMBo-fIcf6P1UNGYmw==
expires: Sun, 24 Mar 2024 14:19:46 GMT

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 209ms
208ms Image
application/json 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1680032221545.1696314317&customerlabs_user_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0&id=cl4975ot4arrr6&uid=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0&t=0&sc=1600%20x%201200
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 seg-20-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 259 KB
260 KB 56ms
56ms XHR
video/mp2t 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-20-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 2e89f0751d19ba20497a73a38871501d927e8f9e3e54afca934e80d899da85f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 12:32:31 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 284969
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 168
content-length: 265080
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YeqWvZU7KUORfhAehzOiklmfKRPd1KvuTswZt8KrYQk5vRQ0_8HviA==
expires: Sun, 24 Mar 2024 12:27:34 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 44 KB
18 KB 44ms
44ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a8fb6fd9cc5b9c9629d9877e2934bcf8ebb01d7a546e3882dc26d0b9d603f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3049
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18156
x-served-by: cache-iad-kcgs7200020-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032223.316003,VS0,VE0
etag: "d2edcc75b2e78ecab471dbf94e1b7bdf"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 78

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 495ms
119ms Preflight 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Tue, 28 Mar 2023 19:37:03 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame B804 0
200 B 119ms
119ms XHR
text/plain 3.210.192.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.192.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-192-5.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Tue, 28 Mar 2023 19:37:03 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame B804 70 B
715 B 356ms
239ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522e12b0f95-ccee-4a8c-a3e7-bf42a4070750%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Ftophealthychoice.com%252F%2522%252C%2522referrerDomain%2522%253A%2522tophealthychoice.com%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10299e621b2b1d934068d6d5f18560%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff-2%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D10299e621b2b1d934068d6d5f18560%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_302%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 11ad33cc8c0b119910f57c337f5aaa7d521ed20c2a0ec3a183d956ad10d6acc2

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"46-Aya2DuAmcjjrFH7WdF4kxX27zBw"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHHyue1I1nGmQocX8WgvdFoq8%2FKzcyEN6luObyEGvTtVixeRJj8piCQZoRaPI5qIVy8uf2rh1dnXHNJQ9d28Qe4LGzUXaVpaEi3VeTigbd3avlxnuf6SC0GaClVRcSz5qQewOOo08HyFhrs2DBz5AUIsbsIL"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7af25354bd398ffe-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 seg-21-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 218 KB
219 KB 68ms
67ms XHR
video/mp2t 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-21-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 04db19863572b86fa46d45e097464ae6eddeec55d267227266fa332897326b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:35:25 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 377247
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 148
content-length: 222968
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AqDNH_qOlfEPtN15L5ypBPCdCxJyyliPhuqzbN67LYJWEf1Sz4Vx7w==
expires: Sat, 23 Mar 2024 10:49:36 GMT

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 562C 1 KB
983 B 150ms
149ms Document
text/html 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4dc6c58085216237810d893fc2de38361e5aa720fbf0f3123765108fcc7654

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7af2535aec7e694b-FRA
content-encoding: br
content-type: text/html
date: Tue, 28 Mar 2023 19:37:04 GMT
etag: W/"OTg1MWU4YjRnYzk0OGc0ZmVjZzg3MDRnNmIxMzYzNDAwOGViLXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2ZniFvjuLrXHb4I0XWcYRewWMc6aTCSx1hBmm6g%2FooNTg1%2FBXAvqCpXs0LjyJGPVEBCBbm%2FA20QzD5A93T%2BmO8T%2FxWTyQD%2Bwe0%2FZdV7ri1tD1aYkMLWawGE8htZjU5oTt%2F%2BCdHV0%2BnVR6IadqqEhA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-7dc7d4cd6f-5qv6t:cc-nginx-7dc7d4cd6f-5qv6t
x-requestid: fd090d6a-7c40-4e38-9d25-baf232d97de1

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 562C
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=9851e8b4-c948-4fec-8704-6b13634008eb
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=9851e8b4-c948-4fec-8704-6b13634008eb&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=9851e8b4-c948-4fec-8704-6b13634008eb&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=548fef76-cf7f-4b33-9e69-49e897a2241c

0
536 B

174ms
173ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=548fef76-cf7f-4b33-9e69-49e897a2241c
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:05 GMT
x-frontend: cc-nginx-7dc7d4cd6f-6ltgg:cc-nginx-7dc7d4cd6f-6ltgg
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: ddccfcb2-c268-444d-b95e-32913715de3b
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8LXca8g5iR9xmYEI%2FWlufwX5ExeO0DBWuX%2FlQqYOLsagYK%2Fz1pzagxvZA0bz1M2zZv6zvCu4FtbHO2mwWTDebwzNVeEq7E7KB4N6zTmsUmbpEHcsNaOVXHu%2FnejyKNwUsI492bWiGyfsoeLMXvSJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7af2535e9afd694b-FRA

Redirect headers

date: Tue, 28 Mar 2023 19:37:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=548fef76-cf7f-4b33-9e69-49e897a2241c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 562C
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=9e9cf5ce-36c1-5e25-80e4-087b41fe1eb0&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=ec0a4d85-b3d4-4b2b-9064-14441f910d0d&hem=

0
295 B

191ms
191ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=ec0a4d85-b3d4-4b2b-9064-14441f910d0d&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:05 GMT
x-frontend: cc-nginx-7dc7d4cd6f-zn95g:cc-nginx-7dc7d4cd6f-zn95g
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 497e8158-f28a-4abb-9610-cab6b65676a4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NigG6vRENHFkbCzHSX48nqaebASwZPfServvBpVSer%2F2STi7UPmI5iTyjw7%2Fq1tVnmQLvpei%2FHDima6IXPHmRKx0%2FkLlqQc9pn4f9xSlPU7zn%2F0gExlOh3f2GJJ2AATRDfpWXqbP3zd5qCIePIxfqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7af253603e57694b-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=ec0a4d85-b3d4-4b2b-9064-14441f910d0d&hem=
date: Tue, 28 Mar 2023 19:37:05 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 562C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

109ms
108ms

Image
text/plain

52.213.31.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE

Protocol

HTTP/1.1

Server

52.213.31.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-31-46.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:05 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Tue, 28 Mar 2023 19:37:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%2...
a.clickcertain.com/px/li/ Frame 562C
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=9851e8b4-c948-4fec-8704-6b13634008eb
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=9851e8b4-c948-4fec-8704-6b13634008eb&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=9851e8b4-c948-4fec-8704-6b13634008eb&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
https://a.clickcertain.com/px/li/https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fge...

