pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r
Effective URL:
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Submission: On May 22 via manual (May 22nd 2023, 1:01:58 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Behaviour Indicators

Summary

This website contacted 82 IPs in 11 countries across 80 domains to perform 224 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.96.162.14 208.96.162.14	22418 (COLOG) (COLOG)
1 1	52.44.9.51 52.44.9.51	14618 (AMAZON-AES) (AMAZON-AES)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
3	18.66.192.31 18.66.192.31	16509 (AMAZON-02) (AMAZON-02)
1 1	23.23.204.175 23.23.204.175	14618 (AMAZON-AES) (AMAZON-AES)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:225... 2600:9000:225b:c200:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
1	2600:9000:237... 2600:9000:237d:8200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	44.210.2.193 44.210.2.193	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:881::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.201.89.139 54.201.89.139	16509 (AMAZON-02) (AMAZON-02)
8	2.16.186.203 2.16.186.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.36.109 108.138.36.109	16509 (AMAZON-02) (AMAZON-02)
26	18.66.188.27 18.66.188.27	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.52 108.138.36.52	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f028:16:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	99.84.90.48 99.84.90.48	16509 (AMAZON-02) (AMAZON-02)
3	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	3.211.233.231 3.211.233.231	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b120:d8f4:c602:cb4c:52b1	14618 (AMAZON-AES) (AMAZON-AES)
1	44.205.34.214 44.205.34.214	14618 (AMAZON-AES) (AMAZON-AES)
1	34.213.130.140 34.213.130.140	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	18.66.192.57 18.66.192.57	16509 (AMAZON-02) (AMAZON-02)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	99.84.88.7 99.84.88.7	16509 (AMAZON-02) (AMAZON-02)
3	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 14	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	44.196.11.222 44.196.11.222	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	54.83.6.65 54.83.6.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 35	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2 4	52.29.241.190 52.29.241.190	16509 (AMAZON-02) (AMAZON-02)
5 5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.70.58.251 3.70.58.251	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
3 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	52.215.85.23 52.215.85.23	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
3 4	34.241.58.170 34.241.58.170	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.29.121.149 52.29.121.149	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2600:1f18:612... 2600:1f18:612b:4200:8644:8d9:b2a6:8733	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.36.211.28 23.36.211.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.128.136.189 108.128.136.189	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	44.232.68.133 44.232.68.133	16509 (AMAZON-02) (AMAZON-02)
2 4	54.217.159.141 54.217.159.141	16509 (AMAZON-02) (AMAZON-02)
1 1	34.237.133.75 34.237.133.75	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.36.125 108.138.36.125	16509 (AMAZON-02) (AMAZON-02)
2	54.229.221.229 54.229.221.229	16509 (AMAZON-02) (AMAZON-02)
1	18.218.84.116 18.218.84.116	16509 (AMAZON-02) (AMAZON-02)
1 1	52.208.135.117 52.208.135.117	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.157.143.185 35.157.143.185	16509 (AMAZON-02) (AMAZON-02)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	23.32.238.115 23.32.238.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	99.84.88.219 99.84.88.219	16509 (AMAZON-02) (AMAZON-02)
1	52.22.156.201 52.22.156.201	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.238.226.189 34.238.226.189	14618 (AMAZON-AES) (AMAZON-AES)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	18.198.160.241 18.198.160.241	16509 (AMAZON-02) (AMAZON-02)
1 1	3.64.163.89 3.64.163.89	16509 (AMAZON-02) (AMAZON-02)
1	54.173.6.96 54.173.6.96	14618 (AMAZON-AES) (AMAZON-AES)
2 2	99.84.88.22 99.84.88.22	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.189.238 45.79.189.238	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1 1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
224	82

1 208.96.162.14 (United States) 1 redirects

ASN22418 (COLOG, US)
PTR: mail6.gophercentral.com

ptv.pulsetv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.9.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-9-51.compute-1.amazonaws.com

ptv.gophercentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-31.muc50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.204.175 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com

upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:c200:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.210.2.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-2-193.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:881::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.89.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-89-139.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.203 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-203.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-109.muc50.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.66.188.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-27.muc50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-52.muc50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f028:16:face:b00c:0:3 (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.90.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-90-48.muc50.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.127 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.233.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-233-231.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:d8f4:c602:cb4c:52b1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.34.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-34-214.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.130.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-130-140.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.192.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-57.muc50.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-7.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:27a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4acf (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.196.11.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-11-222.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.6.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-6-65.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.241.190 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-241-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.84 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.70.58.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-58-251.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.85.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-23.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.241.58.170 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-58-170.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.121.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-121-149.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:8644:8d9:b2a6:8733 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.211.28 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-211-28.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.136.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-136-189.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.232.68.133 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-68-133.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.217.159.141 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-159-141.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.133.75 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-133-75.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-125.muc50.r.cloudfront.net

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.221.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-221-229.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.218.84.116 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-84-116.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.135.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-135-117.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.143.185 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-143-185.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.238.115 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-115.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.219 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-219.muc50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.156.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-156-201.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.226.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-226-189.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.160.241 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-160-241.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.163.89 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-163-89.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.6.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-6-96.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.22 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-22.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.189.238 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: lciapi-ewr-08.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273	25 KB
28	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	593 KB
14	clickcertain.com 9 redirects a.clickcertain.com — Cisco Umbrella Rank: 3271	9 KB
11	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	8 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3487 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837 sslwidget.criteo.com — Cisco Umbrella Rank: 1726 widget.us.criteo.com — Cisco Umbrella Rank: 18228 dis.criteo.com — Cisco Umbrella Rank: 575	29 KB
9	taboola.com 1 redirects cdn.taboola.com — Cisco Umbrella Rank: 899 trc.taboola.com — Cisco Umbrella Rank: 635 trc-events.taboola.com — Cisco Umbrella Rank: 1846 sync-t1.taboola.com — Cisco Umbrella Rank: 1288 sync.taboola.com — Cisco Umbrella Rank: 882	23 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	600 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 715	173 KB
8	upwellness.com 1 redirects pages.upwellness.com upwellness.com — Cisco Umbrella Rank: 823525 live.upwellness.com store.upwellness.com	67 KB
7	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 secure.adnxs.com — Cisco Umbrella Rank: 417	7 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	334 B
6	yahoo.com 3 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272 cms.analytics.yahoo.com — Cisco Umbrella Rank: 991	2 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6080	906 B
6	google.com www.google.com — Cisco Umbrella Rank: 2	906 B
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 109828 io.v2.customerlabs.co — Cisco Umbrella Rank: 136347	198 KB
5	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 22894	121 KB
4	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 520	814 B
4	360yield.com 3 redirects ad.360yield.com — Cisco Umbrella Rank: 644 match.360yield.com — Cisco Umbrella Rank: 2082	2 KB
4	casalemedia.com 3 redirects r.casalemedia.com — Cisco Umbrella Rank: 1339 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	3 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2968 tr.outbrain.com — Cisco Umbrella Rank: 2826 sync.outbrain.com — Cisco Umbrella Rank: 737	8 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 63140 api.useproof.com — Cisco Umbrella Rank: 60516	601 KB
4	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 2570 rp.liadm.com — Cisco Umbrella Rank: 2164 rp4.liadm.com — Cisco Umbrella Rank: 9311 i.liadm.com — Cisco Umbrella Rank: 572	16 KB
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601 usermatch.krxd.net — Cisco Umbrella Rank: 1456	695 B
3	pubmatic.com 2 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 660 image2.pubmatic.com — Cisco Umbrella Rank: 820 image6.pubmatic.com — Cisco Umbrella Rank: 682	1 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	3 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1155 c1.adform.net — Cisco Umbrella Rank: 562	1 KB
3	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 315 token.rubiconproject.com — Cisco Umbrella Rank: 573	913 B
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 765	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 343	13 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	8 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18613	39 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1176	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 436	352 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 155	616 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1337 lm.serving-sys.com — Cisco Umbrella Rank: 2146	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 694	1 KB
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 560	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 2496	1 KB
2	usbrowserspeed.com 1 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 6601	392 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 447	1 KB
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2169 sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 5220	75 B
2	tremorhub.com 1 redirects criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2297 amazon.partners.tremorhub.com — Cisco Umbrella Rank: 4741	681 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 358	279 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592	326 B
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 230557	200 B
2	remarketstats.com 2 redirects a.remarketstats.com — Cisco Umbrella Rank: 44305	1 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 633 script.hotjar.com — Cisco Umbrella Rank: 793	73 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	115 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 57228 business.newsbreak.com — Cisco Umbrella Rank: 16065	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6143 flask.nextdoor.com — Cisco Umbrella Rank: 5889	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 717	20 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 9819	51 KB
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 1893	344 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3372	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1292	324 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	213 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 4849	656 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2563	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 3250	880 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2183	122 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 532	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 493	485 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1806	268 B
1	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 55544	748 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4221	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33513	153 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1306	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2616	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 421	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 827	235 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1927	172 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	362 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 599	800 B
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 87744	720 B
1	gstatic.com www.gstatic.com	390 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 24414	282 B
1	gophercentral.com 1 redirects ptv.gophercentral.com	848 B
1	pulsetv.com 1 redirects ptv.pulsetv.com	107 B
224	80

	Domain	Requested by
35	s.amazon-adsystem.com	1 redirects pages.upwellness.com s.amazon-adsystem.com
26	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
14	a.clickcertain.com	9 redirects pages.upwellness.com a.remarketstats.com a.clickcertain.com tag.trovo-tag.com
9	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
8	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
6	www.facebook.com	pages.upwellness.com
6	www.google.de	pages.upwellness.com
6	www.google.com	pages.upwellness.com
5	cm.g.doubleclick.net	5 redirects
5	io.v2.customerlabs.co	pages.upwellness.com cdn.js.customerlabs.co
5	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	googleads.g.doubleclick.net	www.googletagmanager.com
5	store.upwellness.com	pages.upwellness.com store.upwellness.com
4	match.prod.bidr.io	2 redirects a.clickcertain.com tag.trovo-tag.com
4	ib.adnxs.com	4 redirects
4	x.bidswitch.net	2 redirects a.clickcertain.com
4	trc-events.taboola.com	cdn.taboola.com
3	dpm.demdex.net	2 redirects
3	ups.analytics.yahoo.com	2 redirects
3	secure.adnxs.com	2 redirects
3	ct.pinterest.com	s.pinimg.com pages.upwellness.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
3	builder-assets.unbounce.com	pages.upwellness.com
2	uipglob.semasio.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	match.360yield.com	2 redirects
2	beacon.krxd.net	s.amazon-adsystem.com
2	a.usbrowserspeed.com	1 redirects tag.trovo-tag.com
2	pixel.tapad.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	s.amazon-adsystem.com
2	rtb-csync.smartadserver.com	s.amazon-adsystem.com
2	pixel.rubiconproject.com	1 redirects
2	dis.criteo.com
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	a.remarketstats.com	2 redirects
2	sp.analytics.yahoo.com	pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	sync-amazon.ads.yieldmo.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	dsum-sec.casalemedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	s.thebrighttag.com
1	tag.trovo-tag.com	a.clickcertain.com
1	i.liadm.com	1 redirects
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	match.sharethrough.com
1	contextual.media.net
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	widget.us.criteo.com	pages.upwellness.com
1	sslwidget.criteo.com	1 redirects
1	www.gstatic.com	cdn.useproof.com
1	flask.nextdoor.com	pages.upwellness.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	mug.criteo.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	business.newsbreak.com	static.newsbreak.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	events.ub-analytics.com	pages.upwellness.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	upwellness.com	1 redirects
1	pages.upwellness.com
1	ptv.gophercentral.com	1 redirects
1	ptv.pulsetv.com	1 redirects
224	120

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
store.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
useproof.com GTS CA 1P5	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
proofapi.com GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
trovo-tag.com Amazon RSA 2048 M02	`2023-04-08` - `2024-05-07`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-04-17` - `2023-07-16`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Frame ID: B81B950CC57629E62D03195F50243099
Requests: 133 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: 9458ED79EBDCF89C67A0154B4D0F45DA
Requests: 2 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 030BB1A22ECC1DC56044610718738241
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400&dcc=t
Frame ID: 96AD461E02251F9405EF3C4D6BF0668A
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: BA8C275B8F99FABEBB78141ADDD47CCE
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE
Frame ID: AA01B37E6BD250136390F53A4F869F89
Requests: 5 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30
Frame ID: B11113D208DBB84762442836E6B41D20
Requests: 28 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 71970A0551F3BC8C7BB58B58FCFDE834
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Frame ID: CDEAE60D889C4778B958A00796C1DCA8
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r HTTP 302
https://ptv.gophercentral.com/?a=7689&oc=117&c=24136&p=r HTTP 302
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

224
Requests

76 %
HTTPS

20 %
IPv6

80
Domains

120
Subdomains

82
IPs

11
Countries

3216 kB
Transfer

5985 kB
Size

113
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r HTTP 302
https://ptv.gophercentral.com/?a=7689&oc=117&c=24136&p=r HTTP 302
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://upwellness.com/services/scripts/jquery/jquery.min.js HTTP 301
https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Request Chain 44

https://rp.liadm.com/j?dtstmp=1684760511992&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1684760511992&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEy&n3pc=true

Request Chain 96

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=c4l2OXx2WU1UL0hndDlkelZqMSt1U2xibk91MTNjWC9DdzNEcmpjVTExeXRnNEI5Q1dWMmJGWWQ3bkRIWG1KYXpBTnErQUZ5K0ZsQWI1MFI5YmwwRDhUYWVhaDhCQlM4enRxYWFqVkJyWHhjU1Z6a1BpSGFhazB2eCtXZUswQXRUUU5vV1FUQlhlNXJqWGxyaHdYMElyVEJaQnptNnM3Q0pOc3BTQUFPc1BWM1E1c1ZQQVJreUxlalpIK1Q4WWhLU3JQbHMrU2Z0NGVGSnE0OXVCTWRwdWh6eXVXY24vZUhqZHJyYzkvRUJNcnVVOHVINHl5S2dISGNndXg3YmNYZnV2MVUyM21qano4cFo2eFNPTU90T0ZYRnVWYjRKQ0hKNFExU1hvWm5xYUgyM1J6OD18&cppv=2

Request Chain 123

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-ps09-nat&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

Request Chain 125

https://sslwidget.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSVHA2TEtPd3dMYmo2THRIJTJCOWoxVU1raEJwdyUyRnhkOUpzJTJGQ0h1UWwlMkJqeExtYnZGMzNqZGxNdlNkYzE3ZWlpRFgwZGE0ekpHRjdlUkkyM0IwdzdBQ25KQnFBaVBMWWgxa1FlcjkwVGVVckdkV20lMkJTQyUyQkZ4S1N6cWZBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods&ceid=44c4555c-5733-4e42-ba24-5a1ae1dd2761&dtycbr=74968 HTTP 302
https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSVHA2TEtPd3dMYmo2THRIJTJCOWoxVU1raEJwdyUyRnhkOUpzJTJGQ0h1UWwlMkJqeExtYnZGMzNqZGxNdlNkYzE3ZWlpRFgwZGE0ekpHRjdlUkkyM0IwdzdBQ25KQnFBaVBMWWgxa1FlcjkwVGVVckdkV20lMkJTQyUyQkZ4S1N6cWZBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods&ceid=44c4555c-5733-4e42-ba24-5a1ae1dd2761&dtycbr=74968

Request Chain 139

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400&dcc=t

Request Chain 142

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-NIPbEuYR5upc_XjabR9ISoh1-cD8ffuRu2vgTQ&google_cm&google_hm=ay1OSVBiRXVZUjV1cGNfWGphYlI5SVNvaDEtY0Q4ZmZ1UnUydmdUUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NIPbEuYR5upc_XjabR9ISoh1-cD8ffuRu2vgTQ&google_gid=CAESEHi0sFi8s5dw1LxTwrqo7UY&google_cver=1&google_ula=913071,0

Request Chain 144

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1021795197112065982

Request Chain 145

https://secure.adnxs.com/setuid?entity=52&code=k-i2tHDuYR5upc_XjabR9ISoh1-cBHs55HaItTMg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-i2tHDuYR5upc_XjabR9ISoh1-cBHs55HaItTMg

Request Chain 156

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LqvRROYR5upc_XjabR9ISoh1-cD04Gya9T8wcg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LqvRROYR5upc_XjabR9ISoh1-cD04Gya9T8wcg&C=1

Request Chain 157

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=tNQSbVhee4op2uziHc-aEQnReph8vvSy HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tNQSbVhee4op2uziHc-aEQnReph8vvSy

Request Chain 159

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Sqv59-YR5upc_XjabR9ISoh1-cAahR6EE6mFhg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Sqv59-YR5upc_XjabR9ISoh1-cAahR6EE6mFhg

Request Chain 168

https://a.clickcertain.com/px/ta/?ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=8dfcbc6b-aad1-4bbb-a533-c8e0b1ad8d21

Request Chain 169

https://a.usbrowserspeed.com/cs?puid=c968a9dc-3a24-5e6c-aef6-0e8a48740844&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=184f8303-2af4-4dae-9ade-1296896b639f&hem=

