pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/9958101/746255798/_9f490a464a5ef15dc42b2cb82e3ee16bacd28684/b5b24551beaa0363e7cba2f1...
Effective URL:
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=...
Submission: On April 12 via api (April 12th 2023, 10:43:06 pm UTC) from BE — Scanned from DE

Summary HTTP 129 Redirects Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 44 domains to perform 129 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com. The Cisco Umbrella rank of the primary domain is 654182.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.31.40.31 52.31.40.31	16509 (AMAZON-02) (AMAZON-02)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
3	13.224.189.28 13.224.189.28	16509 (AMAZON-02) (AMAZON-02)
1	3.93.168.254 3.93.168.254	14618 (AMAZON-AES) (AMAZON-AES)
4	52.206.179.48 52.206.179.48	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.250.19 52.218.250.19	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2250:5800:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:5800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:303... 2606:4700:3035::6815:2f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.210.64.208 34.210.64.208	16509 (AMAZON-02) (AMAZON-02)
7	2.16.241.93 2.16.241.93	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.23.204.175 23.23.204.175	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.182.160 52.218.182.160	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.78 108.138.17.78	16509 (AMAZON-02) (AMAZON-02)
6	13.32.99.123 13.32.99.123	16509 (AMAZON-02) (AMAZON-02)
2	52.222.250.226 52.222.250.226	16509 (AMAZON-02) (AMAZON-02)
1	3.221.88.80 3.221.88.80	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	18.66.137.97 18.66.137.97	16509 (AMAZON-02) (AMAZON-02)
1	52.25.38.36 52.25.38.36	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b120:6f9e:97b:4367:31b2	14618 (AMAZON-AES) (AMAZON-AES)
1	3.216.127.149 3.216.127.149	14618 (AMAZON-AES) (AMAZON-AES)
3	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.165.42.57 35.165.42.57	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::681a:9a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:20:... 2606:4700:20::681a:37a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 14	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.22.191.215 52.22.191.215	14618 (AMAZON-AES) (AMAZON-AES)
2	54.83.6.65 54.83.6.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.10.142.145 52.10.142.145	16509 (AMAZON-02) (AMAZON-02)
2 4	52.30.78.52 52.30.78.52	16509 (AMAZON-02) (AMAZON-02)
1 1	18.213.140.229 18.213.140.229	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	18.156.40.75 18.156.40.75	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.34 18.66.122.34	16509 (AMAZON-02) (AMAZON-02)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
129	55

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.40.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-40-31.eu-west-1.compute.amazonaws.com

go.welldaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

pages.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-28.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.168.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-168-254.compute-1.amazonaws.com

live.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.206.179.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-179-48.compute-1.amazonaws.com

store.upwellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.250.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

lq3-production01.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:5800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:2f0c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.64.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-64-208.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.241.93 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-93.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

static.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.204.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-204-175.compute-1.amazonaws.com

www.thealternativedaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.182.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-78.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.250.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-226.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.88.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-88-80.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-97.fra60.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.38.36 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-38-36.us-west-2.compute.amazonaws.com

business.newsbreak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:6f9e:97b:4367:31b2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.127.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-127-149.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.165.42.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-42-57.us-west-2.compute.amazonaws.com

flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:9a2 (United States)

ASN13335 (CLOUDFLARENET, US)

api.leadquizzes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:37a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:932 (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.22.191.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-191-215.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.6.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-6-65.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.142.145 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-142-145.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.78.52 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-52.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.140.229 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-140-229.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.40.75 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-40-75.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-34.fra60.r.cloudfront.net