83 B
83 B

154ms
154ms

Image
application/json

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/li/https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d9851e8b4%252dc948%252d4fec%252d8704%252d6b13634008eb%2526anx_uId%253d%2524UID
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:05 GMT
content-encoding: br
x-frontend: cc-nginx-7dc7d4cd6f-wvtwk:cc-nginx-7dc7d4cd6f-wvtwk
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: d929909b-130b-4fe7-a824-6e9a5c98a4e1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYQfk%2F0dUhqV54grfnaHwYrh1DQR5JI53Odi09GgHXR3X5L039Sq%2B%2B5BSVcMUD6SRPSWZ8M9X3bHaFIGLwFoZ7jF%2ByYKuAH5me0FgjvIuXFz5D9jd%2BCKie26802erioxltA%2BC8cqBEztUlDoZ1uBng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 7af25360ff94694b-FRA

Redirect headers

date: Tue, 28 Mar 2023 19:37:05 GMT
x-frontend: cc-nginx-7dc7d4cd6f-hs5f6:cc-nginx-7dc7d4cd6f-hs5f6
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 63b977d2-ed9e-434d-991d-49f46585583d
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIWc%2B%2BIXY2VSSo1BwQ15QfpEwl62LClpWZXdI9Ax0zjTPVjndvEiK69WZfEkPr8rHmE2K1ES0aKbk%2BTRJ4lUb10TsRaj0xlv%2FOt5n68epHwKlD4B0Ewo720oW5%2FMkKjjR76O5qpyz%2FhqhdYzwxF%2F3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d9851e8b4%252dc948%252d4fec%252d8704%252d6b13634008eb%2526anx_uId%253d%2524UID
cf-ray: 7af2535ffdde694b-FRA

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 59EE 490 B
760 B 384ms
92ms Document
text/html 18.66.122.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=9851e8b4-c948-4fec-8704-6b13634008eb&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-95.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 437ea8437de5d3fac7075ea55e1b47430f8dc76ee74aeca127febe0f7105af33

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Tue, 28 Mar 2023 19:37:04 GMT
server: CloudFront
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-cf-id: HdMeozyTn_voWIffjT6Ztgg8GlXC6iu14sWQHYrRJX5TEftPoe9U6w==
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2

204

/
a.clickcertain.com/px/img/g/ Frame 59EE
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=eb500049-cd9f-11ed-b2fd-7730f31d3f96
https://a.clickcertain.com/px/smart/a/?c=24d1add2443e239&type=img&partner_rid=eb500049-cd9f-11ed-b2fd-7730f31d3f96&partner_id=193f0456
https://a.clickcertain.com/px/img/?c=24d1add2443e239
https://a.clickcertain.com/px/img/g/?start_cm=1
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
https://a.clickcertain.com/px/img/g/?google_gid=CAESEPzCac5T02PMz1m6swN_k4k&google_cver=1

0
458 B

175ms
175ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/g/?google_gid=CAESEPzCac5T02PMz1m6swN_k4k&google_cver=1
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
x-frontend: cc-nginx-7dc7d4cd6f-zn95g:cc-nginx-7dc7d4cd6f-zn95g
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 76c2d376-c368-4426-b3de-768f82b93327
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf5B0cNhixq%2BSDxZsUKyC6ikFBmAGjHAmv1nP7p%2BAUCV7l%2BQVfJ9ZEiadYk0rRilhlji2Oysv%2BQTLu1wwXCeHH%2FnxBu6tMTvMjpBLHPdcEf8Pkq1vBiX9c9o2PkdJRtbOKDVp7Z9smK9DVKMfENhQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7af253657eea694b-FRA

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.clickcertain.com/px/img/g/?google_gid=CAESEPzCac5T02PMz1m6swN_k4k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 59EE 0
148 B 271ms
233ms Image
text/plain 52.10.177.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.177.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-177-234.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:05 GMT
server: awselb/2.0

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 59EE
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

78ms
77ms

Image
text/plain

52.213.31.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Server

52.213.31.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-31-46.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:05 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Tue, 28 Mar 2023 19:37:05 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 58ms
57ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4592&scd=0&ssd=1&est=1680032221217&ver=36&isls=true&src=i&invt=3000&msa=51&rv=1&tim=1680032225810&vi=1680032221215&ri=119e1dcc8c6c3ab8e6de0d096a85ef98&ref=https%3A%2F%2Ftophealthychoice.com%2F&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 28 Mar 2023 19:37:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 58ms
58ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4592&scd=0&ssd=1&est=1680032221217&ver=36&isls=true&src=i&invt=3000&msa=51&rv=1&tim=1680032225810&vi=1680032221215&ri=47de4a45914741d28562a07ef0588be4&ref=https%3A%2F%2Ftophealthychoice.com%2F&cv=20230326-2-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D10299e621b2b1d934068d6d5f18560%26n%3Dtune%26AFFID%3D477232%26subid%3D55_302&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Tue, 28 Mar 2023 19:37:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 360ms
119ms XHR
text/plain 44.195.191.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.191.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-191-171.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 351ms
121ms XHR
text/plain 44.195.191.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.191.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-191-171.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: max-age=0, private, must-revalidate

GET
H2 200 seg-22-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/ 368 KB
369 KB 60ms
60ms XHR
video/mp2t 2600:9000:218c:da00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-22-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218c:da00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 373faf97f148aa87e3e042d88bc9d6b2334f067ed17be5e4156e37d0458861e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 12:19:34 GMT
via: 1.1 b8c32b6f315546dbe41941dc32a932e6.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: CDG50-P1
age: 473196
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 134
content-length: 376376
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hym94JP16OJzSJ44VZ0Rx1yjUchlDWEfiBaimvBQ0V1N_1Y0DrGKCQ==
expires: Fri, 22 Mar 2024 08:10:30 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
16 KB 44ms
44ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bce6db6cb065eb3ed1a8868cd51ca16e9f4646d90271ed03c95ce0e0013e5381

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3052
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
content-length: 16074
x-served-by: cache-iad-kjyo7100073-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032226.339715,VS0,VE0
etag: "03981a693ed9b8ac4f6c0f3c4162cff3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 209

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 2F6C
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...

1 KB
2 KB

147ms
147ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060&dcc=t

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=10299e621b2b1d934068d6d5f18560&n=tune&AFFID=477232&subid=55_302

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

4d951b57ea76b7e3fb12bd09ddb3b45f2eb6d63234da787edd7df0928e830807

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1429
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 28 Mar 2023 19:37:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: GQHGM2ZRAVHNE9XA7YS3

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 28 Mar 2023 19:37:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: V5WPRFR8T7ZRC2F78C3H

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 5B1B 565 B
591 B 97ms
97ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7ba116b9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.d0d5ce17.1680032226.533b6d9f
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 19:37:06 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 2334476496164093

GET
H2 200 aeu9oe7qwy.m3u8 Show response
fast.wistia.com/embed/medias/ 935 B
1 KB 45ms
45ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5fdb0e547028256fdb5662c9e84afcf84927ea56148435c521ba356e7b6f0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 8
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 935
x-request-id: c58f7dc7c1223ec74a2585a10813a383
x-served-by: cache-iad-kjyo7100174-IAD, cache-hhn-etou8220045-HHN
x-runtime: 0.029943
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 111
x-timer: S1680032226.360743,VS0,VE0
etag: W/"f5fdb0e547028256fdb5662c9e84afcf"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 134, 2

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 153ms
153ms XHR
text/plain 44.195.191.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.191.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-191-171.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: max-age=0, private, must-revalidate

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 4F61
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30

43 B
344 B

43ms
42ms

Image
image/gif

18.185.209.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30
Protocol: H2
Server: 18.185.209.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-209-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-e6MHR7tXFqPan2_VO1A6nEEOheJyoLe776DXEg&expires=30
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4F61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YogZCrtXFqPan2_VO1A6nEEOheKC-PcEy8t2Wg&google_cm&google_hm=ay1Zb2daQ3J0WEZxUGFuMl9WTzFBNm5FRU9oZUtDLVBjR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YogZCrtXFqPan2_VO1A6nEEOheKC-PcEy8t2Wg&google_gid=CAESENc2wVafIaEaYQcql8cpzj0&google_cver=1&google_ula=913071,0