Request Chain 170

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 171

https://a.clickcertain.com/px/r/?ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=a3eb99da-9176-49c2-92a3-f7d2f552de73&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253da3eb99da%25252d9176%25252d49c2%25252d92a3%25252df7d2f552de73%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253da3eb99da%25252d9176%25252d49c2%25252d92a3%25252df7d2f552de73%252526anx_uId%25253d%252524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3da3eb99da%2d9176%2d49c2%2d92a3%2df7d2f552de73%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Da3eb99da%2D9176%2D49c2%2D92a3%2Df7d2f552de73%26anx_uId%3D%24UID&google_gid=CAESEGB8CfaW1vqps6CdJ0lcPG4&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&anx_uId=6083881388625202988 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&expires=5&user_group=0

Request Chain 173

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=d362ae64-f8a0-11ed-84e1-7f972b0add05 HTTP 302
https://a.clickcertain.com/px/smart/a/?partner_id=193f0456&c=24d1add2443e239&type=img&partner_rid=d362ae64-f8a0-11ed-84e1-7f972b0add05 HTTP 302
https://a.clickcertain.com/px/img/?c=24d1add2443e239 HTTP 302
https://a.clickcertain.com/px/img/g/?start_cm=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1 HTTP 302
https://a.clickcertain.com/px/img/g/?google_gid=CAESEGB8CfaW1vqps6CdJ0lcPG4&google_cver=1

Request Chain 175

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 176

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aHoaJX15ThKVd3BsrOEgPw1_JYlpX93O

Request Chain 177

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2VSpnVVSikSq77QBi-PMJnalDK7mHceZ

Request Chain 179

https://ib.adnxs.com/setuid/a9?entity=188&code=AgHi4SwSRTmmrY2FcyFsnw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AgHi4SwSRTmmrY2FcyFsnw

Request Chain 180

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=94iv0Pe7TAKqrwmMgt873w&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8

Request Chain 182

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219833204524002884799&ex=neustar.biz

Request Chain 183

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=klnpSBEIS5Cem-sxyuUAwQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZGtnwoE2vqabVSvPA-y3XgAA

Request Chain 184

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=af29320cae961ef82abfb176a541ceda

Request Chain 185

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 186

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=qRSE61GBTHm1FBCePwDDow HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qRSE61GBTHm1FBCePwDDow

Request Chain 187

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=da8ef457-8d6a-41bd-8e67-ea268b06d759

Request Chain 188

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5f4541b55a6c4bc3b7e149cac1654303

Request Chain 190

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-rw1mEAdE2pFLzEZYytIVqg2OoBPK1SPHYwq5~A&status=OK&ex=gemini

Request Chain 191

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1351a34baa0f11d19dc37e82c908adf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 192

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 194

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8&ex=improvedigital.com

Request Chain 196

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=113e1cf3e97a60dd5

Request Chain 197

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wL0TYmfrQnurH1KmrO0Vxw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wL0TYmfrQnurH1KmrO0Vxw

Request Chain 198

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=pteafDHnRPu7F8iKDNnvXg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f4a139ed3ae082bd85794d17d663ff6b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pteafDHnRPu7F8iKDNnvXg

Request Chain 199

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=Cf5xrP35TzOJyNDxxXr4SQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=79485406079538474672057154076461858400

Request Chain 201

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3103995976935618337

Request Chain 202

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d41048be-f8a0-11ed-8554-162d46060206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d410487a-f8a0-11ed-8554-162d46060206

Request Chain 203

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2245a86fb8-b784-4f00-bf2f-2304e8cdb577%22,%22Time%22:%2220230522T130155.483272%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=45a86fb8-b784-4f00-bf2f-2304e8cdb577

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECBGxVbPyZ1Vcg1_KAwRoAk&google_cver=1

Request Chain 206

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1d183b5b208a34706f079d69fee9674d

Request Chain 208

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LTlQ8tEC9N7rB2j7epnZazc4dNQ4ZgIC

Request Chain 210

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=422A9E2EF7D69D38

Request Chain 211

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6083881388625202988&ex=appnexus.com

Request Chain 212

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=_bbODCLOQE6xduLxydTAYA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=_bbODCLOQE6xduLxydTAYA

Request Chain 213

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=ou6DbVDJ3VCWEvZQXkyG88WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Yu0S68SWQHCDRyj8uAbAwg& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 216

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EEBD4F2DC3676B64922AEF8C02CB7FEE

Request Chain 217

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5c3ed86b94a4a6db159ab77f3770379994896201bdaf2ac8791428efe85fb654

Request Chain 219

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6C199E78-2C3F-4E95-99CC-8795CF9EF7A7

Request Chain 221

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=babffd27-f09b-463b-bfc4-98fb953141bd-tuctb64ed43

224 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/uc-grplus-ps09-nat/
Redirect Chain

https://ptv.pulsetv.com/?a=7689&oc=117&c=24136&p=r
https://ptv.gophercentral.com/?a=7689&oc=117&c=24136&p=r
https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

200 KB
32 KB

104ms
24ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e87d63589794650c1cbbfb8bf615d4d8a85d349858f49bddb7694fdce1a9cf90

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 32178
content-location: https://pages.upwellness.com/uc-grplus-ps09-nat/
content-type: text/html; charset=utf-8
date: Mon, 22 May 2023 13:01:50 GMT
etag: "z:1e9cb09de4064d7c92e4d48c3af76d48"
link: <https://pages.upwellness.com/uc-grplus-ps09-nat/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: ce8e0f3a-9c23-49fc-a8e9-a0c2b288709f
x-unbounce-variant: z
x-unbounce-visitorid: 1e9cb09d-e406-4d7c-92e4-d48c3af76d48

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 203
Content-Type: text/html; charset=utf-8
Date: Mon, 22 May 2023 13:01:50 GMT
Location: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 80ms
23ms Stylesheet
text/css 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:52:08 GMT
content-encoding: gzip
via: 1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-version-id: Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop: MUC50-P1
age: 5555383
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Mon, 13 Mar 2023 16:18:47 GMT
server: AmazonS3
etag: "15295835030f315ea1ec0147abd5ea63"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vwS-47wnqxJXiinTJZfaAOLGheUk-KeU8YUj8nCit-sIR_mhDzS3wA==

GET
H2

200

jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/
Redirect Chain

https://upwellness.com/services/scripts/jquery/jquery.min.js
https://live.upwellness.com/services/scripts/jquery/jquery.min.js

87 KB
31 KB

455ms
216ms

Script
application/javascript

3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

Redirect headers

expires: Mon, 22 May 2023 13:31:28 GMT
x-gateway-request-id: 6fccb0f7868ff8c08879c8ea6e8df76d
date: Mon, 22 May 2023 13:01:51 GMT
server: Pagely-ARES/1.10.28
x-redirect-by: redirection
x-gateway-skip-cache: 0
content-type: text/html; charset=UTF-8
location: https://live.upwellness.com/services/scripts/jquery/jquery.min.js
x-gateway-cache-key: 0||https|upwellness.com|||/services/scripts/jquery/jquery.min.js
cache-control: max-age=3600
content-length: 0
x-gateway-cache-status: HIT

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 79ms
24ms Script
application/javascript 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 01:45:55 GMT
content-encoding: gzip
via: 1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-version-id: go6NP.GLZbPC.C716LHmcB2f5hVernjS
x-amz-cf-pop: MUC50-P1
age: 5051756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Mon, 13 Mar 2023 16:18:43 GMT
server: AmazonS3
etag: "047e85385e0a5e3eab26ac2f0f013f96"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: awfrDjUA-670kX5JfoCa2rhv-_utCWd68JbrE4qyH-Mdj5RxFSHd5g==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 100ms
23ms Script
application/javascript 2600:9000:225b:c200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:41:41 GMT
content-encoding: gzip
via: 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10768811
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: 3IS9Lp6flEJNV696T7GIIX0A83fxYnVp2_oLhod1FqyUu_mGnQMLHA==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 74ms
19ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5f20eeec677f55abac0e47b1a6e7489cacf565a9af247cbd4d74366cb9c71509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: WAW51-P3
age: 3330
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: FUsdjELgDoEF28A=

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 123ms
54ms Script
application/javascript 2600:9000:237d:8200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:8200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:43:04 GMT
content-encoding: gzip
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 22727
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: GMcNQad_wt1US7sKeXv4KXAtBLq_mor7rNn10BV0_c6Uavdl33vIqw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 78ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98bd02585c933947aed60aefb30358d1347181011f3a60e80d512c2c20c95672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53402
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d9a581d226e76e97ab1921385505d131765201a51e986fd5da52410149f6b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70208
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
77 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05e7bdb0d4097ec520d00474e03a95190f707a4b1c4c0422c842ff54c3605db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78557
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
15 KB 152ms
68ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

21426b8b0badcd043a67deb91f069fe369e6657156266422357fd549b18fc676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 42ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44c8b7aa666ee9360593e95e71c09ee30da9429d7e2d0b21d3e270bd03c88a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71088
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
808 B 399ms
129ms Script
text/javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateId Show response
store.upwellness.com/cgi-bin/ 80 B
537 B 393ms
123ms Script
application/x-javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateId?merchantId=UPWEL

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8f187cec7d401ebbadadcb77e1a42df64e60a776bbe66aa6c8214a40ef988b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
content-length: 66
vary: Accept-Encoding
content-type: application/x-javascript

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 128ms
124ms Script
text/javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?merchantId=UPWEL&ThemeCode=SF680

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 851

GET
H2 200 main.bundle-85a7477.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 30ms
26ms Script
application/javascript 18.66.192.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-31.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:57:31 GMT
content-encoding: gzip
via: 1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-version-id: TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop: MUC50-P1
age: 5727861
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33747
last-modified: Mon, 27 Feb 2023 19:12:56 GMT
server: AmazonS3
etag: "b4081a636463cc60b1faf49e579e8cb9"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ipdxtQvegUuq3kEsaYeUSvXtZtxMphz9a0xTCXpGR3Q8Hk7meSZGlw==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 88ms
30ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JH38V7PHJ01DHFMZ
age: 28786497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: 8ZbGHTyisR9iPiIRyhOQcOGO9yGz+LJIaPlpSTGJz0TXPrfvxBI/RTfX5rUUKSNvEn0zwj4PoYA=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDQn%2FihygX%2FIBLwdc7COEZvYwefYwwgr4I7in9Zljfy8DP2S2G%2FHE6mO7TD4HZUpIA%2FURVKc6V1OflbC%2FnoTqJuKpWz%2BPudsQBiupTxZK2AO5UVGt%2F5FiDlbHNsqid6Y1n72g%2BmSjQrG8JB1c3eL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7cb5400ebce3bbbf-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 182ms
45ms Script
application/javascript 2a02:26f0:3500:881::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:881::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a62387c9826311dd23b686c73af32a3922cbbb087222698947a74301414b87ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "a04e1291e6ed2967f1c0f633fddfe433"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1444

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 106ms
38ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:59:44 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QZJXGV2846CJNN46
age: 128
x-amz-server-side-encryption: AES256
x-amz-id-2: p7Iqq0fK3kI++OkO5RZs3dvpMOH1jd/4N1sm9UoxYm9hhaya7a6k1ylxJtYDXq1sZ1fA6kp5ZiwmYnEPRkRzFcrc1QS1iB4Ssq2F662o4hE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 175ms
123ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 776d687f7c6169f8c44bc73bdfd92eedb28f1e138c1acde42e014b1c84808813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 5dm6oX.sa5TlaM8LyRhlaYusuYHTsapd
content-encoding: gzip
via: 1.1 varnish
date: Mon, 22 May 2023 13:01:51 GMT
x-amz-request-id: KSZTT23XK6CJM8RV
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18353
x-amz-id-2: zqGSs5GBdT0wyE3FkPzyziwCAmubJkzCO9gChvYTFjB5ViG7VeOVEvwCaIjR5z+wWM5akhlsC/A=
x-served-by: cache-fra-eddf8230102-FRA
last-modified: Sun, 21 May 2023 11:11:28 GMT
server: AmazonS3
x-timer: S1684760512.794042,VS0,VE104
etag: "c726b616d36831dee71c2a7cf9bd0d55"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 72ms
21ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:01:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2023 06:28:15 GMT
Server: AkamaiNetStorage
ETag: "5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6835
Expires: Mon, 22 May 2023 13:21:51 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 594ms
194ms Script
application/javascript 54.201.89.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.89.139 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-89-139.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Thu, 18 May 2023 23:46:10 GMT
server: istio-envoy
etag: W/"6466b8c2-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 170ms
118ms Script
application/javascript 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d511a1ab0d41427064db7e25a686cc9a5bca3c2f531bb00565e5df6c72076a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 357ed81e.1830d39d
date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 92,2.16.186.199
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=11, inner; dur=3
content-length: 1368
pragma: no-cache
server: nginx
x-tt-logid: 20230522130151446C17E909F851E7CEC4
x-cache-remote: TCP_MISS from a23-59-251-92.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.59.251.92
x-tt-trace-host: 01c1f40e11d1e4d312c68ac37c2150a3a6674e99c391cc859e3248b46fcbd05686dbfd975b51a6d2ffed57b5632e0de6c213e2fb0598542050f729b64f1f54622df0584f8eb3a9ed5f67645f5643c33a5a08d2bed24f0bf81c392ca1ce0e00e75c7adbab672322f7728c7a760faa0367d8
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 123ms
23ms Script
application/javascript 108.138.36.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1684800000000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-109.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
date: Mon, 22 May 2023 03:42:56 GMT
x-amz-cf-pop: MUC50-P2
age: 33678
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: hMoSmNI8VoToapHi-5XrVgC6Na0T0S9TuNEOKlE-PwezgwahN2Pbjg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
66 KB 45ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ae37732893de64fd0b85a1d9f55591d69851c7673ef499fba140fd79e786804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67226
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 172ms
121ms Script
application/javascript 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fdd3501d8e2909b9fe5e627322bcb9fdd3732ac8fa9238504edb40caae959e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1830d39e
date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=3, origin; dur=95
content-length: 1482
pragma: no-cache
server: nginx
x-tt-logid: 20230522130151CD29F566427EBF97C800
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,2.16.186.199
x-tt-trace-host: 01c1f40e11d1e4d312c68ac37c2150a3a6304194e016c5462227d790f80329e37a23f2f5832a8979691bd9b09631a7b1ec8bdfd801ff132fa1e8595800a1c315efde679888837d4c35bf41a1f9deb4a54f4848f0d633dd504b6aba056ead68792e
expires: Mon, 22 May 2023 13:01:51 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 18v50ek-optio-gplay-pattern_100000005801v000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 1 KB
2 KB 87ms
24ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/18v50ek-optio-gplay-pattern_100000005801v000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0edc1b0d3583e816fa8ff3d7337d0775fcbf0a4ddc15e9f88392d304a9a7a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:52:14 GMT
x-amz-version-id: Ha.m86npKl8d1f05I_v6DN.spiJslxWK
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 11380178
etag: "8ad184737d5deb05b414931744e2530e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1384
x-amz-cf-id: ciuDckZOoHtU1lvMzfaY2RQ3KFHk9vEtkBv5K7PR6R5g-G5T3wIUGQ==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 34ms
33ms Script
application/javascript 2600:9000:225b:c200:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c200:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 04:44:19 GMT
content-encoding: gzip
via: 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 5213853
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: BsjGETaIMzotc_1P7vjIAvuxJ0lBk1cJrIZPvSCug3gsvt4ZPDH_ww==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 89ms
26ms Script
application/javascript 108.138.36.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-52.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 844695
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: pnGAa0X3YXwrdr7nUOJ_AKIhgb2vO5KnP7ZWhWXFz4wXiGZzAOjNrQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 135ms
46ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 May 2023 13:01:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jAV8z2Hx94oEWYWCD3X8BT/B70asIL/agDBcefZ4RfYbjLVW3JJlMINitqhGx3EkDv6kKIzj+kWhPKR+cEinkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 236 B
1 KB 166ms
165ms Script
text/javascript 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-ps09-nat/%3FAFFID%3D255445%26subid%3Dpenn23056foods

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-2-193.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ad188b2654a7b82066607adf93759a8e570a8cd6f39ddd89405c52f58379d384

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 157

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
1 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1684760511801&cv=11&fst=1684760511801&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&hn=www.googleadservices.com&frm=0&auid=171654247.1684760512&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ced42deaa7f931079b03007196367459bc2742a5dac1e05812420b68febc4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1228
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d618e0ae7efd3f86ca3741b2ff37cc1fc18e17645ec5d2e8fad9c20f97ca2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70158
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
77 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45e32eb60889e66f20120a8b7dd24c887ce6616da536cd3226c27ab346fa30ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78637
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
69 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6af5e8772f512023cc16d0dd7f37f441f734a433eaf0b7383c8e88f6f32ce4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71121
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
2 KB 53ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1684760511846&cv=11&fst=1684760511846&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&hn=www.googleadservices.com&frm=0&auid=171654247.1684760512&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4356a5904fcb80496b500ec2658390be6482ac48f4f9839aea08cbcbed9feaa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
1 KB 53ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1684760511875&cv=11&fst=1684760511875&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&hn=www.googleadservices.com&frm=0&auid=171654247.1684760512&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2c7729b889260e0f1bc3095dfa2c352b95664f5ca2c055e2980416634f57f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1228
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1684760511909&cv=11&fst=1684760511909&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&hn=www.googleadservices.com&frm=0&auid=171654247.1684760512&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3753285b4ca246073061a5b1cbd38b1f943fad55e266e9e9ec97a9580e33c1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1227
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 181ms
18ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 11:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 7012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 22 May 2023 13:05:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb20d261b2d7d58647d01eee7c5ddec59c8274b5c981ef1935c2bbfd633cf6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53406
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 May 2023 13:01:51 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 196 KB
197 KB 217ms
53ms Script
binary/octet-stream 99.84.90.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.90.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-48.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: q7mG7hlker5FRiUNkg8qVdDD2fjHsOUI
date: Mon, 22 May 2023 13:01:36 GMT
via: 1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 16
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 201018
last-modified: Mon, 20 Feb 2023 17:59:47 GMT
server: AmazonS3
etag: "cef37c380b37f6c7fbe85e3594e7f2d8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: 7BY7h5X2jqj4QFuD0Izx26TYuN4mBZAa1Ym_Xn6GW8kZkast2OlpcQ==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 400ms
100ms Script
application/javascript 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:01:52 GMT
X-TraceId: 7dcb6616b09b25b1550fa56baa2b9efa
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 400ms
100ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08302913383707093&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:01:52 GMT
Cache-Control: no-cache
X-TraceId: a711ef15c321d5a957f090484a39793e
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 343ms
113ms Image
image/gif 3.211.233.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1684760511975&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=0bc899f8-4ddb-4f1b-ac2c-2ab72eec2794&dtm=1684760511974&vp=1600x1200&ds=1600x14826&vid=1&sid=28868936-8e04-4198-afc9-06665a774ac9&duid=cce7459a-9cec-430c-b5b6-d335239dd863&uid=1e9cb09d-e406-4d7c-92e4-d48c3af76d48&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U4ZTBmM2EtOWMyMy00OWZjLWE4ZTktYTBjMmIyODg3MDlmIiwidmFyaWFudElkIjoieiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.233.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-233-231.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1684760511992&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445...
https://rp4.liadm.com/j?dtstmp=1684760511992&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D25544...