43 B
370 B

127ms
40ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YogZCrtXFqPan2_VO1A6nEEOheKC-PcEy8t2Wg&google_gid=CAESENc2wVafIaEaYQcql8cpzj0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 738330
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YogZCrtXFqPan2_VO1A6nEEOheKC-PcEy8t2Wg&google_gid=CAESENc2wVafIaEaYQcql8cpzj0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4F61
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3650126625467607358

43 B
370 B

52ms
52ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3650126625467607358

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1119655
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 28 Mar 2023 19:37:06 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d4df1a55-6820-46a6-9341-22fa30d36564
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3650126625467607358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 4F61
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-QvBBaLtXFqPan2_VO1A6nEEOheLyrkEHzdzxOQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QvBBaLtXFqPan2_VO1A6nEEOheLyrkEHzdzxOQ

43 B
1 KB

98ms
97ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QvBBaLtXFqPan2_VO1A6nEEOheLyrkEHzdzxOQ

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:06 GMT
AN-X-Request-Uuid: fe3672af-d24f-4bd3-a3d6-5ab26fc43330
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:06 GMT
AN-X-Request-Uuid: f4ed79e4-007a-40b7-b9ea-d74ac69dbe34
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QvBBaLtXFqPan2_VO1A6nEEOheLyrkEHzdzxOQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 4F61 61 B
802 B 250ms
140ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-A_ONRLtXFqPan2_VO1A6nEEOheKC5po76h4gkw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 19:37:06 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 28 Mar 2023 19:37:06 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 4F61 0
239 B 191ms
41ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uyq5n7tXFqPan2_VO1A6nEEOheLH0xzjlHvpkw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 4F61 0
35 B 151ms
41ms Image
text/plain 3.127.130.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iqf4y7tXFqPan2_VO1A6nEEOheIKAcT4hKV5GA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.130.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-130-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 4F61 43 B
114 B 206ms
49ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-PiEJGbtXFqPan2_VO1A6nEEOheLxqvp50ZXQ2Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:05 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4F61 0
98 B 768ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-I0F14rtXFqPan2_VO1A6nEEOheIlbfsKfLQQnw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42635

GET
H2 200 um
criteo-sync.teads.tv/ Frame 4F61 23 B
172 B 220ms
77ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-WBWCJLtXFqPan2_VO1A6nEEOheIbWofmOqgEtQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 28 Mar 2023 19:37:06 GMT
pragma: no-cache
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 4F61 37 B
140 B 123ms
40ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-D1esl7tXFqPan2_VO1A6nEEOheKgliAwF5F9Iw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 4F61 0
399 B 184ms
47ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-C9kdKrtXFqPan2_VO1A6nEEOheLo0A-PcfYJKg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 4F61 43 B
163 B 142ms
38ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-j8PhiLtXFqPan2_VO1A6nEEOheKLc_hAuill_A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 4F61 49 B
235 B 163ms
52ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-YsZ_9LtXFqPan2_VO1A6nEEOheIIKZN56P2Z-g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:06 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 4F61
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YjnaGLtXFqPan2_VO1A6nEEOheIyzAHbIUbpKQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YjnaGLtXFqPan2_VO1A6nEEOheIyzAHbIUbpKQ&C=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YjnaGLtXFqPan2_VO1A6nEEOheIyzAHbIUbpKQ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-YjnaGLtXFqPan2_VO1A6nEEOheIyzAHbIUbpKQ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 4F61
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YquZSbWKqVtW6MEC498RsHztGqv_BQaD
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YquZSbWKqVtW6MEC498RsHztGqv_BQaD

42 B
942 B

57ms
57ms

Image
image/gif

52.18.22.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YquZSbWKqVtW6MEC498RsHztGqv_BQaD

Protocol

HTTP/1.1

Server

52.18.22.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-22-137.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-04e0e9a66.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vyzQqNq+Tsw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-0d40b97f0.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ch5kUBGFTA4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=YquZSbWKqVtW6MEC498RsHztGqv_BQaD
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 4F61
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-WBXvQrtXFqPan2_VO1A6nEEOheIf3rN8c5l2Mw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-WBXvQrtXFqPan2_VO1A6nEEOheIf3rN8c5l2Mw

43 B
447 B

63ms
63ms

Image
image/gif

54.78.84.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-WBXvQrtXFqPan2_VO1A6nEEOheIf3rN8c5l2Mw
Protocol: H2
Server: 54.78.84.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-84-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:06 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-WBXvQrtXFqPan2_VO1A6nEEOheIf3rN8c5l2Mw
date: Tue, 28 Mar 2023 19:37:06 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 4F61 42 B
274 B 183ms
50ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-gVF6ALtXFqPan2_VO1A6nEEOheKHgUxfA-y8zg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 4F61 0
884 B 145ms
43ms Image
text/html 3.74.115.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-aYNkjbtXFqPan2_VO1A6nEEOheINg2oc2HWSpQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.115.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-115-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 4F61 0
145 B 485ms
121ms Image
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-M1zt0LtXFqPan2_VO1A6nEEOheKYi9e3c3EVGA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 19:37:07 GMT
Cache-Control: no-cache
X-TraceId: 5556dfbb0f71a3f580222565619a75c5
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 4F61 42 B
581 B 181ms
46ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-7qOF77tXFqPan2_VO1A6nEEOheJBKwvBUsR4zw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 28 Mar 2023 19:37:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 4F61 43 B
407 B 404ms
117ms Image
image/gif 2600:1f18:612b:4200:d1f0:6fd6:bfc0:39be

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-3nd9ZbtXFqPan2_VO1A6nEEOheIN41H9XzTcyg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:d1f0:6fd6:bfc0:39be -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 28 Mar 2023 19:37:07 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 4F61 43 B
153 B 103ms
33ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-GmYebLtXFqPan2_VO1A6nEEOheKl6zTosVwqeA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:06 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 4F61 0
400 B 192ms
78ms Image
text/plain 23.206.86.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-pnvB77tXFqPan2_VO1A6nEEOheJaZl5L_n6_qQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.86.180 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-86-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:06 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 27 Mar 2023 19:37:06 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 4F61 0
38 B 205ms
54ms Image
text/plain 54.155.81.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-3R7_87tXFqPan2_VO1A6nEEOheI_zXRF2PBAPQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.81.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-81-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
content-length: 0

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 21 KB
6 KB 42ms
41ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e6bf86abf81e714770dc292dd4f8f6011b39c26926371f73ca998bad56f611e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3052
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5630
x-served-by: cache-iad-kcgs7200039-IAD, cache-hhn-etou8220020-HHN
x-browser-version: 111
last-modified: Tue, 28 Mar 2023 14:01:45 GMT
server: AmazonS3
x-timer: S1680032227.634621,VS0,VE0
etag: "20a9da51c39bb7efa5f93e7518b58a9e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: e282650fb316b9cdc0c25e9a26c522107fdbae2d
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43, 113

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4F61
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=H3PtJhFV1K5FvbHbWiwxjG4baaSk_mI3

0
337 B

199ms
55ms

Image
text/plain

54.171.92.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=H3PtJhFV1K5FvbHbWiwxjG4baaSk_mI3
Protocol: H2
Server: 54.171.92.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-92-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n012-dub-prod.krxd.net
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1680032226
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=H3PtJhFV1K5FvbHbWiwxjG4baaSk_mI3
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1338247
content-length: 0

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 538ms
119ms XHR
text/plain 52.4.213.160

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.213.160 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:07 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2

200

cs
s.thebrighttag.com/ Frame 4F61
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sBnqxXT0whPGYlHpN0miPt9JthAPcp8n

35 B
268 B

493ms
129ms

Image
image/gif

18.118.202.231

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sBnqxXT0whPGYlHpN0miPt9JthAPcp8n
Protocol: H2
Server: 18.118.202.231 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
x-bt-requestid: ecc74590-cd9f-11ed-a8dc-0000ac17023c
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=sBnqxXT0whPGYlHpN0miPt9JthAPcp8n
date: Tue, 28 Mar 2023 19:37:06 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1305505
content-length: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame A0D9 7 KB
7 KB 122ms
121ms Document
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

8f89e2bdbeeab401c903a6b307c017a1ffcae8055b912d93788eddfd7a67a3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=212014028749744060&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6911
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 28 Mar 2023 19:37:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: TBG8VA2EAVWTJ75NA26E

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=k9CKJ4c8Reu88KvC5nihtw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=k9CKJ4c8Reu88KvC5nihtw

43 B
479 B

127ms
126ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=k9CKJ4c8Reu88KvC5nihtw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7N2NM2CY3BCP8WQ9FMZ0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
AN-X-Request-Uuid: e8e01980-3d7e-4dd2-919a-fef743ce0e35
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=k9CKJ4c8Reu88KvC5nihtw
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=nEuGYxmPRBKzmH59-hFVrQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=7c9b21c2-6efc-4552-bb75-3df6109dae10

43 B
479 B

359ms
133ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=7c9b21c2-6efc-4552-bb75-3df6109dae10

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YEDKPB8DK0JHT8X5FEJ9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=7c9b21c2-6efc-4552-bb75-3df6109dae10
access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame A0D9 43 B
113 B 57ms
48ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=M18ljP-FRTiD_czBsxdFiw&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:06 GMT
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=216613104469004841392&ex=neustar.biz

43 B
479 B

227ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=216613104469004841392&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZXEM5RK33ZGZVPZVZ0JZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=216613104469004841392&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=H-BCax7hTs-iSSQAQCB9mw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCNB4vW7SCjQxmesRMYr3gAA

43 B
479 B

123ms
122ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCNB4vW7SCjQxmesRMYr3gAA

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BGJD58YGDT45KTBBNNW3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZCNB4vW7SCjQxmesRMYr3gAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=a5e04fbd085b54cca61eeb81c8cb0abe

43 B
479 B

244ms
122ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=a5e04fbd085b54cca61eeb81c8cb0abe

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RA8370XPZ2RBSWP7RKFM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=a5e04fbd085b54cca61eeb81c8cb0abe
date: Tue, 28 Mar 2023 19:37:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

127ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VRCAJVJD0HDWW6SJMX8C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Tue, 28 Mar 2023 19:37:07 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Sdr2JLFlSQa4U755k7hkew
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Sdr2JLFlSQa4U755k7hkew

43 B
479 B

354ms
122ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Sdr2JLFlSQa4U755k7hkew

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X4D12RH444TS480BH1RA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Sdr2JLFlSQa4U755k7hkew
date: Tue, 28 Mar 2023 19:37:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=839eefda-fc94-4be4-b993-0bcc765c61de

43 B
479 B

159ms
122ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=839eefda-fc94-4be4-b993-0bcc765c61de

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SGFP9Y9S9Y8HW09BJACB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=839eefda-fc94-4be4-b993-0bcc765c61de
Date: Tue, 28 Mar 2023 19:37:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=b878f00b125149ea8db73d81008c67f5

43 B
479 B

266ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=b878f00b125149ea8db73d81008c67f5

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 78D9FVN71W12T7XFP7PV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=b878f00b125149ea8db73d81008c67f5
date: Tue, 28 Mar 2023 19:37:07 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame A0D9 0
122 B 307ms
48ms Image
text/plain 188.65.124.66

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=CVFzE4GzQm-sCqVhRAZMwQ&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-45tzx
date: Tue, 28 Mar 2023 19:37:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-60SonFlE2pGVmXpCCNScQ2ADh.zv4dSM55CN~A&status=OK&ex=gemini

43 B
479 B

176ms
132ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-60SonFlE2pGVmXpCCNScQ2ADh.zv4dSM55CN~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HA1NT9CQYAAAE6ANZ13B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-60SonFlE2pGVmXpCCNScQ2ADh.zv4dSM55CN~A&status=OK&ex=gemini
date: Tue, 28 Mar 2023 19:37:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

123ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MWDBZ72A4WPPBX8V5RM0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1680032227483079-385
Expires: Tue, 28 Mar 2023 19:37:07 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

125ms
124ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1M9RW2ZXTH78B5V0PRM6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 28 Mar 2023 19:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=5GX65MTS8R2QXGX9X094:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: 5GX65MTS8R2QXGX9X094
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: lVqNoHtC6DfKU7F9l9HfcjrbvfSOqwOtOWZrIK47djZlYNYRGFqK-Q==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A0D9 0
336 B 62ms
55ms Image
text/plain 54.171.92.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=o96MJkebT8Oz5OHupqrGWg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.92.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-92-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n011-dub-prod.krxd.net
date: Tue, 28 Mar 2023 19:37:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1680032227
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=7c9b21c2-6efc-4552-bb75-3df6109dae10&ex=improvedigital.com

43 B
479 B

170ms
122ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7c9b21c2-6efc-4552-bb75-3df6109dae10&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H9ZS74ZXPHDMPFA1DWQH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=7c9b21c2-6efc-4552-bb75-3df6109dae10&ex=improvedigital.com
access-control-allow-origin: *
date: Tue, 28 Mar 2023 19:37:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame A0D9 0
186 B 383ms
121ms Image
text/plain 3.228.92.231

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.92.231 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10f7a7f7a1ec4bbee

0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AfIiCKdFRTyoy5Y_nXdz1A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AfIiCKdFRTyoy5Y_nXdz1A

43 B
479 B

196ms
134ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AfIiCKdFRTyoy5Y_nXdz1A

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2HKEFE6XW5YKNYSBC163
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=AfIiCKdFRTyoy5Y_nXdz1A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=C9YpPN-bRSaCdveSYtH0sw&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=C9YpPN-bRSaCdveSYtH0sw

43 B
479 B

124ms
124ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=C9YpPN-bRSaCdveSYtH0sw

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NBB6YCD95SK63S30KM6D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=62a81ed54cf0aed1f27f75b4d76875&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=C9YpPN-bRSaCdveSYtH0sw
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1680032227612074-373
Expires: Tue, 28 Mar 2023 19:37:07 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=p-LtsxSCQzqv89LNuamU0A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=24634985065433856903315103196366162142

43 B
479 B

128ms
127ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=24634985065433856903315103196366162142

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B7PE2CRBN677YA7J9TPE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v046-02a7d0da5.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: A8YdfOWOT3w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=24634985065433856903315103196366162142
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame A0D9 42 B
213 B 167ms
49ms Image
image/gif 34.160.236.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=WbEjG_E2SPyEcU2AsXfaFg
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:07 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5386738429647593537

43 B
479 B

125ms
124ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5386738429647593537

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7F2VQK6HFEK7NE7HYT3W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5386738429647593537
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=ed1935f6-cd9f-11ed-8595-1fe3cd8f0206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ed19358c-cd9f-11ed-8595-1fe3cd8f0206