13 B
552 B

523ms
110ms

XHR
application/json

44.205.34.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1684760511992&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEy&n3pc=true

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Server

44.205.34.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-205-34-214.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
x-pixel-event-id: 2e188534-86c8-4bb4-a19c-3a640f2764b9
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 0decd453ea740618
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 22 May 2023 13:01:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1684760511992&aid=a-057g&se=e30&duid=f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEy&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: a1c9fc7d7d3d3c46
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
693 B 84ms
32ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:19:53 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1Y0Q5ME7P7DV8QAP
age: 2520
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: kG56mrLey+2T6Qg8alGvaymF46xBcL+bowHUXHQD7kgN4Wuls0jt3gyHFblk8f1mRs21wt7fufW7IyIY88JfloJac4BGZ8rC
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
363 B 85ms
33ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 12:19:53 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1Y0S4D7QJ0M6HKB6
age: 2520
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: 5D+MlGmnSOPuav5MY9zsM48nVAqMY6RdhZEoM5n3yT0rvxwyEfBpCQVGffNq+C8iz9+gvDa6/3UFTGGiw/3vok0T/b3c7bGI
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 976ms
196ms Ping
application/json 34.213.130.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1653816081217609730&uid=1-lvop3a95-lhyuwqv9&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&rl=&ts=1684760511733&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20113&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1684800000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.130.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-130-140.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 main.MWI2MzlmMWJmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 242 KB
67 KB 21ms
21ms Script
application/javascript 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1830d4ed
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131161C3886B72422018C2A9E
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c0cefb5bed0bc8784b69cc4cea9baffd8c904f6cca2e68fb4489e48085b46c80b28aeaedea66fd569e3f1e21fbe004b188de7de5009c34fe58a513d8d7d81b316d1411f3221065a16eaec5dc08486bfcf664b5e8927c91eb7bb74b9bc7dcdef2
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 67586

GET
H2 200 main.MWI2MzlmMWJmMw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 263 KB
69 KB 38ms
38ms Script
application/javascript 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 365bc498abb21b256de98382645b715d89e2947391f733393a61a7c7861fb69a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1830d4f3
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023050811345465FBF15518FDBE90955D
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010c8c7eef6b9c22472ed9ce41233509556373e8466dd5eb93c211de914ed854388da69154ae4858768c827505693a7d052c3e7dff00ac0be1d8fa3e0d196bf3034ed9ac1323e1bf59660070626a7497d52fb26b96fc6c145a246387b2da8c2da3
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 70386

GET
H2 200 main.b68cecd9.js Show response
s.pinimg.com/ct/lib/ 62 KB
18 KB 45ms
45ms Script
application/javascript 2a02:26f0:3500:881::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:881::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a603139b3b85a956beb096a23eb80bad0a19c119df91b618122779fe16bbff91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "c7f9533bd6b4e2008590df3f4d1a5fbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17974

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 2 KB
2 KB 43ms
36ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1684760512025&data=%7B%22id%22%3A80%2C%22ii%22%3A%22%2Fuc-grplus-ps09-nat%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1684760512020%2C%22cv%22%3A%2220230520-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1684760512024%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d8a8313bd8e15fc65e3f035321fdf32654cf33d59fcfc584d4a35091ecfdc6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230102-FRA
server: nginx
x-timer: S1684760512.040358,VS0,VE18
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
455 B 121ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1684760511846&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=956255860&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
455 B 111ms
34ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1684760511846&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=956255860&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
108 B 87ms
33ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1684760511801&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3499400180&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
108 B 31ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1684760511801&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3499400180&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 10 KB
4 KB 68ms
22ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

2a601c6b748d06f6cab3c94fad23dab0ebf31329185b8dc75972d45facad0bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 May 2023 13:00:59 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 53
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c7ba80d01b752027c63fd08604302ae2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 2RltcwI9wV391WtBH40NrW7PqMjaNfDImNATqqaO5MuyWfmJ2OI2rQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 101ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 May 2023 13:01:51 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB55CB5297AD4432872AF1FD27B6D665 Ref B: FRA31EDGE0805 Ref C: 2023-05-22T13:01:52Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9458 15 KB
6 KB 143ms
47ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 13:01:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 456388
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
BLOB 200
OK ae196b5a-062c-44bf-a861-8a754a208fcb
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/ae196b5a-062c-44bf-a861-8a754a208fcb
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 12 KB
1 KB 421ms
361ms Stylesheet
text/css 18.66.192.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-57.muc50.r.cloudfront.net

Software

Resource Hash

0f367e5fe45efe7405ca02cfe8e804e76bdbd239331d2b998a7a868756acfe02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-amzn-requestid: cf309ab1-64f5-4661-9816-2d644dd9de1c
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: FU0mHGmgIAMF6YQ=
content-length: 884
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-646b67c0-0a6712684c1ee9a07970b604
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: e9ZOZk4gu8AGjxNEAnGXmXbV_Hjl4B0ExdVaPOeiCv5z5obcB3uizQ==

GET
H2 200 91f3bcfa-fotolia-224610458-subscription-monthly-m-1_108k05w00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 7 KB
7 KB 28ms
25ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/91f3bcfa-fotolia-224610458-subscription-monthly-m-1_108k05w00000000000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69170ba89d801c5fd5fb33705c5060fc6b8fb78773b4986cecffd8d170ec98e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 02:21:52 GMT
x-amz-version-id: 9dmgwU8o6WHLATfy6N7XWezxUAaA27pR
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2284800
etag: "45ff67f99b8645a206ddf5806a48530b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 6785
x-amz-cf-id: 6gj2J_ZvQSaTWPuzxjcKG45qAiBy0_66QE-lO_ytd0gg_HJNDgGV5A==

GET
H2 200 0c59db70-turmeric-bombs-for-inflammation-3_10ck0760au07500000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 15 KB
15 KB 30ms
26ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/0c59db70-turmeric-bombs-for-inflammation-3_10ck0760au07500000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91f29bea5b43a0dfe1c5e79aa0ebb5b29185ee673903e5064425bcee4d3fd443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 11:36:18 GMT
x-amz-version-id: GB1xWP9fOepGCvwKTQGhjdcUQ8O2TKTU
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2337934
etag: "8e87ab8a3ffe7eafadfaa0422a83f979"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 14982
x-amz-cf-id: m95MzYQTUKlG9j_8TqPt_E2O1_daYk2SvbBpU0c0ndify_JaI-B1uA==

GET
H2 200 5cee5b1b-turmeric-bombs-for-inflammation-4_10du07v0ag07401s00001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 16 KB
17 KB 47ms
44ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/5cee5b1b-turmeric-bombs-for-inflammation-4_10du07v0ag07401s00001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dac8a8622ac059ca232804102f2ce04c438ad92f8f0d514fe226fee01dcec2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 05:11:53 GMT
x-amz-version-id: EUnMZDq9xR9d8RtReZXPO7N2iYyZzt0U
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10482599
etag: "0bb2486d775da39f670e4cc2026ffd39"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 16510
x-amz-cf-id: AD3p9TqpKzY_U7RH_gfMZpXD--yU6FFs52Wm9J-hsCJnTeHDQCZMRQ==

GET
H2 200 342479cf-turmeric-bombs-for-inflammation-5_10hy0a60av06n04f02701o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 13 KB
13 KB 51ms
47ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/342479cf-turmeric-bombs-for-inflammation-5_10hy0a60av06n04f02701o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 913da565b9955bdc2f199388ba94797a66f2226c510738419d2d3073eda6c56c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:36:15 GMT
x-amz-version-id: kMKowguTWDDGEQWHqV44.8p27zt702fv
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2766338
etag: "525a45e51d21b19d26824519d9f78629"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 13100
x-amz-cf-id: yZkUMt27-wMQCrTX6OEsvbQ-buD2A1fmrcFxa-TeL8ZB-jP_F3zgvA==

GET
H2 200 2639beae-fotolia-181521432-subscription-monthly-m-1_109o06g08k06g00c00001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 5 KB
5 KB 48ms
45ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/2639beae-fotolia-181521432-subscription-monthly-m-1_109o06g08k06g00c00001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc41e44715b29eade3653057f6ab83c86e04ff10e7ef848238858df7c5b39cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:56:14 GMT
x-amz-version-id: zkh91XRD.0jUn.emdiHvvGx3Wdshok1H
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 11084738
etag: "4efbd038b4c82407b0e63eab024b3960"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4781
x-amz-cf-id: BRM49W38ulEZEQKLUWf769v2Ckfc_YB75LxysESaf7H5rgMfoJEGQw==

GET
H2 200 5ba00849-whiteupwellnesslogo_103r01j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 2 KB
2 KB 31ms
27ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/5ba00849-whiteupwellnesslogo_103r01j000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e63176bb96e5f6e117ae553f3a86ee7190458c7e517f3f8a39e4f053c2705689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 01:13:35 GMT
x-amz-version-id: sb2BFtGOjmcKqZ4Ipo5KKoqzomxdB.P2
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 15:10:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 3066498
etag: "281394ac6865b4998b5e00430a64563c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1863
x-amz-cf-id: EXRymoD6UMonVd2D1eKSULV1Hrs4rmwT5Gtm1rzg0r5-h4dB0cgz5w==

GET
H2 200 a442cfb9-adobestock-248731696-1_10mb0ev0mb0c700002o01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 42 KB
42 KB 56ms
53ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/a442cfb9-adobestock-248731696-1_10mb0ev0mb0c700002o01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32fc2e72b47d8a300fa8eb5408697ec2f90c6f7d330644e3abef0ff9de96e849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 03:15:28 GMT
x-amz-version-id: KQvlRs5TT_1S45q3.uj1WbauuUjHcl2s
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 14:28:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 3836785
etag: "5d1ba9cf7cf7aaad187bf0a42c8a82be"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 42710
x-amz-cf-id: P6L349Xlm5HAP8XhCoWAB3NaSSvfOPc1jBOfWaXlria0Z33mnmRC0Q==

GET
H2 200 941b223d-https-app-unbounce-com-publish-assets-cd5d0481-b443-459b-a30a-be383ab58e5a-20b7305e-triangle-0n40qk000000000000001_100p00t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 299 B
693 B 52ms
48ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/941b223d-https-app-unbounce-com-publish-assets-cd5d0481-b443-459b-a30a-be383ab58e5a-20b7305e-triangle-0n40qk000000000000001_100p00t000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f79f390cafd7bd238b274f05977bf5935c168e37c5501a1388f75bf72f757eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 21:45:31 GMT
x-amz-version-id: z9iI4j.EbMynNRjd0LiE1ymViS2x4QB4
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10941382
etag: "8d53957c8f746651783aa8b6a7be85e7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 299
x-amz-cf-id: XWAVWDQTGUISDJ7sUgDS4SHNjqqbWw7_qz_j8NzNHjNvnr8Kv7-ldw==

GET
H2 200 6140c901-lr-wh-officephotos-41-1_10920dk04s04s03701x01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 5 KB
5 KB 52ms
49ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/6140c901-lr-wh-officephotos-41-1_10920dk04s04s03701x01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4f5dc653c50337b2771b4aa4409ace646dddffb80485f9eb69d5bfe1d51e035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:36:16 GMT
x-amz-version-id: zoymY6xdXT20D3qTehmNwynmcObCszij
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2766337
etag: "6f576af297b0fb3c290d4abeabe522bd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 5042
x-amz-cf-id: u8NGtOGfyCRa6KHwIcHtJ5_-KcstWgvAuxnLu06f9Xe2e9nNG5RrKA==

GET
H2 200 642fcdd3-root-featured_10n00c500000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 27 KB
27 KB 75ms
72ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/642fcdd3-root-featured_10n00c500000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a39a58a4003924afe156a6c95e3ada700fb690494e9c5102324505093411577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 05:07:18 GMT
x-amz-version-id: aWr_5uTxSEuS0pzssQww8C5MuJvzaoo5
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 13:46:26 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 4521274
etag: "61a1d5409ef32b9ab65657ebbc03fd09"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 27271
x-amz-cf-id: f0R5oHX1dfqGCIFXM-m_u7kE-0xIAVZ35FDoQpfCa08C5822UfSChA==

GET
H2 200 86ba562c-check-1_100r00z000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 502 B
894 B 76ms
73ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/86ba562c-check-1_100r00z000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75acd02f58ac9ece5d30075664b789ddc392d72e8b2ec8d3bb38e446a3142031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 21:45:31 GMT
x-amz-version-id: 16ga1mWQL9tQ33dMieoeyQNHKGU6__mq
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10941382
etag: "e9cff8159839d280eba0685354f8c6cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 502
x-amz-cf-id: iCFVc3n4qJyOH_-ZQWGI7H3lEfFIkHsZ6LgpPhMi1a4T9GN4vFGvOw==

GET
H2 200 d2f4dbc0-adobestock-295602074-1_10k50bc00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 51 KB
52 KB 80ms
77ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/d2f4dbc0-adobestock-295602074-1_10k50bc00000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6995a036a583b6404c78610fe86cddfe3b66d1b25292ff5cb1817077cd44d53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 21:19:04 GMT
x-amz-version-id: 0DJiRB4k7aGvZ6y1OiWjgDfEq6LKz5Tm
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 14:28:03 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 3771769
etag: "d5f9f531ee6a40591b8e24dc6c262fd7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 52268
x-amz-cf-id: btyQVUfaSfcP9ksZXAMaCGiR9p2JfZR0aC_p86v_R9a0dYeBcPHJgg==

GET
H2 200 8ec7f92f-numbers-orange_106m03b01b016000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 724 B
1 KB 84ms
81ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8ec7f92f-numbers-orange_106m03b01b016000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db03ddc46040d664c0531d8bc6d2cd0c7fce100b5975a95f8832f8364674f82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 16:04:26 GMT
x-amz-version-id: 3wOyvcrhiAOMp8CZc.4xh1cVAcSuHnKl
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10875447
etag: "cb08c98024b99ba99a24a3f9e38e3983"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 724
x-amz-cf-id: GZyE8F2m0urcSSGVuXppKgi7kTSVhRAM0DbdXRboX-PGBQvkPB960A==

GET
H2 200 8ec7f92f-numbers-orange_106m03b01b01601a000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 687 B
1 KB 85ms
82ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8ec7f92f-numbers-orange_106m03b01b01601a000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df9870582e5a92eed652d1815e328b48a9f5a44c00e5a513d11b031d4f015e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 06:22:25 GMT
x-amz-version-id: .YJ92IFN0Pse4z9p_SRGVCYteQtlllWP
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10391968
etag: "379a8f48390d4f7761ac8b686eb0287b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 687
x-amz-cf-id: 2uZuiHms29aSTRcsmo3-19dESwGQFxau4f_IMAwC6nAC-h_DABK-bQ==