0
0

GET

acs
lm.serving-sys.com/lm/ Frame A0D9
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%226c916066-d589-4784-ae92-a1833c871ed3%22,%22Time%22:%2220230328T193707.900085%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEC4lLe1EWd0kgzw8nDrzN7Y&google_cver=1

43 B
479 B

354ms
122ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEC4lLe1EWd0kgzw8nDrzN7Y&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 196SC7VP0YCRHHQJ58H2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEC4lLe1EWd0kgzw8nDrzN7Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET v2
usermatch.krxd.net/um/ Frame A0D9 0
0

GET

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=09152d03d4989325370406154467d01a

0
0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A0D9 43 B
304 B 160ms
49ms Image
image/gif 35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LXF20qWPAlCglCSYPaNF6zc4ZO84ZgIC

43 B
479 B

123ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LXF20qWPAlCglCSYPaNF6zc4ZO84ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AP75XF25K7AKVWX1QQ93
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LXF20qWPAlCglCSYPaNF6zc4ZO84ZgIC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame A0D9 37 B
139 B 46ms
41ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=qMTG-0oUT1ytxWQkVuAIfQ&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=o96MJkebT8Oz5OHupqrGWg&dmt=3&ex-pl-n-g-hmt=EQZ4dX_WS826oNoRNhE5aA&ep=ttam_T219Ay-cPciHbT10vWruI9Mp4jK0_zAF1AElEHVZmabNtV45T6ZDXJf8CH5SP4JBBmZ9w2wBKzPKDOgB4yr-l2lCcpb89WybFM6N_XaiJ0MjJo6cwxwNzGqeTAA1fecZ2hCKsIIPTJm-VKAL3qe7d_BSBtRCQA9HMZbIgukWkiJZUT2SD7a_ZpTQv351SOpBxzvzr3WT48Gz9NiZ7vDxxcTXXREOtFzhdZgqu9oZcnGLlXS_UvbdLBj_dOhvplBssggyxn05ZZnQ3jfACaiIrLKkbD_UPc6KDfeOtAzfXELmSbOXm_iJFzYMtyqatCmPo4LDAW8hqxxCQCWrDgQj617d6c84Qf6Zo0BS-JDT2sl1Qe6xQmjI0K-UTZYfoQUYVoua4dvuFW3WMJSjjUYHOhg4hnNcCA5tok9W6Qbs6ab4PoALQv6hQjxzHxFzBoOhLiCBEG2CN80svqFQ5M6jW1PjwWDc4AUWnVAXVm-QXFaA2hri7zqgNRS1YAEkkRgIMOgoeitDRyoLhfiIr6tp7U4dIr4i5vjWv7pdNxweAQjq4puZySRdThiNplGvqvbN6Hn74o0dHhl7y_sWKndCkn6twwHn_UOKOwG10P-nytLOshXDRcXnunIU7Zs95ffyHN7d6zQeVUUwiOQn93j__wjr4GKBkyP6ynWcqgSv7A_csXQx7bQUNuyT9wP1SWlrkby2wUpwJ74xiAYxg9W9TikHJviLJwYkJTLRG9F1bP15DJn8itl6fT-uwc-kJiotXXiDxqKG--Cels3wA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 19:37:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CEBF4DD92A6E893F

0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=8029378976828790987&ex=appnexus.com

43 B
479 B

132ms
132ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8029378976828790987&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E00X3BXPJTNB5GNX22KW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 28 Mar 2023 19:37:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e932a9a5-673a-4f80-8088-d0c4593bbf75
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8029378976828790987&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET Pug
image2.pubmatic.com/AdServer/ Frame A0D9 0
0

GET token
token.rubiconproject.com/ Frame A0D9 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A0D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=EQZ4dX_WS826oNoRNhE5aA&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

349ms
123ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 19:37:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F77GV1VEK5W5EMA3RWP9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Mar 2023 19:37:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
loadus.exelator.com/load/ Frame A0D9 0
0

GET /
lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/ Frame A0D9 0
0

GET TC-3673-1.gif
pi.ispot.tv/v2/ Frame A0D9 0
0

GET sync
sync-amazon.ads.yieldmo.com/ Frame A0D9 0
0

GET UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A0D9 0
0

GET sd
us-u.openx.net/w/1.0/ Frame A0D9 0
0

GET rtb
sync.taboola.com/sg/amazon-a9-network/1/ Frame A0D9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10f7a7f7a1ec4bbee

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=ed19358c-cd9f-11ed-8595-1fe3cd8f0206

Domain: lm.serving-sys.com
URL: https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%226c916066-d589-4784-ae92-a1833c871ed3%22,%22Time%22:%2220230328T193707.900085%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]

Domain: usermatch.krxd.net
URL: https://usermatch.krxd.net/um/v2?partner=amzn

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=09152d03d4989325370406154467d01a

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=CEBF4DD92A6E893F

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=ai_2Sl2ORcubLG5Hfk-C9Q&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2179&pt=n

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0

Domain: lciapi.ninthdecimal.com
URL: https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D

Domain: pi.ispot.tv
URL: https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D

Domain: sync-amazon.ads.yieldmo.com
URL: https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=UI6n7q_ES3aviiU8giss1w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=My1e5nBMRfapq4Y93z-4EQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D

Domain: sync.taboola.com
URL: https://sync.taboola.com/sg/amazon-a9-network/1/rtb

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-vsl01-aff-2/	1970-01-20 15:05:29	Name: ubpv Value: ak%2Cfbe91892-5070-465e-914a-d53bab95f199
i.liadm.com/s	1970-01-20 11:23:44	Name: _li_ss Value: CgA
tophealthychoice.com/	1970-01-20 11:23:44	Name: prli_click_26 Value: 7urw
tophealthychoice.com/	1970-01-20 19:26:08	Name: prli_visitor Value: 642341dae4d51
go.welldaily.com/	1970-01-20 10:50:37	Name: enc_aff_session_2 Value: ENC03e55dc092b727083fdce20fb9f9404505e3272d4fb3740b36cd950eaa8652dcd454a102e165aad63bf7f2484b9f0f01745958a63979cc30f5c3d32cd197a8c2a971641b6911cf5b4f7153f0660957977068efad5241d70a0c7dd4c784d787402fe5608623655e5e4e5eac87a11ad79cd8c7d88f43b86498f25b2289b729270feeac65606446412971fa5adb7577c6843b220917387d26930f67f1f76942197e8e1bf2bc2f
go.welldaily.com/	1970-01-20 20:16:32	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTEwIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-20 14:59:44	Name: ubvs Value: 2b633ded-fa85-4a92-8c73-38f79ee52aa8
.upwellness.com/	1970-01-20 10:44:51	Name: ubvt Value: v2%7C2b633ded-fa85-4a92-8c73-38f79ee52aa8%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle
.upwellness.com/	1970-01-20 12:50:08	Name: _gcl_au Value: 1.1.1549491255.1680032221
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 20:16:32	Name: _lc2_fpi Value: f0f26c15fa8f--01gwmvjhhm97q5nwprfs42ad9s
.criteo.com/	1970-01-20 20:02:08	Name: uid Value: d30fe94b-e3d5-4b9c-9bde-98e742dddf09
.tiktok.com/	1970-01-20 20:02:08	Name: _ttp Value: 2Nel2Zs7hFgGDiOtASyUlixnDXJ
.upwellness.com/	1970-01-20 20:16:32	Name: __nbpix_uid Value: 1-idbs5d07-lfsnt2c1
.doubleclick.net/	1970-01-20 20:02:08	Name: IDE Value: AHWqTUmEoB1fu0EuC8bxVWO_YGBFr0pWZQpil7lbT7ZskAHpHbFpcd4ljS-x9t9c
.upwellness.com/	1970-01-20 20:16:32	Name: _ga Value: GA1.2.1993990626.1680032221
.upwellness.com/	1970-01-20 10:41:58	Name: _gid Value: GA1.2.2134981432.1680032221
.upwellness.com/	1970-01-20 10:40:32	Name: _dc_gtm_UA-28307243-3 Value: 1
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: 52E656857186E4018729B9486E1F8B00
.upwellness.com/	1970-01-20 20:16:32	Name: ucacid Value: 2028621091.428380
.store.upwellness.com/	1970-01-20 20:16:32	Name: ucacid Value: 2028621091.428380
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcOxJ5fQN_YofDVNQzji
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcOxJ5fQN_YofDVNQzji.n246
.liadm.com/	1970-01-20 20:16:32	Name: lidid Value: 217e4901-69d0-464e-bd8b-dc9bc9455ff9
.upwellness.com/	1970-01-20 12:50:08	Name: _fbp Value: fb.1.1680032221545.1696314317
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: tophealthychoice.com
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1680032221558
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22tophealthychoice.com%22%2C%22utm_medium%22%3A%22Referrer%22%2C%22utm_cl_referrer_path%22%3A%22tophealthychoice.com%2F%22%7D
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr63c86d3bb-4727-4eab-8d0a-0465c2994cd0
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_sid Value: CL-d3fb5a97-b7a0-4f0d-81c6
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr603d362bb-71f8-4a7f-87df-c43d30f95f25
.pages.upwellness.com/	1970-01-20 19:26:08	Name: _pin_unauth Value: dWlkPVlqVmlOMkl4WVRJdFlqVTBZUzAwWW1ZeExUaG1NR1V0Wm1VM01EUTBPREE0TjJNeg
.upwellness.com/	1970-01-20 20:09:56	Name: cto_bundle Value: P-uNVV9KRkd6S2Z0UVlUNVhVJTJCSVduOGFkOTZSeGpVdkE5R0FUdDh3OVA0VUd4bk5LVHlqejA5RDA1TkJBck5NdWVzWHklMkJ2d0xxUmVrJTJGV28lMkZ4NWNwJTJCTDFsVTBMRlBLaExNTGVoWVJDbFZQciUyRlNvdmNDcFJOZGZxem1ZY250YVR1dW4xeUpxODVBOEY1MlU4cVZKczYzTzM1NFElM0QlM0Q
pages.upwellness.com/	1970-01-20 10:40:32	Name: outbrain_cid_fetch Value: true
pages.upwellness.com/	1970-01-20 11:23:44	Name: nxtBtn Value: videoBtn
.upwellness.com/	1970-01-20 20:02:08	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-20 20:02:08	Name: _ttp Value: q0TYFsJ96hcutsgPosQqcFF9XLS
.yahoo.com/	1970-01-20 19:26:29	Name: A3 Value: d=AQABBN1BI2QCEJPfzBPIyIV64A0HuPV1LEgFEgEBAQGTJGQtZAAAAAAA_eMAAA&S=AQAAAtj4QgVZBAqbO8teRclgoOg
.upwellness.com/	1970-01-20 10:41:58	Name: _uetsid Value: e99b34d0cd9f11ed907ef5ceb833021c
.upwellness.com/	1970-01-20 20:02:08	Name: _uetvid Value: e99b51a0cd9f11edbf6833eb335109f2
.upwellness.com/	1970-01-20 19:26:08	Name: _hjSessionUser_795540 Value: eyJpZCI6IjE3NmRmOTNkLWQwY2MtNWI3Yy1hNTI5LWQ5MWJlNmU1YzBlMyIsImNyZWF0ZWQiOjE2ODAwMzIyMjIxNDUsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 10:40:34	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 10:40:32	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 10:40:34	Name: _hjSession_795540 Value: eyJpZCI6IjliNTQ3NzkxLTQxMTQtNDY0NC05Zjg0LTVhZWNlM2I0ODI5ZCIsImNyZWF0ZWQiOjE2ODAwMzIyMjIxNTksImluU2FtcGxlIjp0cnVlfQ==
pages.upwellness.com/	1970-01-20 10:40:32	Name: _hjIncludedInPageviewSample Value: 1
.upwellness.com/	1970-01-20 10:40:34	Name: _hjAbsoluteSessionInProgress Value: 0
.bing.com/	1970-01-20 20:02:08	Name: MUID Value: 28A58E5C5EFD63E6189B9CBE5F7662AC
store.upwellness.com/	1970-01-20 10:50:37	Name: AWSALB Value: Qy415flFkNZI+uaiLraA456QPzsv8XrMdLygWJ7RJ+EtFANpflpOIqw13Xgr9GUWDybmpkh+faDSCSLE/O03Ws0MaiF03x+9WoJ2BSPL++UeTACCfFhFR7VSQmyL
store.upwellness.com/	1970-01-20 10:50:37	Name: AWSALBCORS Value: Qy415flFkNZI+uaiLraA456QPzsv8XrMdLygWJ7RJ+EtFANpflpOIqw13Xgr9GUWDybmpkh+faDSCSLE/O03Ws0MaiF03x+9WoJ2BSPL++UeTACCfFhFR7VSQmyL
.store.upwellness.com/	1970-01-20 19:26:08	Name: UPWEL-ANP Value: 6141
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1680034022575
.upwellness.com/	1970-01-20 19:26:08	Name: cl4975ot4arrr6_eidsTracked Value: true
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx_u Value: 9851e8b4%2dc948%2d4fec%2d8704%2d6b13634008eb
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx_24a3d6f0fe7dd9c Value: 1
.tapad.com/	1970-01-20 12:06:56	Name: TapAd_TS Value: 1680032224946
.tapad.com/	1970-01-20 12:06:56	Name: TapAd_DID Value: 548fef76-cf7f-4b33-9e69-49e897a2241c
.tapad.com/	1970-01-20 12:06:56	Name: TapAd_3WAY_SYNCS Value:
.bidr.io/	1970-01-20 20:09:05	Name: bito Value: AAB6x07IRoQAACCxZPjlzQ
.bidr.io/	1970-01-20 20:09:05	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 10:40:32	Name: checkForPermission Value: ok
.a.usbrowserspeed.com/	1970-01-20 19:26:08	Name: tuid Value: ec0a4d85-b3d4-4b2b-9064-14441f910d0d
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx Value: 24d1add2443e239
a.clickcertain.com/	1970-01-20 19:26:08	Name: _ccpx_24d1add2443e239 Value: 1