GET
H2 200 8ec7f92f-numbers-orange_106m03b01b01702o000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 792 B
1 KB 85ms
82ms Image
image/png 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8ec7f92f-numbers-orange_106m03b01b01702o000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2f3c8ed4c196a53974d846d262966b179f23137e92679d5fd5ea015b675cfb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 21:45:33 GMT
x-amz-version-id: PsCivjoQtCcNZvI9qWO5oI_4zGQJDgym
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10941380
etag: "cf46b322f66af467ee44d39e77dd97ea"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 792
x-amz-cf-id: sqQz1Q0_T3ahb3-H1Jc80YbrxlYs-VAL9xx8rBhapBkDiwbk3uURQA==

GET
H2 200 ae037011-lr-adobestock-313477569-1_10m20ep0ln0bx00000401o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 18 KB
19 KB 86ms
84ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ae037011-lr-adobestock-313477569-1_10m20ep0ln0bx00000401o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f809211eab38c5a90ec5a3b203bdda302b8b762745ad3769cb01cec798376429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 07:10:48 GMT
x-amz-version-id: 8SeBfqkNoLOJmk_T4SdJcyP_.dPzyGBt
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2008265
etag: "d708eb2a05e94b37d59b01c645d91d97"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 18723
x-amz-cf-id: naPiP7lLkt6PLfxh7HGUqvxGuDzm_uNWDovFcVBBXKfkwbIL1HmCsA==

GET
H2 200 7c14b2c6-lr-adobestock-273675983-1_10mb0ev0mb0c900000001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 62 KB
62 KB 94ms
92ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/7c14b2c6-lr-adobestock-273675983-1_10mb0ev0mb0c900000001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08f900d04e68f8fb42f835a013978dbb28f86a28c2b23e2dd28052b84f2a97b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:36:16 GMT
x-amz-version-id: OISZc1wlzAtVIFrZWUnJ_th1jQ3tRsh.
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2766337
etag: "cc8518212c4fb52c983364171fc6300e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 63294
x-amz-cf-id: hiU5pPIEr2iy5fUxzq5qAP5myo5SU36terXdgRwDIKtHdNR-d9imOg==

GET
H2 200 ad975c08-adobestock-219735387-1_10mb0f80mb0c900000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 49 KB
49 KB 102ms
100ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ad975c08-adobestock-219735387-1_10mb0f80mb0c900000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95a6a09a708909ab28e44dba5416f7e45f63e205d6f97faecaa3343bf1a2e117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 12:15:59 GMT
x-amz-version-id: v4REcy_CDZc8dwUqb3q7fLYAT_KvPIY4
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 11:52:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10284354
etag: "397bf630a3ca0897033c478f3ab3dea7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 49781
x-amz-cf-id: C_CW0KTHseOmdJ-ts6o3rd8izHkj-KECrEchmGGrdtzh4qEge29J6A==

GET
H2 200 dcdb6abc-lr-adobestock-189335797-1_10mb0ew0mb0c800002o01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 59 KB
59 KB 109ms
106ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/dcdb6abc-lr-adobestock-189335797-1_10mb0ew0mb0c800002o01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d40f992c3a9723114d31324eb7473be7c81f2d50efe1c61f33c1538f735b437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:36:16 GMT
x-amz-version-id: IgUBt22BvQEdcDktOSaXd6npnhLLUXrL
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2766337
etag: "af489889409c122999f7787a646fb24e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 60366
x-amz-cf-id: X5G0gYh94GeOOVuyv4nlLBzVAvwioN3YPDpIfPJg6UKgm74WuMMJ6Q==

GET
H2 200 8052e46a-adobestock-199662534-1_10mb0fw0mb0ca00002y01o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 31 KB
31 KB 89ms
86ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/8052e46a-adobestock-199662534-1_10mb0fw0mb0ca00002y01o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08fcbade4ecc96835d2b65a965f87a53cf9260eb46367a5cc50ccbae04b3f967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 16:59:39 GMT
x-amz-version-id: cIQaTTBfk.z_RboMUQlGVrc2i7R1mjeL
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10526534
etag: "a715c66cbdecef4ce0a07cd47fb1b3ff"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 31389
x-amz-cf-id: j2_YDkUewVI9mtDXxuqZLN9mUsA3AV2dq3pTzFpBrC_mpUnODeb5fQ==

GET
H2 200 2a6fe355-lr-adobestock-163680576-1_10mb0ew0mb0cb00001901o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 42 KB
43 KB 118ms
116ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/2a6fe355-lr-adobestock-163680576-1_10mb0ew0mb0cb00001901o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ce6dd9a03c037ac1b11a56645ddc7e7dba0ef77446d2061e5ab632c7df85f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:36:16 GMT
x-amz-version-id: nnax.DD34Zqbi00l3db_TtT5e3YD__IE
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2766337
etag: "e0dd2c87d2d184813b0a139b156bcf28"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 43085
x-amz-cf-id: XoxAc3nXcWySoGqDj3-6G8HzM3WqbHo2610YHEDDAnHAJ9rzz4S1iw==

GET
H2 200 420da4b3-adobestock-287106953-1_10je08000000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 19 KB
19 KB 118ms
116ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/420da4b3-adobestock-287106953-1_10je08000000000000001o.jpeg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72aaea64bf4db09c0579afa43cba0e0a2e69f6750603a7f47a26a55ff41dc1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 11:27:09 GMT
x-amz-version-id: MGbpnwQfoPpgTP7jvxfmRUadAq84zU.v
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 16:15:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 6572084
etag: "068210d9065bd570c3e2acefd29022f1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 19502
x-amz-cf-id: nMYrR_cRXMnebcHTy8Q3IY9_QAnPLKAR6ilIgzSBN4dsTXBmoywd3A==

GET
H2 200 27df1ace-lr-adobestock-34477989-1_10e40aj09s09q00e00e01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 22 KB
22 KB 106ms
104ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/27df1ace-lr-adobestock-34477989-1_10e40aj09s09q00e00e01o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1275c580e9deba832cb41884032d45e1b97ec9f2c1ebdba44158bcdd2929bfeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 20:45:21 GMT
x-amz-version-id: Vy6VUjfFUcRe29gH3Lm6K3K7KlXV2QOA
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Mon, 17 Apr 2023 12:59:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 2132192
etag: "799d07f9ba80ad20da67b879f9f57cfd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 22502
x-amz-cf-id: 38yQd8v613s17hCJtAtL4pHdBKdSjnjiTsqKC-GsMq-g7AfG_fVdww==

GET
H2 200 771bb92a-lr-adobestock-205438022-2_10hi0bo06j0b805e00001o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 20 KB
21 KB 119ms
117ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/771bb92a-lr-adobestock-205438022-2_10hi0bo06j0b805e00001o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67f77710fbcb54a2614a1e3d50f4bb43221ba52ad0408873a668166346db4775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 06:22:25 GMT
x-amz-version-id: kyTUHqzozC.ssAS1lRlngavBajzmdEYE
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Wed, 04 Jan 2023 16:40:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 10391968
etag: "d74ab3e5675b8b888e0efbf49f1e6f63"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 20901
x-amz-cf-id: YiVoCWqmxn71Uu5KRuXgmGeqfQW11Bm0WSKD4Pow1Uff0SdwEHWF6g==

GET
H2 200 0e88f9ef-v33-grplus-ps21-03162023-450x794_10m70cl0m70ci00000101o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/ 43 KB
44 KB 116ms
115ms Image
image/jpeg 18.66.188.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-ps09-nat/0e88f9ef-v33-grplus-ps21-03162023-450x794_10m70cl0m70ci00000101o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0b4f2d8625ea9dab6286f70ad3aee7928cc6391360a3c885fbf40881d5ecfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:08:39 GMT
x-amz-version-id: 9stUJMTVFy0gq0uNNzFhrElSO2LNwEp3
via: 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 10:29:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 5136794
etag: "415e2f586eee1a7590096c89e2580e97"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 44140
x-amz-cf-id: MGeztmzXqnZlhLpt8nVIsSFB_PLpRVENYW2ugpyQzLMs49GtZWwmJg==

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 030B 325 B
823 B 436ms
436ms Document
text/html 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7cb540111831bbbf-FRA
content-length: 325
content-type: text/html
date: Mon, 22 May 2023 13:01:52 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9DcY5Kz4AGKeOe%2BLvpVe0HJ6lD6SMTxwUWL9yzWH%2BL26%2FjhfXc4yxeAu%2FDeyjevhBt8FOV9F8tixVqhPfCTBHUYmQm61W3x%2Bx7j8qycwDK6lHQVodpNzyU4ZQxYwzO%2BFgZoYqE5nHemeEJ4uBjN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: tlNNJjJyCKXlA5ksCEkZRBZFDH5lOg8S75ka1l3jP81IRxHrWdufIPHNJ+XsY+XtGRoJTPS6+X4=
x-amz-request-id: 5YERCXSWMS6K93KM
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 37ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1684760511875&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=170222609&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 37ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1684760511875&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=170222609&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 38ms
34ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1684760511909&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=10164115&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 41ms
37ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1684760511909&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=10164115&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1684760512232&cv=11&fst=1684760512232&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&hn=www.googleadservices.com&frm=0&auid=171654247.1684760512&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe2ce1c6147a36c89fa251dc2b14641180047c09b605c32d337191e1a9063fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1228
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
379 B 124ms
124ms Stylesheet
text/plain 44.210.2.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.9587093424452908&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?merchantId=UPWEL&ThemeCode=SF680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.2.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-2-193.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
content-length: 0
server: Apache

GET
H2 200 302615157369859 Show response
connect.facebook.net/signals/config/ 302 KB
87 KB 148ms
147ms Script
application/x-javascript 2a03:2880:f028:16:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302615157369859?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f028:16:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6dc4dbc29927e23aa640dfe5ccba0b8932e6f80fd7e41b2dd80e5707ef466ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 May 2023 13:01:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oZzr0jPT5+ev96/3pvBiHuAU5GIHsG4nrEqPGQrzWnT0TlNL3z8xlYh07nB5KZqdwv7JyVR3y10eyrgOH/qtHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 491ms
47ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2022%20May%202023%2013%3A01%3A52%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 22 May 2023 13:01:52 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 489ms
46ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 22 May 2023 13:01:52 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9458
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=c4l2OXx2WU1UL0hndDlkelZqMSt1U2xibk91MTNjWC9DdzNEcmpjVTExeXRnNEI5Q1dWMmJGWWQ3bkRIWG1KYXpBTnErQUZ5K0ZsQWI1MFI5YmwwRDhUYWVhaDhCQlM4enRxYWFqVkJyWHhjU1Z6a1BpSGFhazB2eCtXZU...

446 B
658 B

107ms
29ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=c4l2OXx2WU1UL0hndDlkelZqMSt1U2xibk91MTNjWC9DdzNEcmpjVTExeXRnNEI5Q1dWMmJGWWQ3bkRIWG1KYXpBTnErQUZ5K0ZsQWI1MFI5YmwwRDhUYWVhaDhCQlM4enRxYWFqVkJyWHhjU1Z6a1BpSGFhazB2eCtXZUswQXRUUU5vV1FUQlhlNXJqWGxyaHdYMElyVEJaQnptNnM3Q0pOc3BTQUFPc1BWM1E1c1ZQQVJreUxlalpIK1Q4WWhLU3JQbHMrU2Z0NGVGSnE0OXVCTWRwdWh6eXVXY24vZUhqZHJyYzkvRUJNcnVVOHVINHl5S2dISGNndXg3YmNYZnV2MVUyM21qano4cFo2eFNPTU90T0ZYRnVWYjRKQ0hKNFExU1hvWm5xYUgyM1J6OD18&cppv=2

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efb4c0559a43cf5814bbc4906fc47898de15734014e817ad6794b327c9840df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1471894
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=c4l2OXx2WU1UL0hndDlkelZqMSt1U2xibk91MTNjWC9DdzNEcmpjVTExeXRnNEI5Q1dWMmJGWWQ3bkRIWG1KYXpBTnErQUZ5K0ZsQWI1MFI5YmwwRDhUYWVhaDhCQlM4enRxYWFqVkJyWHhjU1Z6a1BpSGFhazB2eCtXZUswQXRUUU5vV1FUQlhlNXJqWGxyaHdYMElyVEJaQnptNnM3Q0pOc3BTQUFPc1BWM1E1c1ZQQVJreUxlalpIK1Q4WWhLU3JQbHMrU2Z0NGVGSnE0OXVCTWRwdWh6eXVXY24vZUhqZHJyYzkvRUJNcnVVOHVINHl5S2dISGNndXg3YmNYZnV2MVUyM21qano4cFo2eFNPTU90T0ZYRnVWYjRKQ0hKNFExU1hvWm5xYUgyM1J6OD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 339466
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 452ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-28307243-3&cid=420867266.1684760512&jid=808615735&gjid=2014281098&_gid=576029294.1684760512&_u=YGBAiEABBAAAAEAAI~&z=1942908023

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 22 May 2023 13:01:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 19ms
18ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=223940204&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=808615735&gjid=2014281098&cid=420867266.1684760512&tid=UA-28307243-3&_gid=576029294.1684760512&gtm=45He35h0n81M3S986P&z=817245712

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 23:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49299
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
118 B 166ms
166ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 22 May 2023 13:01:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8FB694818A6460299843DDF821B6918 Ref B: FRA31EDGE0805 Ref C: 2023-05-22T13:01:52Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 46ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=19a97441-483f-4688-97f8-2373f3a0cc3e&sid=d23a5390f8a011eda911dde8430356f3&vid=d23a78b0f8a011ed9b95e73ef3ba8be7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&r=&lt=2178&evt=pageLoad&sv=1&rn=269188

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 13:01:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 06373E8706F54F61A0EF8A961E86CC15 Ref B: FRA31EDGE0805 Ref C: 2023-05-22T13:01:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 2 KB
1 KB 37ms
37ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1684760512388&data=%7B%22id%22%3A53%2C%22ii%22%3A%22%2Fuc-grplus-ps09-nat%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1684760512020%2C%22cv%22%3A%2220230520-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1684760512028%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0540421150a7a381029dd373240a58f7ec38c9dfc58db80dd49236e1e04fe397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230102-FRA
server: nginx
x-timer: S1684760512.396307,VS0,VE18
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 modules.bd615e91f206bba6c106.js Show response
script.hotjar.com/ 265 KB
68 KB 424ms
26ms Script
application/javascript 99.84.88.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bd615e91f206bba6c106.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-7.muc50.r.cloudfront.net

Software

Resource Hash

b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 12:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 262245
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69451
last-modified: Fri, 19 May 2023 12:10:27 GMT
etag: "9426a0fb3ec77e5ad24ce096383ab689"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: P7mmXPn7IeOfQLBHXyREQHEEmA06Q3AxzEuwjA5F5MaRQ5Fro-EhPg==

GET
H2 204 pixel
flask.nextdoor.com/ 0
113 B 236ms
210ms Image
text/plain 54.201.89.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&ndclid=&rf=&sem=&tm=0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.89.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-89-139.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
x-envoy-upstream-service-time: 12
server: istio-envoy
context-id: fa8b36b6-80bb-45c2-8dd7-36f37d630ceb

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
859 B 538ms
143ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1684760512396&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.cad5ce17.1684760512.ec708c1
x-envoy-upstream-service-time: 2
content-length: 385
x-pinterest-rid: 1476374465344960
pin-unauth: dWlkPU1URm1NR014TlRjdE1tRXhaUzAwTTJGaUxXRmpaVGN0Tm1Vell6QTBaVGhpTjJZdw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_738b3.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 24ms
23ms Script
application/javascript 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_738b3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-request-id: 1830d735
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202305081131209EE4E4461B405EC59708
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010232dbbb044b88326ddfd8b44c43690d14a372f8cb217b7b3369f69becb61393c0885dd8e2321985026494b19da91393848720d4ccab4c79c24420dea8a0f1d763d82c187c8c5de254db2a9b6c1d8b7d0677f084d38255c8e5db303ba8a3c1f1
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 30644

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
552 B 177ms
176ms Ping
text/plain 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
x-akamai-request-id: 1830d772
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230522130152445B91C2D2D1E5AEC10B
x-cache: TCP_MISS from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 120,2.16.186.199
x-tt-trace-host: 01c1f40e11d1e4d312c68ac37c2150a3a6304194e016c5462227d790f80329e37ad5ffe71fce885f17dc6c799b3fbfa538037d5ce151badc28da7f579d3499e571e544b1d0d1ac4762f5aef16b19bcecd5c0e2a448e77d958e4307e37f37dc8145
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=24, origin; dur=120
content-length: 0
expires: Mon, 22 May 2023 13:01:52 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 208ms
208ms Ping
text/plain 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 55024f0c.1830d773
date: Mon, 22 May 2023 13:01:52 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
x-parent-response-time: 143,2.16.186.199
server-timing: cdn-cache; desc=MISS, edge; dur=134, origin; dur=32, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230522130152DA472F10EAE344A8C10F
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.220.104.16
x-tt-trace-host: 01c1f40e11d1e4d312c68ac37c2150a3a6674e99c391cc859e3248b46fcbd056861344fe48f5d998ced6648be8b84c6ca1ed469203853b2683bf9c29c588d30773cd38f05650ccfd7df4761ab3ed33dd0ef2816ec5632126dc34d1259f51c02c9a45a4c1c34c4cfefc53494743da3cd908
expires: Mon, 22 May 2023 13:01:52 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
552 B 197ms
197ms Ping
text/plain 2.16.186.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI2MzlmMWJmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
x-akamai-request-id: 1830d775
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230522130152050892ED99FF8FAE0501
x-cache: TCP_MISS from a2-16-186-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 131,2.16.186.199
x-tt-trace-host: 01c1f40e11d1e4d312c68ac37c2150a3a6304194e016c5462227d790f80329e37a22e0b5e8726d818387263cf39970b7affc7dcb9b5de8dd45632cf3c5c090b1fb15424ab4719843f43bf90e85777f664ee29646610a280a8caa77ed9719fc5786
server-timing: inner; dur=26, cdn-cache; desc=MISS, edge; dur=8, origin; dur=131
content-length: 0
expires: Mon, 22 May 2023 13:01:52 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1684760512232&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3146210001&rmt_tld=0&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
64 B 37ms
36ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1684760512232&cv=11&fst=1684760400000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3146210001&rmt_tld=1&ipr=y