.media.net/	1970-01-20 19:26:08	Name: visitor-id Value: 3230338269085561000V10
.media.net/	1970-01-20 11:23:44	Name: data-c-ts Value: 1680032226
.media.net/	1970-01-20 11:23:44	Name: data-c Value: k-A_ONRLtXFqPan2_VO1A6nEEOheKC5po76h4gkw~~3
.adnxs.com/	1970-01-20 12:50:08	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>vMJbTd!@wnfH1YdP.dEXlSkbV+p5dho?aN'nr.y)LhMYpa0>JqO^#*q?PnQrLVU9?L?_y11J4KK=RJ^9RFMZ9T5_m!wzYy+HH0p
.adnxs.com/	1970-01-20 12:50:08	Name: uuid2 Value: 8029378976828790987
.bidswitch.net/	1970-01-20 19:26:08	Name: tuuid Value: e7cef553-9cad-439a-aea4-4a2721975be6
.bidswitch.net/	1970-01-20 19:26:08	Name: c Value: 1680032226
.bidswitch.net/	1970-01-20 19:26:08	Name: tuuid_lu Value: 1680032226
.demdex.net/	1970-01-20 14:59:44	Name: demdex Value: 24634985065433856903315103196366162142
.analytics.yahoo.com/	1970-01-20 19:26:08	Name: IDSYNC Value: 18zh~2arv
.dpm.demdex.net/	1970-01-20 14:59:44	Name: dpm Value: 24634985065433856903315103196366162142
.casalemedia.com/	1970-01-20 19:26:08	Name: CMID Value: ZCNB4vW7SCjQxmesRMYr3gAA
.casalemedia.com/	1970-01-20 12:50:08	Name: CMPS Value: 5256
.casalemedia.com/	1970-01-20 12:50:08	Name: CMPRO Value: 5256
exchange.mediavine.com/	1970-01-20 11:00:41	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ec5b8b70-cd9f-11ed-8a73-4b4e426ec615%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:00:41	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ec5b8b70-cd9f-11ed-8a73-4b4e426ec615%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:00:41	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ec5b8b70-cd9f-11ed-8a73-4b4e426ec615%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:00:41	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ec5b8b70-cd9f-11ed-8a73-4b4e426ec615%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:00:41	Name: criteo Value: %7B%22id%22%3A%22k-aYNkjbtXFqPan2_VO1A6nEEOheINg2oc2HWSpQ%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 12:50:08	Name: tuuid Value: 7c9b21c2-6efc-4552-bb75-3df6109dae10
.360yield.com/	1970-01-20 12:50:08	Name: tuuid_lu Value: 1680032226
.pubmatic.com/	1970-01-20 11:23:44	Name: KRTBCOOKIE_97 Value: 3385-uid:k-7qOF77tXFqPan2_VO1A6nEEOheJBKwvBUsR4zw&KRTB&23144-uid:k-7qOF77tXFqPan2_VO1A6nEEOheJBKwvBUsR4zw&KRTB&23286-uid:k-7qOF77tXFqPan2_VO1A6nEEOheJBKwvBUsR4zw&KRTB&23287-uid:k-7qOF77tXFqPan2_VO1A6nEEOheJBKwvBUsR4zw
.pubmatic.com/	1970-01-20 11:23:44	Name: PugT Value: 1680032225
.360yield.com/	1970-01-20 12:50:08	Name: um Value: !38,62Z1tDSsqBkWJNeXc3jmDv0dKP.ADYQRiTruBHdRInDeAdW5iskwbLPezDz7Gl3rM4KIHQw2,1687808226
.360yield.com/	1970-01-20 12:50:08	Name: umeh Value: !38,0,1742240226,-1
.krxd.net/	1970-01-20 14:59:44	Name: _kuid_ Value: Pdk77qIM
.amazon-adsystem.com/	1970-01-20 15:09:49	Name: ad-id Value: AyboiTeAbkS8gmroXj974zY
.amazon-adsystem.com/	1970-01-20 20:16:32	Name: ad-privacy Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: blob:https://pages.upwellness.com/7500a42e-70cc-4154-a2ea-da1073224e9d Message: [log] > Debug logs enabled for "main"
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.remarketstats.com
a.twiago.com
a.usbrowserspeed.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.nextdoor.com
ads.stickyadstv.com
amazon.partners.tremorhub.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
builder-assets.unbounce.com
business.newsbreak.com
c1.adform.net
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cdn1.decide.dev
click.mwhealthcareconsulting.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d3pkntwtp2ukl5.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
eb2.3lift.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events.ub-analytics.com
exchange.mediavine.com
fast.wistia.com
fast.wistia.net
flask.nextdoor.com
fonts.ub-assets.com
go.maxweb.com
go.welldaily.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
in.hotjar.com
io.v2.customerlabs.co
lciapi.ninthdecimal.com
live-visitor-counts.herokuapp.com
live.upwellness.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
odr.mookie1.com
pages.upwellness.com
pi.ispot.tv
pipedream.wistia.com
pixel.rubiconproject.com
pixel.tapad.com
public-prod-dspcookiematching.dmxleo.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
s.thebrighttag.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-amazon.ads.yieldmo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
sync.taboola.com
t.myvisualiq.net
tag.trovo-tag.com
tags.bluekai.com
token.rubiconproject.com
tophealthychoice.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.imdb.com
x.bidswitch.net
image2.pubmatic.com
image6.pubmatic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
pi.ispot.tv
s.amazon-adsystem.com
sync-amazon.ads.yieldmo.com
sync.taboola.com
token.rubiconproject.com
us-u.openx.net
usermatch.krxd.net
104.111.217.42
108.138.17.119
13.248.245.213
13.32.99.127
13.32.99.8
141.226.228.48
142.250.185.162
143.204.192.5
151.101.1.44
151.101.65.131
151.139.128.10
170.187.185.18
176.34.146.200
178.250.0.163
178.250.1.11
178.250.1.9
18.118.202.231
18.164.52.40
18.185.209.202
18.66.122.95
18.66.137.164
185.255.84.153
185.64.189.110
185.80.39.216
185.86.139.94
185.89.211.84
188.65.124.66
193.108.153.21
2.18.235.93
212.82.100.181
212.82.100.182
23.206.208.183
23.206.86.180
23.35.237.86
23.36.163.232
2600:1f18:612b:4200:d1f0:6fd6:bfc0:39be
2600:1f18:730:b110:5d71:6695:b3d2:3b15
2600:9000:20e1:8400:1d:11cf:5800:93a1
2600:9000:218c:be00:1e:c86:4140:93a1
2600:9000:218c:da00:1e:c86:4140:93a1
2600:9000:223c:d200:8:8845:1500:93a1
2606:4700:20::681a:37a
2606:4700:20::681a:932
2606:4700:3032::ac43:8948
2606:4700:3034::ac43:a9b0
2606:4700:3108::ac42:2b71
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
2a02:2638:3::e
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::622
2a04:4e42:600::622
2a04:4e42:8d::84
2a06:98c1:3120::3
3.125.13.55
3.126.202.50
3.127.130.178
3.210.192.5
3.228.92.231
3.70.44.41
3.74.115.177
3.75.62.37
3.93.168.254
34.111.113.62
34.117.157.22
34.160.236.64
34.230.252.255
34.236.88.218
35.160.236.237
35.244.159.8
37.157.3.20
37.157.6.241
44.195.191.171
44.236.178.245
52.10.177.234
52.18.22.137
52.202.32.237
52.213.31.46
52.22.191.215
52.222.149.85
52.222.174.14
52.222.229.186
52.222.250.12
52.31.40.31
52.4.213.160
52.46.130.91
54.155.81.193
54.171.92.63
54.243.49.36
54.78.84.139
64.202.112.159
69.173.144.138
72.246.169.24