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
323 B 532ms
195ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b68cecd9%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1684760512454

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.cad5ce17.1684760512.ec708c2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 7397438900370850
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 25 KB
26 KB 74ms
27ms Font
font/woff2 18.66.192.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-57.muc50.r.cloudfront.net

Software

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 25372
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 10738422
x-amzn-requestid: 744949b6-46b0-411f-8e49-258c0b48bbfd
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: e7LvpGbdIAMFkhg=
content-length: 25400
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63c78cca-23dc5c591784d7200be4a5dc
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yjNCgwNJcIASJEEGBIrc90DCHdLaqu59shTugYOhVZ-cnWhO4XoRAQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 114ms
67ms Font
font/woff2 18.66.192.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-57.muc50.r.cloudfront.net

Software

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23040
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 1687570
x-amzn-requestid: a6bcac63-31f7-42a7-a795-a3c79ef7e030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUcjQEruIAMFoLw=
content-length: 23041
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a7ae-3b8576e93a2a5a7b6e044029
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: bpL9wDxVSSIH5iq04NLAfqVi6YxqerTtf3SgWzJw5vr6TJMbTKhLfA==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 22 KB
23 KB 104ms
57ms Font
font/woff2 18.66.192.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-57.muc50.r.cloudfront.net

Software

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 22504
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 1155655
x-amzn-requestid: f0749819-1452-4219-9979-f99e672b5507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EovLCFQBoAMFSkw=
content-length: 22518
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6459c579-1cc1fbae19c15ebd31f9d29a
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vO5IN2NmLH3iciXv73NHJXCvwzrYNx4IpScvBzu48DaIjulmyyhM6A==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.ub-assets.com/fonts/s/opensans/v35/ 47 KB
48 KB 91ms
44ms Font
font/woff2 18.66.192.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-57.muc50.r.cloudfront.net

Software

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Oswald:700,regular,200%7CLato:700,900%7COpen+Sans:700,regular
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 48412
via: 1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 1687955
x-amzn-requestid: 47a12b93-1e08-4c76-a4d4-39b8f1a20c61
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: EUbnIFoaIAMF50Q=
content-length: 48445
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6451a62d-0d83f3f16f57a55b34c17982
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Y3dVK5blx2BlVPOiLr0QnEBgm1EOUT1Z5X6IiEIw_2J1R6igeo9XmQ==

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 030B 389 KB
390 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:16:30 GMT
x-content-type-options: nosniff
age: 157522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398319
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 17:16:30 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 030B 112 KB
112 KB 28ms
27ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:52 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2ZZ8DQEQWJ9ZTENQ
age: 41666226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: zdPPKZoC4F6TgBPMtGDzMKNGj/5s3R16GMo5BjwAuOpaxsARqLPu0G8XhBJ0PxoIjC/XvAm+0CU=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYYbCixussrftT2LHWrxUkvi2DtoLcM2wRRO5JTZqXx1MhbBocS8p29SmfF54Jp08QT63YCyLoBkmn69Us0q9O1ssNnTQxAOzd895pTcMkLfAwmMLrDXEvCEPFVDIY8t8f91d9GKC7usPtBPHvUq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7cb54014fd5ebbbf-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 57ms
18ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&rl=&if=false&ts=1684760512805&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684760512802.356480237&it=1684760512329&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:01:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 58ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=AdvVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1684760512808&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684760512802.356480237&it=1684760512329&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:01:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 58ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=AdvVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1684760512808&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.1.1684760512802.356480237&it=1684760512329&coo=false&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:01:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-28307243-3&cid=420867266.1684760512&jid=808615735&_u=YGBAiEABBAAAAEAAI~&z=932077944

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-28307243-3&cid=420867266.1684760512&jid=808615735&_u=YGBAiEABBAAAAEAAI~&z=932077944

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b
https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-ps09-nat&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

4 KB
2 KB

143ms
143ms

Script
text/javascript

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be745b33e1f4ce332ae0c441a85c21502342bdf95308927dc633ce42642fe8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:53 GMT
content-encoding: br
x-frontend: cc-nginx-665d6f7f7c-vp55n:cc-nginx-665d6f7f7c-vp55n
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: ef5eea86-fff6-470b-84c7-e98abf23c9e5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FIJGLAgnuJnxFEGdP3%2FhKxUJoBdD727qre5qjKa6r94MhBeL7JS%2BOBbZey9ka5B2UQAVI%2B2SQr7bVx%2F8%2FPFeWiyLWrZ%2FfvIRwHilAJ9Q7G31%2BS7S1RPylyZdcejGeFuc2R96KGmZGF2eQjMdLuuAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7cb540186fa090ee-FRA

Redirect headers

date: Mon, 22 May 2023 13:01:53 GMT
x-frontend: cc-nginx-665d6f7f7c-6bt8j:cc-nginx-665d6f7f7c-6bt8j
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: a8a7da87-458f-4396-b7be-0d95022665df
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HA49YijrDxScNQQGKyQvorAPbGI01tLaJcFCTeOpCyd8BY0RZO2faJ4Q3P3QkPPcAbnVFGV150uEpNLavjAeTHGWLhA5qqHdbR5qAlhlyU4y%2FWKdcqRavxthmqzMD59IOe8%2BZU%2B74BrAo9tI%2FK064A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
cf-ray: 7cb540179ef690ee-FRA

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 425ms
175ms Image
application/json 44.196.11.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b&id=cl4975ot4arrr6&uid=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSV...
https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSV...

8 KB
4 KB

728ms
157ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSVHA2TEtPd3dMYmo2THRIJTJCOWoxVU1raEJwdyUyRnhkOUpzJTJGQ0h1UWwlMkJqeExtYnZGMzNqZGxNdlNkYzE3ZWlpRFgwZGE0ekpHRjdlUkkyM0IwdzdBQ25KQnFBaVBMWWgxa1FlcjkwVGVVckdkV20lMkJTQyUyQkZ4S1N6cWZBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods&ceid=44c4555c-5733-4e42-ba24-5a1ae1dd2761&dtycbr=74968

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b0236fb53f55342432c9510871a74c591ac06c43e901d739e915b96f6429bb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14012324
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=102531&v=5.16.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSVHA2TEtPd3dMYmo2THRIJTJCOWoxVU1raEJwdyUyRnhkOUpzJTJGQ0h1UWwlMkJqeExtYnZGMzNqZGxNdlNkYzE3ZWlpRFgwZGE0ekpHRjdlUkkyM0IwdzdBQ25KQnFBaVBMWWgxa1FlcjkwVGVVckdkV20lMkJTQyUyQkZ4S1N6cWZBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods&ceid=44c4555c-5733-4e42-ba24-5a1ae1dd2761&dtycbr=74968
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2829945
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 030B 178 B
1 KB 497ms
326ms XHR
application/json 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:53 GMT
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 178
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 39078e49-d7a7-4f43-a08b-433feda225ed
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: FU0mQFZuoAMFb0Q=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz07MA2photo1XfuLYaAmSCgE%2FwK7ou8QLxqsVJ%2FWP2tpYLETk1xp0v%2BA2yKfFweN9LvgAFEvNh0j2wf88Liz5cqvgFr3Ig%2FT5Tjp%2F%2BKYRn2%2FDwTOS8794yrC8w6RW%2FZIPaVOS56VrfDQBcG5P1w"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7cb540172976bbc1-FRA
x-amzn-remapped-date: Mon, 22 May 2023 13:01:53 GMT
x-amz-cf-id: cIdA9PMxI_GdwcwiP_ZVvPawfnPzWtBpAlmdxGmgvMHCI7kv1DTmlQ==
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 19ms
18ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&rl=&if=false&ts=1684760513308&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=3&o=30&fbp=fb.1.1684760512802.356480237&it=1684760512329&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:01:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 cl
io.v2.customerlabs.co/ 0
206 B 121ms
120ms Ping
text/plain 44.196.11.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-222.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 May 2023 13:01:53 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 firstVisit
io.v2.customerlabs.co/cl/ 0
206 B 152ms
152ms Ping
text/plain 44.196.11.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-222.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 May 2023 13:01:53 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

POST
H2 200 cl
io.v2.customerlabs.co/ 0
206 B 124ms
124ms Ping
text/plain 44.196.11.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-222.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://pages.upwellness.com
date: Mon, 22 May 2023 13:01:53 GMT
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
content-length: 0
access-control-allow-methods: POST, OPTIONS

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 19ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&rl=&if=false&ts=1684760513384&sw=1600&sh=1200&v=2.9.104&r=stable&ec=4&o=30&fbp=fb.1.1684760512802.356480237&it=1684760512329&coo=false&eid=cl4975ot4arrr64a189e03-0fad-4a96-aa6f-cdc24bd1c914&tm=1&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:01:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 20ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods&rl=&if=false&ts=1684760513387&cd[start_time]=2023-05-22T13%3A01%3A53.384Z&cd[customerlabs_user_id]=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b&sw=1600&sh=1200&v=2.9.104&r=stable&ec=5&o=30&fbp=fb.1.1684760512802.356480237&it=1684760512329&coo=false&eid=cl4975ot4arrr6f24d8dee-1725-4eb2-b5ba-04cd3395038c&tm=2&rqm=GET

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 May 2023 13:01:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 540ms
113ms Preflight 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Mon, 22 May 2023 13:01:53 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 030B 0
200 B 188ms
188ms XHR
text/plain 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Mon, 22 May 2023 13:01:54 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 030B 75 B
720 B 273ms
215ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25229af4b376-9c0c-430d-a534-fcf1b898f9bf%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-ps09-nat%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-ps09-nat%252F%253FAFFID%253D255445%2526subid%253Dpenn23056foods%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a3c6daf07bf7b705dc856a3e1271e4a3b8e723a39c45bb0b90d201506639700e

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:53 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"4b-0ZXT31OyCyBirN2miaOmsqN5VMY"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8KtmouQlKa1uoW58zOKlwahonKpvFi6mInrLzFOnOle%2FLyvG1lAkGeGtIM1L4foJlCUxsrZ2W3bpA7rN0Lp95WIbWfzNzOkBw1FZ6xFi3IYgRwXDBAV07dFBF%2F5zOyxuMkfrMl02C7b4J6Qxv0O0QBQUFqc"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7cb540199b19bbb3-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 182ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1755&scd=0&ssd=1&est=1684760512022&ver=36&isls=true&src=i&invt=1500&msa=13626&rv=1&tim=1684760513778&vi=1684760512020&ri=93ac390027c586a7e8fcc48947bf25b9&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:01:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 183ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1756&scd=0&ssd=1&est=1684760512022&ver=36&isls=true&src=i&invt=1500&msa=13626&rv=1&tim=1684760513779&vi=1684760512020&ri=ab3bea6f418cbef2b273ef786ce349e6&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:01:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 externalIds
io.v2.customerlabs.co/ 0
0 217ms
217ms Image
application/json 44.196.11.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1684760512802.356480237&customerlabs_user_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b&id=cl4975ot4arrr6&uid=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b&t=0&sc=1600%20x%201200
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.11.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-11-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 96AD
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D59...

1 KB
2 KB

157ms
157ms

Document
text/html

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400&dcc=t

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-grplus-ps09-nat/?AFFID=255445&subid=penn23056foods

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

833f56cce915f9bf5145cd8e6c78cfceea3990d0139bd39788f33bebadb551f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1496
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 22 May 2023 13:01:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 20H8HAHJANDAPH39NK64

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 22 May 2023 13:01:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: XMEY0ND9YS1MW5ME4A8A

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame BA8C 565 B
581 B 47ms
46ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b68cecd9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.cad5ce17.1684760514.ec7148d
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 22 May 2023 13:01:54 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1271333242276406

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame AA01 1 KB
1 KB 120ms
119ms Document
text/html 2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-ps09-nat&partner_id=cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c17ca6ff6e1d0acb50a95c8a59cd62b36f504ebc27c27ebf37532214d6d3ff5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7cb5401d3b9a90ee-FRA
content-encoding: br
content-type: text/html
date: Mon, 22 May 2023 13:01:54 GMT
etag: W/"YTNlYjk5ZGFnOTE3Nmc0OWMyZzkyYTNnZjdkMmY1NTJkZTczLXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lr0rbUOysC67XWa6m%2B90m6WvF92D%2FA1%2F8K9l4nZKdl1ObGNIed7kDlWkvv7ezkuYCDMGDfceiP8MbW8Ngub%2FwFFbftOOwv8deYkSXj2o7lpl%2F4EtVIdADLwpRZHQjVGE3TCzkvevtVnGHo1FinXoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-665d6f7f7c-jvkl7:cc-nginx-665d6f7f7c-jvkl7
x-requestid: 4a8b3849-6524-4fc9-b935-819db37756eb

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame B111
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30

43 B
345 B

20ms
20ms

Image
image/gif

52.29.241.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30
Protocol: H2
Server: 52.29.241.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-241-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-65eHd-YR5upc_XjabR9ISoh1-cBlR3tISIfuzw&expires=30
date: Mon, 22 May 2023 13:01:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B111
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-NIPbEuYR5upc_XjabR9ISoh1-cD8ffuRu2vgTQ&google_cm&google_hm=ay1OSVBiRXVZUjV1cGNfWGphYlI5SVNvaDEtY0Q4ZmZ1U...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NIPbEuYR5upc_XjabR9ISoh1-cD8ffuRu2vgTQ&google_gid=CAESEHi0sFi8s5dw1LxTwrqo7UY&google_cver=1&google_ula=913071,0

43 B
370 B

89ms
28ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NIPbEuYR5upc_XjabR9ISoh1-cD8ffuRu2vgTQ&google_gid=CAESEHi0sFi8s5dw1LxTwrqo7UY&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 820192
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NIPbEuYR5upc_XjabR9ISoh1-cD8ffuRu2vgTQ&google_gid=CAESEHi0sFi8s5dw1LxTwrqo7UY&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B111
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1021795197112065982

43 B
369 B

92ms
29ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1021795197112065982

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 962423
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 22 May 2023 13:01:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed945e39-1654-4c98-bd05-9aa8e39bf8a2
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1021795197112065982
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame B111
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-i2tHDuYR5upc_XjabR9ISoh1-cBHs55HaItTMg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-i2tHDuYR5upc_XjabR9ISoh1-cBHs55HaItTMg

43 B
1 KB

26ms
25ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-i2tHDuYR5upc_XjabR9ISoh1-cBHs55HaItTMg

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
AN-X-Request-Uuid: f4702877-2ad2-403f-a5eb-1be709188b53
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
AN-X-Request-Uuid: 2b551f26-e5ba-4509-9172-ceaf26ca94bd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-i2tHDuYR5upc_XjabR9ISoh1-cBHs55HaItTMg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B111 61 B
800 B 109ms
57ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-csYc8eYR5upc_XjabR9ISoh1-cBdQEoWEWe64Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 13:01:54 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 22 May 2023 13:01:54 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B111 0
239 B 130ms
19ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-bjL16uYR5upc_XjabR9ISoh1-cC9YJdk27mhMQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B111 0
362 B 85ms
20ms Image
text/plain 3.70.58.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-esJFI-YR5upc_XjabR9ISoh1-cDgCmhPRmmWbA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.70.58.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-58-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B111 43 B
163 B 123ms
28ms Image
image/gif 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-zPwX7uYR5upc_XjabR9ISoh1-cBKxaOVf0ZlWQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:53 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B111 0
98 B 61ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ZjVBleYR5upc_XjabR9ISoh1-cAF0LUSICaEcA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24485

GET
H2 200 um
criteo-sync.teads.tv/ Frame B111 23 B
172 B 136ms
45ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-5BWM9OYR5upc_XjabR9ISoh1-cCzNszPiPr9-w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Mon, 22 May 2023 13:01:54 GMT
pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B111 37 B
140 B 69ms
20ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-KC6tS-YR5upc_XjabR9ISoh1-cBmQE51haPMZw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame B111 0
399 B 89ms
21ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-KtW4B-YR5upc_XjabR9ISoh1-cDgHQJfo_Yjng