74.119.119.150
85.215.5.31
04971705dcd7ef441d0cdfed3de59b62af5c279b75c2b60d14116a1ccaf23acd
04db19863572b86fa46d45e097464ae6eddeec55d267227266fa332897326b1f
05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173
06d62a2b9c28af272fe93e33a1a3fbcec1fdbbd3d8cb53e934ff5896fc6c0049
0810d0e635f12e1297c2f6f3bd6be187d2a7ad8f79e17f5dd16aea281d529709
08e39692840819ae83b8d09032153847a906c71c485648e44ca34db43cbedcfd
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa
0cbbcfca95bcebbe80abb951e011dd0cefe9db438f44013c85ab3b3dfba0069b
0d587f248ea1c0d1c3b3a3fc4d5d5c9b6a46ec99da9389b7bb5c846b5cee0938
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e71f579a75f30206c82ba1728603d650583f110b9e8b91d83318f65514f44b5
11ad33cc8c0b119910f57c337f5aaa7d521ed20c2a0ec3a183d956ad10d6acc2
17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59
186d0a6821fe745ffd646bc6459cd58b564525f1c7183dc156e80250983ccf61
194b61ea7c150cd887afff564f576ac2fd1d96e8d210feb18f43d2d5bdc90f76
1b6b88998539a1da1c2c2c20f6710f021a152d51bac4c20d847ae2b70f2e982e
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1
1e1c4a6fd0266a004c53debeb4eec7002bcfb753fa26f3abbeba97a602cb82ff
1e69a7ebc74fae03088b04bb833ad54daf80f9d22969466d36e3a5dde33e40bb
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9
2a5f6328ce26514370dcdfda78a7e12e1a9fd8d574205b7e27c22ca60f180331
2e6bf86abf81e714770dc292dd4f8f6011b39c26926371f73ca998bad56f611e
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2e89f0751d19ba20497a73a38871501d927e8f9e3e54afca934e80d899da85f9
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34578cbb643e46bf7c804a6f3d09d73b2cb6b5943a19d89a31d5bcf722f66aeb
373faf97f148aa87e3e042d88bc9d6b2334f067ed17be5e4156e37d0458861e4
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38203fde3b708cb87a218241002c32f6dc0eb0736d10f98f649314bbcf3e02fa
389aff115aba28f6bd5a20042a1728d07125a4b8c2d739ca8cf3821cb0c99800
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
425fd7c33a2a4631ece1abff87efa627d44cf42eadf79689510c9d2375bbfe9b
42dc4e01565a25b6ec9af8bb2e591c17cf165052abaa1cdfcc1751addf3390fc
437ea8437de5d3fac7075ea55e1b47430f8dc76ee74aeca127febe0f7105af33
457a6bbd32523a72293e8041d1ba07046b5f2c936c20b63b3e6786545ecfcb7f
4a8fb6fd9cc5b9c9629d9877e2934bcf8ebb01d7a546e3882dc26d0b9d603f8d
4b4608ac8cc4da5e555eeb284d6292438aac8e80b0d6fd9042c313ec5153c1ba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1
4d951b57ea76b7e3fb12bd09ddb3b45f2eb6d63234da787edd7df0928e830807
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ea332cb555764d1ec34555647a4db67cb86f554e028c6923bd0100f571d2945
5fcf16da104a4c57a805b0b7d4f4b86972e5ef555ce33d5c6961f27e3806c491
6248d26097243293144a2c446b330ef62be51f9407430894f8c8ce4218643371
635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d57fb1e6ef031860f2be97c45c3483595ad43dcea544cce26af8eeebd2c224f
7d8cb20b0e5a195687ff0b072588be3ef3d3f6e6f587b13abc5013a28d38078d
7dd7d12d4cc195e05cd72a9623588ecabf14c71d7037558b22cee18309ee35b4
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
820f3f72f3ffa9f84894ba2dd01f6a90048e82124d005169f78f29e3ff5793a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153
86986d6474300ea909176542575649e86e28b033e68b9af6177deef7bb8b91ec
876de18e83e13739b393e42acd0287e6ec5fcc9d7f589a253026a2f9adb2595a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e843d0472f7524f2e50f8aaedf34579dc66adb1a3e2bb76b5fec62fb40d26a1
8e8bcffc1a544adc3948e0dbf31ca6be52ff083f5f68f952b96612922f399a5b
8ed9e0d5afcaed5fe18ebb7d938824c4712703e31d79a3e53c26ea9bae9db9f1
8f89e2bdbeeab401c903a6b307c017a1ffcae8055b912d93788eddfd7a67a3d0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92757c48c846b8f8c1954ccb09a3a4b7e086ca408e4e346cf09c8085dc6ea2f2
9332d5be64d5e995c8782b2c7ecb020424c563edb6846409fead5bacccbf3d51
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306
9abfe2e64f8fe1d51ec458aa9c38886240600d589d8013a1d2e5ff033b45391d
9ff8380e1cd4e31ccf877aff589c0f0ac4dc16f0d3d4476d9001f69f0c42c98c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a25d2674b1e57094f1abce6ba27f63e639fbbf339bb164ed30d107d9d92f71bd
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce6db6cb065eb3ed1a8868cd51ca16e9f4646d90271ed03c95ce0e0013e5381
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
bea1fcc84e0690ef12eebaa114be35c46f92e19022767f32b962788a60b3e1bd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36c35defd7d43c06001ead5fdacefba8baa03194a67da2de6463352715000d2
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c
ca4b0a1491f3835658e0d32322e580be33525720ca169662e855a77b521a6503
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb922ba96736c011c5c8e3bad8312a52b45f3afd24ed8791d050c52ea2b2f407
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
da4dc6c58085216237810d893fc2de38361e5aa720fbf0f3123765108fcc7654
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dd4e0adbc96f35ad5364693737b842784352fba23f784be1f46d348919feada2
dda4fefbe89feab6f6fbe266c46c8c6996cd6a995f15c715bbc42914580509a7
def564fc498bc5147cf79aa16e5a6f93789115cc0f4740b0b089df37fa6ba132
dfe8af3b10655f0863d2428e52f52699ac3f3b7d0fdfd3887cb35efc8242e10c
e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e72ac596eba62521f2d7e2e9182f96ba7409a304a6e3d1f3755613b18aea45b5
e9b0d91e8e65b08938cb76ceefafb488c027824895e531f72260b1c2c89992a8
eb9d969ff4fb88d8db556a6f9d8886e684e29e68dbb7aa4d705f4a0a6f47509a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f18a5d228906cf78085b322bc7a3cb24fd01ec1aedd3fc865c6fdd43dfb0cef7
f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab
f44818015513d7704b241155e4f5317652e92991180d6f2f1aa654bc7f3c506c
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5fdb0e547028256fdb5662c9e84afcf84927ea56148435c521ba356e7b6f0ac
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f9764473ce60098276bdbe04bc4f1972ce8e085bac3bd8466f4ebcb825974c8f
fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a
fe50ae8e0cade09e78b21fd77b1985ea3a282d373c2e61041dd2c612718f9770

pages.upwellness.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

246 Requests

77 %HTTPS

27 %IPv6

80 Domains

124 Subdomains

90 IPs

9 Countries

4932 kBTransfer

9293 kBSize

91 Cookies

0 Outgoing links

Page URL History

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

77 %
HTTPS

27 %
IPv6

80
Domains

124
Subdomains

90
IPs

9
Countries

4932 kB
Transfer

9293 kB
Size

91
Cookies

246 HTTP transactions
1 data transactions