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame B111 43 B
163 B 239ms
37ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-_u9AmOYR5upc_XjabR9ISoh1-cBKl3jvlNlc5w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
server: nginx
accept-ranges: bytes
etag: "6377b780-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B111 49 B
235 B 96ms
28ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-oK7fCOYR5upc_XjabR9ISoh1-cBtT3QpgzbYOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame B111
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LqvRROYR5upc_XjabR9ISoh1-cD04Gya9T8wcg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LqvRROYR5upc_XjabR9ISoh1-cD04Gya9T8wcg&C=1

43 B
766 B

20ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-LqvRROYR5upc_XjabR9ISoh1-cD04Gya9T8wcg&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-LqvRROYR5upc_XjabR9ISoh1-cD04Gya9T8wcg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame B111
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=tNQSbVhee4op2uziHc-aEQnReph8vvSy
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tNQSbVhee4op2uziHc-aEQnReph8vvSy

42 B
942 B

43ms
43ms

Image
image/gif

52.215.85.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tNQSbVhee4op2uziHc-aEQnReph8vvSy

Protocol

HTTP/1.1

Server

52.215.85.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-85-23.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-01f166ef7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Kq5/14vGQlk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-032e056ca.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: kT0Ti2PPSkg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=tNQSbVhee4op2uziHc-aEQnReph8vvSy
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame B111 43 B
1 KB 66ms
20ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-3bdYQOYR5upc_XjabR9ISoh1-cDHqYkqSLDTjQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 22 May 2023 13:01:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B111
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Sqv59-YR5upc_XjabR9ISoh1-cAahR6EE6mFhg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Sqv59-YR5upc_XjabR9ISoh1-cAahR6EE6mFhg

43 B
449 B

48ms
48ms

Image
image/gif

34.241.58.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Sqv59-YR5upc_XjabR9ISoh1-cAahR6EE6mFhg
Protocol: H2
Server: 34.241.58.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-58-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 May 2023 13:01:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Sqv59-YR5upc_XjabR9ISoh1-cAahR6EE6mFhg
access-control-allow-origin: *
date: Mon, 22 May 2023 13:01:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame B111 42 B
274 B 85ms
29ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5ryk2uYR5upc_XjabR9ISoh1-cCrUhIM1qk-hA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:53 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B111 0
882 B 69ms
20ms Image
text/html 52.29.121.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dABOIuYR5upc_XjabR9ISoh1-cDGXfK_v2ukZg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.121.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-121-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B111 0
145 B 395ms
99ms Image
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-quja_uYR5upc_XjabR9ISoh1-cAl8j_O8i74eg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:01:54 GMT
Cache-Control: no-cache
X-TraceId: b0ae6e3c3a1f1464a88cd2c924d5dccb
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B111 42 B
579 B 96ms
24ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-C3PrkOYR5upc_XjabR9ISoh1-cD4kzz3Fl5q4Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 22 May 2023 13:01:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B111 43 B
398 B 343ms
110ms Image
image/gif 2600:1f18:612b:4200:8644:8d9:b2a6:8733
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-VW4RSOYR5upc_XjabR9ISoh1-cBXsqfXIYyJaA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8644:8d9:b2a6:8733 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 22 May 2023 13:01:54 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B111 43 B
153 B 104ms
34ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-2_PIm-YR5upc_XjabR9ISoh1-cBEOHaW6CDPUg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 May 2023 13:01:54 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B111 0
400 B 141ms
62ms Image
text/plain 23.36.211.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-bZrHj-YR5upc_XjabR9ISoh1-cD8d_JmN0xm8Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.36.211.28 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-211-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 21 May 2023 13:01:54 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B111 0
38 B 184ms
45ms Image
text/plain 108.128.136.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-9RJIhOYR5upc_XjabR9ISoh1-cCCrd_zvX87xQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.136.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-136-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame AA01
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=8dfcbc6b-aad1-4bbb-a533-c8e0b1ad8d21

0
300 B

138ms
136ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=8dfcbc6b-aad1-4bbb-a533-c8e0b1ad8d21
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
x-frontend: cc-nginx-665d6f7f7c-jvkl7:cc-nginx-665d6f7f7c-jvkl7
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: a88ef53f-ccfc-4986-87db-a9eef680b6a1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDVhSfKJxgi2cuEZJTZDjqQxPtUH4sWUqS%2Bv5Jt2%2F74myDY%2BhSnNgCURKDJm0lr%2Fuk4npk%2B2S%2B1HyxzTj8WNAkhaqanUnkOYeaM9CUHDyz1TtzrxnuiR3jj5y6B%2FG%2FwOlLPmbB1qvuMgrebohPLsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cb5401f8db390ee-FRA

Redirect headers

date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=8dfcbc6b-aad1-4bbb-a533-c8e0b1ad8d21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame AA01
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=c968a9dc-3a24-5e6c-aef6-0e8a48740844&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=184f8303-2af4-4dae-9ade-1296896b639f&hem=

0
335 B

129ms
128ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=184f8303-2af4-4dae-9ade-1296896b639f&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
x-frontend: cc-nginx-665d6f7f7c-jvkl7:cc-nginx-665d6f7f7c-jvkl7
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: da4fd98a-06e4-4a9d-8653-0cb32aa4c4bd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCiQJxvRlZH03B0lHH5xvBB8FkwYbzbSo2aRAvHdMMq63%2BZI9ZYTvWP3S19s0yfE88niz%2BCBfCLWb2n%2FOYsqa%2BmB0LjPT18GY1gDgKTSiZeh6EL5a6sEDXSxp6n80KW5n3d645d3m3geiTxpQGyXXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cb540220fe890ee-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=184f8303-2af4-4dae-9ade-1296896b639f&hem=
date: Mon, 22 May 2023 13:01:54 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame AA01
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

68ms
43ms

Image
text/plain

54.217.159.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE

Protocol

HTTP/1.1

Server

54.217.159.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-159-141.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
x.bidswitch.net/ Frame AA01
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=a3eb99da-9176-49c2-92a3-f7d2f552de73&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Da3eb99da%2D9176%2D49c...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&anx_uId=6083881388625202988
https://x.bidswitch.net/sync?dsp_id=179&user_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&expires=5&user_group=0

43 B
145 B

20ms
20ms

Image
image/gif

52.29.241.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=179&user_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE
Protocol: H2
Server: 52.29.241.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-241-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Mon, 22 May 2023 13:01:55 GMT
x-frontend: cc-nginx-665d6f7f7c-jvkl7:cc-nginx-665d6f7f7c-jvkl7
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 3b304b97-e49e-4df6-8769-1c3649f57993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1G4My%2FI3uiHE%2BscEeA%2F8rVl5%2FcjhqbT9cIYKAphc6h8o2UpIIT9VtfJ7eIBsYCrZ5C67r1mDJwXJHd17J7cEq4wW2cEk%2B%2BgeWSdQVuvXxa4sW3NQeyZmcpto6XZIzU4hNhmkwAWvooiljX%2BsUrQiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=a3eb99da-9176-49c2-92a3-f7d2f552de73&expires=5&user_group=0
cf-ray: 7cb54023d9b390ee-FRA

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 7197 490 B
748 B 106ms
44ms Document
text/html 108.138.36.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=a3eb99da-9176-49c2-92a3-f7d2f552de73&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-125.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 836674b56e06aed5bb3b30918b8aa5316d2b0ebecc7af8335b8c03cd5bc9c962

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Mon, 22 May 2023 13:01:54 GMT
server: CloudFront
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-cf-id: eM7USqTWzTsYS8qy5t8-zrD552p7TyUHbVFH4SLHOcrXHYdFpirDCg==
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront

GET
H2

204

/
a.clickcertain.com/px/img/g/ Frame 7197
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=d362ae64-f8a0-11ed-84e1-7f972b0add05
https://a.clickcertain.com/px/smart/a/?partner_id=193f0456&c=24d1add2443e239&type=img&partner_rid=d362ae64-f8a0-11ed-84e1-7f972b0add05
https://a.clickcertain.com/px/img/?c=24d1add2443e239
https://a.clickcertain.com/px/img/g/?start_cm=1
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
https://a.clickcertain.com/px/img/g/?google_gid=CAESEGB8CfaW1vqps6CdJ0lcPG4&google_cver=1

0
438 B

149ms
149ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/g/?google_gid=CAESEGB8CfaW1vqps6CdJ0lcPG4&google_cver=1
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:55 GMT
x-frontend: cc-nginx-665d6f7f7c-z52pm:cc-nginx-665d6f7f7c-z52pm
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 1cec6bf4-b81c-4ee5-9719-945dd42d0b47
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaI0zN%2BX%2BdBVHAIr0jpfSqt866h0%2F2R5fePJtcTOKg0alP68HDhw2bWv%2Fl0Qpmqe4i73FPtLOfhEKBmWVGw5wgeuNytBvPk0p0w4H0WEVcGUb0kQr6pxt%2F83SVw29p%2B60ids6RsvNAB241J%2BOdEZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cb54022481c90ee-FRA

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.clickcertain.com/px/img/g/?google_gid=CAESEGB8CfaW1vqps6CdJ0lcPG4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 7197 0
149 B 510ms
218ms Image
text/plain 44.232.68.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.232.68.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-68-133.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
server: awselb/2.0

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 7197
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

42ms
42ms

Image
text/plain

54.217.159.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Server

54.217.159.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-159-141.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B111
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aHoaJX15ThKVd3BsrOEgPw1_JYlpX93O

0
338 B

162ms
43ms

Image
text/plain

54.229.221.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aHoaJX15ThKVd3BsrOEgPw1_JYlpX93O
Protocol: H2
Server: 54.229.221.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-221-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n011-dub-prod.krxd.net
date: Mon, 22 May 2023 13:01:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1684760514
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aHoaJX15ThKVd3BsrOEgPw1_JYlpX93O
date: Mon, 22 May 2023 13:01:53 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 799288
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame B111
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2VSpnVVSikSq77QBi-PMJnalDK7mHceZ

35 B
268 B

352ms
113ms

Image
image/gif

18.218.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2VSpnVVSikSq77QBi-PMJnalDK7mHceZ
Protocol: H2
Server: 18.218.84.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-84-116.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
x-bt-requestid: d3c19b50-f8a0-11ed-89f6-0000ac170317
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2VSpnVVSikSq77QBi-PMJnalDK7mHceZ
date: Mon, 22 May 2023 13:01:54 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 788070
content-length: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame CDEA 7 KB
7 KB 112ms
112ms Document
text/html 209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

72463891263fd5f60cdd2248c937df367fc2e2f8210a8715c11fce44000ac21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=709606368987586400&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6911
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 22 May 2023 13:01:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: T36WV66Z5J8NYXDNMGWN

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=AgHi4SwSRTmmrY2FcyFsnw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AgHi4SwSRTmmrY2FcyFsnw

43 B
479 B

108ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AgHi4SwSRTmmrY2FcyFsnw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GMH2Q65D1XK8Z27AGQXG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
AN-X-Request-Uuid: 26fe0a5f-451f-439e-959a-83558082b088
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=AgHi4SwSRTmmrY2FcyFsnw
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=94iv0Pe7TAKqrwmMgt873w&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8

43 B
479 B

298ms
113ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P9T6VPSWH28ET4EG2QZ8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8
access-control-allow-origin: *
date: Mon, 22 May 2023 13:01:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CDEA 43 B
163 B 29ms
28ms Image
image/gif 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=kuONjT2XT_WbJOMmSXlPvw&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219833204524002884799&ex=neustar.biz

43 B
479 B

108ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219833204524002884799&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MHARTKPQ9K7N33K0QN4W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:55 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=219833204524002884799&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=klnpSBEIS5Cem-sxyuUAwQ&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZGtnwoE2vqabVSvPA-y3XgAA

43 B
479 B

290ms
113ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZGtnwoE2vqabVSvPA-y3XgAA

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G816HXYNZR9HSBM7BDR9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZGtnwoE2vqabVSvPA-y3XgAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=af29320cae961ef82abfb176a541ceda

43 B
479 B

309ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=af29320cae961ef82abfb176a541ceda

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AVT5VA5PK208DWCADJRV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=af29320cae961ef82abfb176a541ceda
date: Mon, 22 May 2023 13:01:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

111ms
110ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2CSGCTTJJXKE06Y0HBA5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Mon, 22 May 2023 13:01:55 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=qRSE61GBTHm1FBCePwDDow
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qRSE61GBTHm1FBCePwDDow

43 B
479 B

212ms
110ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qRSE61GBTHm1FBCePwDDow

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B2GZNZ5CYDTZC8TJBTVH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=qRSE61GBTHm1FBCePwDDow
date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=da8ef457-8d6a-41bd-8e67-ea268b06d759

43 B
479 B

303ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=da8ef457-8d6a-41bd-8e67-ea268b06d759

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PP22BW8Z0MFEPMT10C4Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=da8ef457-8d6a-41bd-8e67-ea268b06d759
Date: Mon, 22 May 2023 13:01:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5f4541b55a6c4bc3b7e149cac1654303

43 B
479 B

245ms
107ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5f4541b55a6c4bc3b7e149cac1654303

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GANWNDCPE4KWVP8ECPDF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5f4541b55a6c4bc3b7e149cac1654303
date: Mon, 22 May 2023 13:01:54 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame CDEA 0
122 B 97ms
26ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=RmUB_z4lRHCWORpcCyT8gw&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-nkd7l
date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-rw1mEAdE2pFLzEZYytIVqg2OoBPK1SPHYwq5~A&status=OK&ex=gemini

43 B
479 B

289ms
116ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-rw1mEAdE2pFLzEZYytIVqg2OoBPK1SPHYwq5~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y8XR6XX49T01Y4ZM12JX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-rw1mEAdE2pFLzEZYytIVqg2OoBPK1SPHYwq5~A&status=OK&ex=gemini
date: Mon, 22 May 2023 13:01:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=1351a34baa0f11d19dc37e82c908adf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

111ms
111ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1351a34baa0f11d19dc37e82c908adf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BE04CAW0VMGA1N6GGK11
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1351a34baa0f11d19dc37e82c908adf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1684760515315083-375
Expires: Mon, 22 May 2023 13:01:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

107ms
107ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4S2BS4G0FQHN173H4M0N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 22 May 2023 13:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 086da553b96e728b869925910597a098.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=KHYYBF8VHPGQN6197QZV:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: KHYYBF8VHPGQN6197QZV
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: TCMyHkYRrWhLAr2ySsxg64BGjLMWi8zA-VHaplQ-MJBdEu2HV-xqOQ==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame CDEA 0
337 B 47ms
43ms Image
text/plain 54.229.221.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=s9BiBPZ3RyWlS_TFwCicmA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.221.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-221-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Mon, 22 May 2023 13:01:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1684760514
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8&ex=improvedigital.com

43 B
479 B

290ms
112ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PMTPBQVMVB4NG4J7CB4Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=3a4cc34c-76ab-44d9-81e4-867fa1e124e8&ex=improvedigital.com
access-control-allow-origin: *
date: Mon, 22 May 2023 13:01:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame CDEA 0
186 B 339ms
110ms Image
text/plain 52.22.156.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.156.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-156-201.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:55 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=113e1cf3e97a60dd5

43 B
479 B

118ms
118ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=113e1cf3e97a60dd5

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4HPKT24Q6PZRRN1G80CY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 22 May 2023 13:01:55 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=113e1cf3e97a60dd5
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wL0TYmfrQnurH1KmrO0Vxw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wL0TYmfrQnurH1KmrO0Vxw

43 B
479 B

108ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wL0TYmfrQnurH1KmrO0Vxw

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QVEMW7X3SW14MAMACZ1P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wL0TYmfrQnurH1KmrO0Vxw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=pteafDHnRPu7F8iKDNnvXg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=f4a139ed3ae082bd85794d17d663ff6b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pteafDHnRPu7F8iKDNnvXg

43 B
479 B

117ms
117ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f4a139ed3ae082bd85794d17d663ff6b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pteafDHnRPu7F8iKDNnvXg

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FNJ55Z8TN2JKK0YX4Q7Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f4a139ed3ae082bd85794d17d663ff6b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pteafDHnRPu7F8iKDNnvXg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1684760515326062-410
Expires: Mon, 22 May 2023 13:01:55 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=Cf5xrP35TzOJyNDxxXr4SQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=79485406079538474672057154076461858400

43 B
479 B

107ms
107ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=79485406079538474672057154076461858400

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WD2NPP836STJXNS7AQB2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v048-0ec577047.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Cd9vI6CGSyQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=79485406079538474672057154076461858400
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame CDEA 42 B
213 B 102ms
28ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=eRTec2HpSKG74Si9_bQ4CA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:55 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3103995976935618337

43 B
479 B

108ms
107ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3103995976935618337

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZWJAS65JE39D8PDK91BK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=3103995976935618337
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d41048be-f8a0-11ed-8554-162d46060206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d410487a-f8a0-11ed-8554-162d46060206

43 B
479 B

109ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d410487a-f8a0-11ed-8554-162d46060206

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TDFEB7FSEYZKF9DT2BPE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 22 May 2023 13:01:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=d410487a-f8a0-11ed-8554-162d46060206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 87
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2245a86fb8-b784-4f00-bf2f-2304e8cdb577%22,%22Time%22:%2220230522T130155.483272%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=45a86fb8-b784-4f00-bf2f-2304e8cdb577

43 B
479 B

109ms
109ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=45a86fb8-b784-4f00-bf2f-2304e8cdb577

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1JJ67RTVEPEVK65N02TV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=45a86fb8-b784-4f00-bf2f-2304e8cdb577
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECBGxVbPyZ1Vcg1_KAwRoAk&google_cver=1

43 B
479 B

313ms
111ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECBGxVbPyZ1Vcg1_KAwRoAk&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0B0ADD8HTGZXKW4D5R7S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECBGxVbPyZ1Vcg1_KAwRoAk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame CDEA 20 B
20 B 342ms
109ms Image
text/plain 54.173.6.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.6.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-6-96.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: usermatch-a005-ash-prod.krxd.net
date: Mon, 22 May 2023 13:01:55 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1d183b5b208a34706f079d69fee9674d

43 B
479 B

116ms
115ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1d183b5b208a34706f079d69fee9674d

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B89853APPRTJ65ES43X8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 22 May 2023 13:01:55 GMT
via: 1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1d183b5b208a34706f079d69fee9674d
content-length: 0
x-amz-cf-id: 3_6gB96oSNxo-YZqqrpwt-Qkxz5wF98S_9NKa7TAe5NHtsF9nM1Auw==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CDEA 43 B
304 B 72ms
27ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:55 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LTlQ8tEC9N7rB2j7epnZazc4dNQ4ZgIC

43 B
479 B

112ms
112ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LTlQ8tEC9N7rB2j7epnZazc4dNQ4ZgIC

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 26ZCD0JXKBMHSZVGTVCM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LTlQ8tEC9N7rB2j7epnZazc4dNQ4ZgIC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame CDEA 37 B
139 B 23ms
20ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=42813g9xQrirYZjA83bbIw&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=422A9E2EF7D69D38

43 B
479 B

113ms
112ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=422A9E2EF7D69D38

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9Q3W6R8G2KYWDT7BN8CT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:02:01 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=422A9E2EF7D69D38
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=6083881388625202988&ex=appnexus.com

43 B
479 B

110ms
109ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6083881388625202988&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FZEDW4NFXDX03ZB06W8S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 22 May 2023 13:01:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.26; 217.114.218.26; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f4ae337c-073d-4ccb-b7e5-cd4ac1922075
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6083881388625202988&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=_bbODCLOQE6xduLxydTAYA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=_bbODCLOQE6xduLxydTAYA

43 B
479 B

111ms
111ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=_bbODCLOQE6xduLxydTAYA

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GYP2FBYYJ6479FZVWQ9D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=_bbODCLOQE6xduLxydTAYA
date: Mon, 22 May 2023 13:01:55 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=ou6DbVDJ3VCWEvZQXkyG88WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

108ms
107ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=ou6DbVDJ3VCWEvZQXkyG88WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3HR7VER7PZR4VQB8X8XT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=ou6DbVDJ3VCWEvZQXkyG88WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Yu0S68SWQHCDRyj8uAbAwg&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

299ms
105ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H530063HD21JNJG2Z1WQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame CDEA 0
324 B 190ms
43ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EEBD4F2DC3676B64922AEF8C02CB7FEE

43 B
479 B

117ms
116ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EEBD4F2DC3676B64922AEF8C02CB7FEE

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3F3EYFAFZZYNMAWK9FA9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 22 May 2023 13:01:55 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EEBD4F2DC3676B64922AEF8C02CB7FEE
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Mon, 22 May 2023 13:01:54 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5c3ed86b94a4a6db159ab77f3770379994896201bdaf2ac8791428efe85fb654

43 B
479 B

115ms
115ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5c3ed86b94a4a6db159ab77f3770379994896201bdaf2ac8791428efe85fb654

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0AN6AFMZ8G24Z24H6EGH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 May 2023 13:01:55 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5c3ed86b94a4a6db159ab77f3770379994896201bdaf2ac8791428efe85fb654
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 sync
sync-amazon.ads.yieldmo.com/ Frame CDEA 0
37 B 54ms
44ms Image
text/plain 108.128.136.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=fRh0DnWdRf2GxpPMPo6kVQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.136.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-136-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:55 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6C199E78-2C3F-4E95-99CC-8795CF9EF7A7

43 B
479 B

109ms
109ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6C199E78-2C3F-4E95-99CC-8795CF9EF7A7

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E2YK68T6DZJBQW6HPWJ3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6C199E78-2C3F-4E95-99CC-8795CF9EF7A7
date: Mon, 22 May 2023 13:01:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame CDEA 0
48 B 29ms
29ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=OlS069umRI-EdDE1BsC8xg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-cx-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_n-ym-HMT_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=s9BiBPZ3RyWlS_TFwCicmA&dmt=3&ex-pl-n-g-hmt=Yu0S68SWQHCDRyj8uAbAwg&ep=ttam_T219Ay-cPciHbT10sqRp0yhYwpXT4b3y4ygocVc2OS7uDT7pS_DTJWXYgSzEPwR6fUhmdotEA5Tj1iO12epgMSDylWweWjfTYj7AFxVj_IycomTriftvPdft4czfv1N4mStvpVOLn61WcSRWlphOZJ4VyRXWGuDGBp_LnL0jafyXT2rdu-ad7L7yu3ttRNAzK2biuo91Ydif9ws-LCxoeXAnP8DCeFPFBZMph3yZDV8wa4b2FXrLUfariQOrrWzK1ScgDBJaaVGG7hoCCaiIrLKkbD_UPc6KDfeOtBPWBX1qYUKJjHInCiflYE_kFqrG3b0jZt4lzotGGVjKFcw5tvXo64M5O8F2mHOsK1g06dpT7XaKM3rrE4lIXwWoVNG8WC_EHZMxdfifQVJtfGnnfVn0E29urCBV4CdGGVVc5D9ns61uH8y--zBHKsRaZ2zm-8twDVF01N7ZDlR843-vjGjWOCR4IOHGoXaZbP0mITjv3EEg5aDlfMdCixXE4bsxY6Sj7jP1Dz8Poz_NJ6d69VDbko72BQay0Vk113D0WTo_E4Jg41Yema7RXbia_kQ51ttfugk7gY0Qe8_2stbKqTdcOt8lA3CPONSsLeUfV3VVWTBLpksKw__JG87DqAsOykHtM2dB77s0f_pzd3j__wjr4GKBkyP6ynWcqhpP3vVnugo1CiUJRKnrPdqG8U9TqtU6hKnTJiNswYCOD2sjwwlU27pboz535yd8Tr-Bqaq5RKIiXYjkxAvgLFawZdfDTwmukMjV2NNdhzzMp_lPy-stf5gdNfSfw1wE0EhxZbeY6oYiFNzcosXrN3l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 13:01:55 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CDEA
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=babffd27-f09b-463b-bfc4-98fb953141bd-tuctb64ed43

43 B
479 B

108ms
108ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=babffd27-f09b-463b-bfc4-98fb953141bd-tuctb64ed43

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 May 2023 13:01:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CNNX8JPY3KZ341C4N7AG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=babffd27-f09b-463b-bfc4-98fb953141bd-tuctb64ed43
date: Mon, 22 May 2023 13:01:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24562

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 25ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4756&scd=0&ssd=1&est=1684760512022&ver=36&isls=true&src=i&invt=3000&msa=13626&rv=1&tim=1684760516779&vi=1684760512020&ri=93ac390027c586a7e8fcc48947bf25b9&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:01:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 26ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4757&scd=0&ssd=1&est=1684760512022&ver=36&isls=true&src=i&invt=3000&msa=13626&rv=1&tim=1684760516780&vi=1684760512020&ri=ab3bea6f418cbef2b273ef786ce349e6&ref=null&cv=20230520-1-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-ps09-nat%2F%3FAFFID%3D255445%26subid%3Dpenn23056foods
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Mon, 22 May 2023 13:01:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

113 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/uc-grplus-ps09-nat/	1970-01-20 16:24:18	Name: ubpv Value: z%2Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f
i.liadm.com/s	1970-01-20 12:42:32	Name: _li_ss Value: CgA
.ptv.gophercentral.com/	1969-12-31 23:59:59	Name: sid Value: 3Bp+97HnzkDDFBrLIB8gYymXnWrWSZt5KEoRebj1fIBzt36Q3OTdZQ==
.ptv.gophercentral.com/	1970-01-20 21:35:20	Name: trk Value: bEVrZnkY18nDFBrLIB8gYymXnWrWSZt5KEoRebj1fIBzt36Q3OTdZQ==
.ptv.gophercentral.com/	1970-01-20 12:00:46	Name: c2 Value: 3Bp+97HnzkAKVUTp4/OxTYw9BMnl0YBsGwQ3THlysnGui9FBpiL/8g==
pages.upwellness.com/	1970-01-20 16:18:32	Name: ubvs Value: 1e9cb09d-e406-4d7c-92e4-d48c3af76d48
.upwellness.com/	1970-01-20 12:03:39	Name: ubvt Value: v2%7C1e9cb09d-e406-4d7c-92e4-d48c3af76d48%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Az%3Asingle
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 21:35:20	Name: _lc2_fpi Value: f0f26c15fa8f--01h11rth9aqq2j2y3mcbcgpe60
.upwellness.com/	1970-01-20 14:08:56	Name: _gcl_au Value: 1.1.171654247.1684760512
.tiktok.com/	1970-01-20 21:20:56	Name: _ttp Value: 2Q9KlwiwrkMWkYPZvHprmgGwjx8
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: 8A997ED1F3BD760188438D457B204A00
.upwellness.com/	1970-01-20 21:35:20	Name: ucacid Value: 1522213385.872901
.store.upwellness.com/	1970-01-20 21:35:20	Name: ucacid Value: 1522213385.872901
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcFzicHNNmIEvVBIMX_f
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abcFzicHNNmIEvVBIMX_f.n271
.upwellness.com/	1970-01-20 21:35:20	Name: __nbpix_uid Value: 1-lvop3a95-lhyuwqv9
.criteo.com/	1970-01-20 21:20:56	Name: uid Value: ddff0508-92be-4a0d-a319-a6fcbfdcbd57
.liadm.com/	1970-01-20 21:35:20	Name: lidid Value: a036cb8c-0f4d-473f-9077-879b3b5f82b1
.doubleclick.net/	1970-01-20 21:20:56	Name: IDE Value: AHWqTUk0lr0Htf9ewT8WVd5ACohBEedDdhsUoMOahl16G_q99B0T4ns1p8lNi_dl
.upwellness.com/	1970-01-20 21:35:20	Name: _ga Value: GA1.2.420867266.1684760512
.upwellness.com/	1970-01-20 12:00:46	Name: _gid Value: GA1.2.576029294.1684760512
.upwellness.com/	1970-01-20 11:59:20	Name: _dc_gtm_UA-28307243-3 Value: 1
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: Direct
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1684760512374
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr68b975066-af2e-4bcc-bf35-12f37656334b
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_sid Value: CL-b164c3fe-5260-47e6-ad04
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr66ed2e622-0452-4b87-8fc5-e284aa7fc647
.upwellness.com/	1970-01-20 12:00:46	Name: _uetsid Value: d23a5390f8a011eda911dde8430356f3
.upwellness.com/	1970-01-20 21:20:56	Name: _uetvid Value: d23a78b0f8a011ed9b95e73ef3ba8be7
.upwellness.com/	1970-01-20 21:20:56	Name: _tt_enable_cookie Value: 1
.bing.com/	1970-01-20 21:20:56	Name: MUID Value: 0F572758A8606D432D433441A9CC6CEE
store.upwellness.com/	1970-01-20 12:09:25	Name: AWSALB Value: xZGaqLS2Zplx4xem4NGgpsnMMTV+KF8LmsyDeWJUXX6FpGeJ5YVy/aSyDEZotcI6zK8j18VJTQvMNTmi9Xm7NxQlRIJTiztZ1RIpqna2u66I7pYWQzyZ8DxuHyfT
store.upwellness.com/	1970-01-20 12:09:25	Name: AWSALBCORS Value: xZGaqLS2Zplx4xem4NGgpsnMMTV+KF8LmsyDeWJUXX6FpGeJ5YVy/aSyDEZotcI6zK8j18VJTQvMNTmi9Xm7NxQlRIJTiztZ1RIpqna2u66I7pYWQzyZ8DxuHyfT
.upwellness.com/	1970-01-20 21:20:56	Name: _ttp Value: OR2_WF5msj2mSiChKCetHJw-gnr
pages.upwellness.com/	1970-01-20 11:59:20	Name: outbrain_cid_fetch Value: true
.upwellness.com/	1970-01-20 14:08:56	Name: _fbp Value: fb.1.1684760512802.356480237
.yahoo.com/	1970-01-20 20:45:18	Name: A3 Value: d=AQABBMBna2QCEP1poLhCf-dDOMSI9DrmX1MFEgEBAQG5bGR1ZOAXyiMA_eMAAA&S=AQAAAkdM470im46IlTvnWJBQ0MI
.upwellness.com/	1970-01-20 20:44:56	Name: _hjSessionUser_795540 Value: eyJpZCI6ImRmOWZiNzhmLTBlZDgtNTQ5Mi1iZTllLTQwMzc5Yzk1ZGQ1MSIsImNyZWF0ZWQiOjE2ODQ3NjA1MTI4NjksImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 11:59:22	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 11:59:20	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 11:59:22	Name: _hjSession_795540 Value: eyJpZCI6IjBlMDQ3Nzk2LTJiZGItNDhhNC1iZGVhLTk1OTgwNWVhOGNmYiIsImNyZWF0ZWQiOjE2ODQ3NjA1MTI4NzgsImluU2FtcGxlIjp0cnVlfQ==
.upwellness.com/	1970-01-20 11:59:22	Name: _hjAbsoluteSessionInProgress Value: 0
.upwellness.com/	1970-01-20 21:28:44	Name: cto_bundle Value: K2UnO18lMkZ1Mk9RMGNxbUJ2WWFubllHR3pNUSUyQlEyZzYzbkVSVHA2TEtPd3dMYmo2THRIJTJCOWoxVU1raEJwdyUyRnhkOUpzJTJGQ0h1UWwlMkJqeExtYnZGMzNqZGxNdlNkYzE3ZWlpRFgwZGE0ekpHRjdlUkkyM0IwdzdBQ25KQnFBaVBMWWgxa1FlcjkwVGVVckdkV20lMkJTQyUyQkZ4S1N6cWZBJTNEJTNE
.pages.upwellness.com/	1970-01-20 20:44:56	Name: _pin_unauth Value: dWlkPU1URm1NR014TlRjdE1tRXhaUzAwTTJGaUxXRmpaVGN0Tm1Vell6QTBaVGhpTjJZdw
a.clickcertain.com/	1970-01-20 20:44:56	Name: _ccpx_u Value: a3eb99da%2d9176%2d49c2%2d92a3%2df7d2f552de73
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1684762313385
a.clickcertain.com/	1970-01-20 20:44:56	Name: _ccpx_24a3d6f0fe7dd9c Value: 1
.upwellness.com/	1970-01-20 20:44:56	Name: cl4975ot4arrr6_eidsTracked Value: true
match.sharethrough.com/	1970-01-20 12:09:25	Name: AWSALBCORS Value: j4ZX/Hf1q1lmOtkDytHfsgI5J/VCFNkWVFKFpHh0wcvezWQGrSKE+BP2T8+GhXwGbwPMubWeGhEFrU64a932XaWv179ifPNsYh2vV1ZJyzxZgfKAva4HSF22j/ef
.adnxs.com/	1970-01-20 14:08:56	Name: uuid2 Value: 6083881388625202988
.bidswitch.net/	1970-01-20 20:44:56	Name: tuuid Value: 8031e36a-e5ea-4411-8ca4-bd6fd2d4b4dc
.bidswitch.net/	1970-01-20 20:44:56	Name: c Value: 1684760514
.bidswitch.net/	1970-01-20 20:44:56	Name: tuuid_lu Value: 1684760514
.media.net/	1970-01-20 20:44:56	Name: visitor-id Value: 3277621148281021000V10
.media.net/	1970-01-20 12:42:32	Name: data-c-ts Value: 1684760514
.media.net/	1970-01-20 12:42:32	Name: data-c Value: k-csYc8eYR5upc_XjabR9ISoh1-cBdQEoWEWe64Q~~3
.id5-sync.com/	1970-01-20 11:59:20	Name: cf Value:
.id5-sync.com/	1970-01-20 11:59:20	Name: cip Value:
.id5-sync.com/	1970-01-20 11:59:20	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:59:20	Name: car Value:
.id5-sync.com/	1970-01-20 11:59:20	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:59:20	Name: callback Value:
exchange.mediavine.com/	1970-01-20 12:19:30	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22d36179f0-f8a0-11ed-8248-0fca0e0c4396%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22d36179f0-f8a0-11ed-8248-0fca0e0c4396%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22d36179f0-f8a0-11ed-8248-0fca0e0c4396%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22d36179f0-f8a0-11ed-8248-0fca0e0c4396%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:19:30	Name: criteo Value: %7B%22id%22%3A%22k-dABOIuYR5upc_XjabR9ISoh1-cDGXfK_v2ukZg%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-20 16:18:32	Name: demdex Value: 79485406079538474672057154076461858400
.casalemedia.com/	1970-01-20 20:44:56	Name: CMID Value: ZGtnwoE2vqabVSvPA-y3XgAA
.casalemedia.com/	1970-01-20 14:08:56	Name: CMPS Value: 1203
.casalemedia.com/	1970-01-20 14:08:56	Name: CMPRO Value: 1203
.dpm.demdex.net/	1970-01-20 16:18:32	Name: dpm Value: 79485406079538474672057154076461858400
.pubmatic.com/	1970-01-20 12:42:32	Name: KRTBCOOKIE_97 Value: 3385-uid:k-C3PrkOYR5upc_XjabR9ISoh1-cD4kzz3Fl5q4Q&KRTB&23144-uid:k-C3PrkOYR5upc_XjabR9ISoh1-cD4kzz3Fl5q4Q&KRTB&23286-uid:k-C3PrkOYR5upc_XjabR9ISoh1-cD4kzz3Fl5q4Q&KRTB&23287-uid:k-C3PrkOYR5upc_XjabR9ISoh1-cD4kzz3Fl5q4Q
.360yield.com/	1970-01-20 14:08:56	Name: tuuid Value: 3a4cc34c-76ab-44d9-81e4-867fa1e124e8
.360yield.com/	1970-01-20 14:08:56	Name: tuuid_lu Value: 1684760514
.tapad.com/	1970-01-20 13:25:44	Name: TapAd_TS Value: 1684760514416
.tapad.com/	1970-01-20 13:25:44	Name: TapAd_DID Value: 8dfcbc6b-aad1-4bbb-a533-c8e0b1ad8d21
.tapad.com/	1970-01-20 13:25:44	Name: TapAd_3WAY_SYNCS Value:
.bidr.io/	1970-01-20 21:27:54	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 21:27:54	Name: bito Value: AADl5U7I1tAAACGNmQ7c0A
.krxd.net/	1970-01-20 16:18:32	Name: _kuid_ Value: PkdSuQj7
.tremorhub.com/	1970-01-20 20:45:17	Name: tvid Value: 8810e64e032c40caad3c899571d30f35
.tremorhub.com/	1970-01-20 12:42:32	Name: tv_UICR Value: k-VW4RSOYR5upc_XjabR9ISoh1-cBXsqfXIYyJaA
.amazon-adsystem.com/	1970-01-20 17:21:54	Name: ad-id Value: AysQe8WxAUO9llUsOqMToZs
.amazon-adsystem.com/	1970-01-20 21:35:20	Name: ad-privacy Value: 0
a.clickcertain.com/	1970-01-20 20:44:56	Name: _ccpx_24d1add2443e239 Value: 1
a.clickcertain.com/	1970-01-20 20:44:56	Name: _ccpx Value: 24d1add2443e239
.adnxs.com/	1970-01-20 14:08:56	Name: anj Value: dTM7k!M40<F7/.XF']wIg2H`dx:W2l!@wnfH1YdP.dEXlSkg-j@<zp:+F!)mB-)cKSi5>NEIfz'X7.`kr/Z$`GClwJAZFde2tc'Tl?VpD%x)EN8JE8aaEXF=7^keegGgJ9Ih`0dRWO`Mm5>lLDIN[l.wL4W1Qw2H/>A6.
.a.usbrowserspeed.com/	1970-01-20 20:44:56	Name: tuid Value: 184f8303-2af4-4dae-9ade-1296896b639f
.360yield.com/	1970-01-20 14:08:56	Name: umeh Value: !38,0,1746968514,-1!416,0,1746968514,-1
.tremorhub.com/	1970-01-20 21:35:20	Name: tv_UIAM Value: 5f4541b55a6c4bc3b7e149cac1654303
.myvisualiq.net/	1970-01-20 21:35:20	Name: tuuid Value: da8ef457-8d6a-41bd-8e67-ea268b06d759
.myvisualiq.net/	1970-01-20 21:35:20	Name: c Value: 1684760514
.myvisualiq.net/	1970-01-20 21:35:20	Name: tuuid_lu Value: 1684760514
.analytics.yahoo.com/	1970-01-20 20:44:56	Name: IDSYNC Value: "18zh~2bsd:195g~2bsd:19b9~2bsd"
.360yield.com/	1970-01-20 14:08:56	Name: um Value: !38,co0YtPuxW-8ZSZwF0dX-NZtLV0r0WhFNC6PVveMJ01Kjjx-eC6NLJPVXCHQVvaTUaYUdvY7K,1692536514!416,3trTqEAh1kLV3sc2lVVtMARy,1692536514
.bluekai.com/	1970-01-20 16:24:18	Name: bku Value: b/X991J7StHg/ByS
.bluekai.com/	1970-01-20 16:24:18	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.agkn.com/	1970-01-20 20:44:56	Name: ab Value: 0001%3AKt%2FNkNwqsb9Le0HyAWT5tVrrbO0V5VbR
.adform.net/	1970-01-20 12:43:58	Name: C Value: 1
.adform.net/	1970-01-20 13:25:44	Name: uid Value: 3103995976935618337
.spotxchange.com/	1970-01-20 12:39:39	Name: audience Value: d410487a-f8a0-11ed-8554-162d46060206
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1684760515_1
.serving-sys.com/	1970-01-20 12:42:32	Name: u2 Value: 45a86fb8-b784-4f00-bf2f-2304e8cdb5774MH060
ads.samba.tv/	1970-01-20 21:31:01	Name: sambapxid Value: 113e1cf3e97a60dd5
.semasio.net/	1970-01-20 20:44:56	Name: SEUNCY Value: 422A9E2EF7D69D38
.pubmatic.com/	1970-01-20 14:08:56	Name: KRTBCOOKIE_290 Value: 23219-_bbODCLOQE6xduLxydTAYA&KRTB&23261-_bbODCLOQE6xduLxydTAYA
.pubmatic.com/	1970-01-20 12:42:32	Name: PugT Value: 1684760515
.ispot.tv/	1970-01-20 21:35:20	Name: pt Value: v2:5c3ed86b94a4a6db159ab77f3770379994896201bdaf2ac8791428efe85fb654\|0ccf4d1e02a391b3dc3f373a49ceb1e5d5d5a4fa3d7f79321ddccc2b8747b281
.pubmatic.com/	1970-01-20 20:44:56	Name: KADUSERCOOKIE Value: 6C199E78-2C3F-4E95-99CC-8795CF9EF7A7
.ninthdecimal.com/	1970-01-20 16:18:32	Name: ndat Value: LU+97mRrZ8OM7yqS7n/LAg==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.remarketstats.com
a.twiago.com
a.usbrowserspeed.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.nextdoor.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
builder-assets.unbounce.com
business.newsbreak.com
c1.adform.net
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
eb2.3lift.com
events.ub-analytics.com
exchange.mediavine.com
flask.nextdoor.com
fonts.ub-assets.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
io.v2.customerlabs.co
lciapi.ninthdecimal.com
live-visitor-counts.herokuapp.com
live.upwellness.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
odr.mookie1.com
pages.upwellness.com
pi.ispot.tv
pixel.rubiconproject.com
pixel.tapad.com
ptv.gophercentral.com
ptv.pulsetv.com
public-prod-dspcookiematching.dmxleo.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
s.thebrighttag.com
s.yimg.com
sb.scorecardresearch.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
sync-amazon.ads.yieldmo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tag.trovo-tag.com
tags.bluekai.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
ups.analytics.yahoo.com
upwellness.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.imdb.com
x.bidswitch.net
104.111.217.14
104.111.217.42
108.128.136.189
108.138.36.109
108.138.36.125
108.138.36.52
13.248.245.213
141.226.228.48
142.250.186.34
151.101.2.132
151.101.65.131
151.101.65.44
162.19.138.83
178.250.1.9
178.250.7.11
178.250.7.13
18.198.160.241
18.218.84.116
18.66.188.27
18.66.192.31
18.66.192.57
18.66.97.10
185.255.84.152
185.64.189.110
185.64.190.78
185.64.191.210
185.80.39.216
185.86.138.153
185.89.210.180
185.94.180.125
188.65.124.66
2.16.186.203
2.18.235.93
2001:4860:4802:36::178
208.96.162.14
209.54.182.161
212.82.100.181
212.82.100.182
23.206.208.183
23.23.204.175
23.32.238.115
23.35.237.86
23.36.211.28
2600:1f18:612b:4200:8644:8d9:b2a6:8733
2600:1f18:730:b120:d8f4:c602:cb4c:52b1
2600:9000:225b:c200:1d:11cf:5800:93a1
2600:9000:237d:8200:8:8845:1500:93a1
2606:4700:20::681a:27a
2606:4700:20::ac43:4acf
2606:4700:3035::6815:2f0c
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2003
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9d
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:881::1931
2a03:2880:f028:16:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
3.126.202.50
3.211.233.231
3.64.163.89
3.70.58.251
3.71.149.231
3.93.168.254
34.111.113.62
34.117.157.22
34.160.236.64
34.213.130.140
34.237.133.75
34.238.226.189
34.241.58.170
34.254.143.3
34.98.64.218
35.157.143.185
37.157.3.29
37.157.5.133
37.252.171.84
44.196.11.222
44.205.34.214
44.210.2.193
44.232.68.133
45.79.189.238
52.208.135.117
52.215.85.23
52.22.156.201
52.29.121.149
52.29.241.190
52.44.9.51
54.173.6.96
54.201.89.139
54.217.159.141
54.229.221.229
54.83.6.65
64.202.112.127
69.173.144.139
69.173.144.165
74.119.119.150
77.243.51.121
85.215.5.31
99.84.88.219
99.84.88.22
99.84.88.7
99.84.90.48
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
0540421150a7a381029dd373240a58f7ec38c9dfc58db80dd49236e1e04fe397
05e7bdb0d4097ec520d00474e03a95190f707a4b1c4c0422c842ff54c3605db7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08f900d04e68f8fb42f835a013978dbb28f86a28c2b23e2dd28052b84f2a97b6
08fcbade4ecc96835d2b65a965f87a53cf9260eb46367a5cc50ccbae04b3f967
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0d618e0ae7efd3f86ca3741b2ff37cc1fc18e17645ec5d2e8fad9c20f97ca2a5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f367e5fe45efe7405ca02cfe8e804e76bdbd239331d2b998a7a868756acfe02
1275c580e9deba832cb41884032d45e1b97ec9f2c1ebdba44158bcdd2929bfeb
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1c17ca6ff6e1d0acb50a95c8a59cd62b36f504ebc27c27ebf37532214d6d3ff5
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d8a8313bd8e15fc65e3f035321fdf32654cf33d59fcfc584d4a35091ecfdc6c
21426b8b0badcd043a67deb91f069fe369e6657156266422357fd549b18fc676
2a601c6b748d06f6cab3c94fad23dab0ebf31329185b8dc75972d45facad0bee
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fc2e72b47d8a300fa8eb5408697ec2f90c6f7d330644e3abef0ff9de96e849
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
365bc498abb21b256de98382645b715d89e2947391f733393a61a7c7861fb69a
3753285b4ca246073061a5b1cbd38b1f943fad55e266e9e9ec97a9580e33c1b8
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
4356a5904fcb80496b500ec2658390be6482ac48f4f9839aea08cbcbed9feaa2
44c8b7aa666ee9360593e95e71c09ee30da9429d7e2d0b21d3e270bd03c88a20
45e32eb60889e66f20120a8b7dd24c887ce6616da536cd3226c27ab346fa30ba
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
4ae37732893de64fd0b85a1d9f55591d69851c7673ef499fba140fd79e786804
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ced42deaa7f931079b03007196367459bc2742a5dac1e05812420b68febc4fc
4d9a581d226e76e97ab1921385505d131765201a51e986fd5da52410149f6b33
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5f20eeec677f55abac0e47b1a6e7489cacf565a9af247cbd4d74366cb9c71509
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
67f77710fbcb54a2614a1e3d50f4bb43221ba52ad0408873a668166346db4775
69170ba89d801c5fd5fb33705c5060fc6b8fb78773b4986cecffd8d170ec98e3
6995a036a583b6404c78610fe86cddfe3b66d1b25292ff5cb1817077cd44d53b
6a39a58a4003924afe156a6c95e3ada700fb690494e9c5102324505093411577
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6a97ab7cd9eb4186d34e32d7fa3bbc2716fa4388d7b781edde06bbc6d9298ecf
6df9870582e5a92eed652d1815e328b48a9f5a44c00e5a513d11b031d4f015e0
72463891263fd5f60cdd2248c937df367fc2e2f8210a8715c11fce44000ac21d
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
72aaea64bf4db09c0579afa43cba0e0a2e69f6750603a7f47a26a55ff41dc1cd
75acd02f58ac9ece5d30075664b789ddc392d72e8b2ec8d3bb38e446a3142031
776d687f7c6169f8c44bc73bdfd92eedb28f1e138c1acde42e014b1c84808813
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833f56cce915f9bf5145cd8e6c78cfceea3990d0139bd39788f33bebadb551f3
836674b56e06aed5bb3b30918b8aa5316d2b0ebecc7af8335b8c03cd5bc9c962
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ce6dd9a03c037ac1b11a56645ddc7e7dba0ef77446d2061e5ab632c7df85f73
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8f187cec7d401ebbadadcb77e1a42df64e60a776bbe66aa6c8214a40ef988b28
913da565b9955bdc2f199388ba94797a66f2226c510738419d2d3073eda6c56c
91f29bea5b43a0dfe1c5e79aa0ebb5b29185ee673903e5064425bcee4d3fd443
95a6a09a708909ab28e44dba5416f7e45f63e205d6f97faecaa3343bf1a2e117
98bd02585c933947aed60aefb30358d1347181011f3a60e80d512c2c20c95672
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b3a955ac158e9fbedea40a6d9494a44669dee5d1bbb18895e1b211244f8f16e
9d40f992c3a9723114d31324eb7473be7c81f2d50efe1c61f33c1538f735b437
9dac8a8622ac059ca232804102f2ce04c438ad92f8f0d514fe226fee01dcec2e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c6daf07bf7b705dc856a3e1271e4a3b8e723a39c45bb0b90d201506639700e
a603139b3b85a956beb096a23eb80bad0a19c119df91b618122779fe16bbff91
a62387c9826311dd23b686c73af32a3922cbbb087222698947a74301414b87ba
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
ad188b2654a7b82066607adf93759a8e570a8cd6f39ddd89405c52f58379d384
b0236fb53f55342432c9510871a74c591ac06c43e901d739e915b96f6429bb44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c7729b889260e0f1bc3095dfa2c352b95664f5ca2c055e2980416634f57f0f
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b4f5dc653c50337b2771b4aa4409ace646dddffb80485f9eb69d5bfe1d51e035
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
b6dc4dbc29927e23aa640dfe5ccba0b8932e6f80fd7e41b2dd80e5707ef466ab
b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc41e44715b29eade3653057f6ab83c86e04ff10e7ef848238858df7c5b39cbd
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
be745b33e1f4ce332ae0c441a85c21502342bdf95308927dc633ce42642fe8dc
c0b4f2d8625ea9dab6286f70ad3aee7928cc6391360a3c885fbf40881d5ecfcf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6af5e8772f512023cc16d0dd7f37f441f734a433eaf0b7383c8e88f6f32ce4a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d511a1ab0d41427064db7e25a686cc9a5bca3c2f531bb00565e5df6c72076a33
db03ddc46040d664c0531d8bc6d2cd0c7fce100b5975a95f8832f8364674f82b
dbe2ce1c6147a36c89fa251dc2b14641180047c09b605c32d337191e1a9063fb
e2f3c8ed4c196a53974d846d262966b179f23137e92679d5fd5ea015b675cfb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63176bb96e5f6e117ae553f3a86ee7190458c7e517f3f8a39e4f053c2705689
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e87d63589794650c1cbbfb8bf615d4d8a85d349858f49bddb7694fdce1a9cf90
eb20d261b2d7d58647d01eee7c5ddec59c8274b5c981ef1935c2bbfd633cf6f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efb4c0559a43cf5814bbc4906fc47898de15734014e817ad6794b327c9840df5
f0edc1b0d3583e816fa8ff3d7337d0775fcbf0a4ddc15e9f88392d304a9a7a35
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f79f390cafd7bd238b274f05977bf5935c168e37c5501a1388f75bf72f757eb8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f809211eab38c5a90ec5a3b203bdda302b8b762745ad3769cb01cec798376429
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fdd3501d8e2909b9fe5e627322bcb9fdd3732ac8fa9238504edb40caae959e3a

pages.upwellness.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

76 %HTTPS

20 %IPv6

80 Domains

120 Subdomains

82 IPs

11 Countries

3216 kBTransfer

5985 kBSize

113 Cookies

0 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

76 %
HTTPS

20 %
IPv6

80
Domains

120
Subdomains

82
IPs

11
Countries

3216 kB
Transfer

5985 kB
Size

113
Cookies

224 HTTP transactions
1 data transactions