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	clickcertain.com 9 redirects a.clickcertain.com — Cisco Umbrella Rank: 3374	9 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	8 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 781	172 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 958 trc.taboola.com — Cisco Umbrella Rank: 682 trc-events.taboola.com — Cisco Umbrella Rank: 1954	22 KB
6	leadquizzes.com api.leadquizzes.com — Cisco Umbrella Rank: 211930	1 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5216	862 B
6	google.com www.google.com — Cisco Umbrella Rank: 2	862 B
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 119872 io.v2.customerlabs.co — Cisco Umbrella Rank: 134502	198 KB
6	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 26112	90 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	374 KB
6	upwellness.com pages.upwellness.com — Cisco Umbrella Rank: 654182 live.upwellness.com — Cisco Umbrella Rank: 696258 store.upwellness.com — Cisco Umbrella Rank: 620604	51 KB
4	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 552	814 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	278 B
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 62663 api.useproof.com — Cisco Umbrella Rank: 59957	601 KB
4	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3638 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381	22 KB
4	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 2894 rp.liadm.com — Cisco Umbrella Rank: 1648 rp4.liadm.com — Cisco Umbrella Rank: 6852 i.liadm.com — Cisco Umbrella Rank: 594	16 KB
4	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	43 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 836	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	12 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2602 tr.outbrain.com — Cisco Umbrella Rank: 2509	7 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 489	7 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 20467	39 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	881 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 429	2 KB
2	usbrowserspeed.com 1 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 6333	391 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 467	1 KB
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 216991	200 B
2	remarketstats.com 2 redirects a.remarketstats.com — Cisco Umbrella Rank: 43369	1021 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1221	879 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 927	72 KB
2	newsbreak.com static.newsbreak.com — Cisco Umbrella Rank: 63188 business.newsbreak.com — Cisco Umbrella Rank: 15813	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 7282 flask.nextdoor.com — Cisco Umbrella Rank: 6742	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 774	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	137 KB
2	ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com — Cisco Umbrella Rank: 677510 assets.ubembed.com — Cisco Umbrella Rank: 11730	51 KB
2	amazonaws.com lq3-production01.s3.amazonaws.com — Cisco Umbrella Rank: 288162 s3-us-west-2.amazonaws.com	34 KB
1	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 54603	760 B
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 87252	733 B
1	gstatic.com www.gstatic.com	114 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 26311	282 B
1	thealternativedaily.com www.thealternativedaily.com — Cisco Umbrella Rank: 934210	6 KB
1	welldaily.com 1 redirects go.welldaily.com — Cisco Umbrella Rank: 746210	2 KB
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 999257	725 B
129	44

	Domain	Requested by
14	a.clickcertain.com	9 redirects pages.upwellness.com a.remarketstats.com a.clickcertain.com tag.trovo-tag.com
7	analytics.tiktok.com	pages.upwellness.com analytics.tiktok.com
6	api.leadquizzes.com	lq3-production01.s3.amazonaws.com
6	www.google.de	pages.upwellness.com
6	www.google.com	pages.upwellness.com
6	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
6	www.googletagmanager.com	pages.upwellness.com www.googletagmanager.com
5	io.v2.customerlabs.co	pages.upwellness.com cdn.js.customerlabs.co
5	googleads.g.doubleclick.net	www.googletagmanager.com
4	trc-events.taboola.com	cdn.taboola.com
4	match.prod.bidr.io	2 redirects a.clickcertain.com tag.trovo-tag.com
4	www.facebook.com	pages.upwellness.com
4	store.upwellness.com	pages.upwellness.com store.upwellness.com
3	ct.pinterest.com	s.pinimg.com pages.upwellness.com
3	bat.bing.com	pages.upwellness.com bat.bing.com
3	s.yimg.com	pages.upwellness.com s.yimg.com
3	cdn.useproof.com	pages.upwellness.com cdn.useproof.com
3	builder-assets.unbounce.com	pages.upwellness.com
2	x.bidswitch.net	1 redirects a.clickcertain.com
2	secure.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	a.usbrowserspeed.com	1 redirects tag.trovo-tag.com
2	pixel.tapad.com	2 redirects
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	a.remarketstats.com	2 redirects
2	sp.analytics.yahoo.com	pages.upwellness.com
2	tr.outbrain.com	amplify.outbrain.com pages.upwellness.com
2	www.google-analytics.com	www.googletagmanager.com pages.upwellness.com
2	trc.taboola.com	cdn.taboola.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	d9hhrg4mnvzow.cloudfront.net	pages.upwellness.com
2	s.pinimg.com	pages.upwellness.com s.pinimg.com
2	connect.facebook.net	pages.upwellness.com connect.facebook.net
2	d34qb8suadcc4g.cloudfront.net	pages.upwellness.com d34qb8suadcc4g.cloudfront.net
1	tag.trovo-tag.com	a.clickcertain.com
1	i.liadm.com	1 redirects
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	flask.nextdoor.com	pages.upwellness.com
1	rp4.liadm.com	pages.upwellness.com
1	rp.liadm.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.gstatic.com	cdn.useproof.com
1	mug.criteo.com	pages.upwellness.com
1	script.hotjar.com	static.hotjar.com
1	business.newsbreak.com	static.newsbreak.com
1	cdn.js.customerlabs.co	pages.upwellness.com
1	events.ub-analytics.com	pages.upwellness.com
1	assets.ubembed.com	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1	s3-us-west-2.amazonaws.com	lq3-production01.s3.amazonaws.com
1	www.thealternativedaily.com	pages.upwellness.com
1	static.hotjar.com	pages.upwellness.com
1	static.newsbreak.com	pages.upwellness.com
1	ads.nextdoor.com	pages.upwellness.com
1	amplify.outbrain.com	pages.upwellness.com
1	cdn.taboola.com	pages.upwellness.com
1	dynamic.criteo.com	pages.upwellness.com
1	b-code.liadm.com	pages.upwellness.com
1	0505c62f0b6942afbaf22991f0778de5.js.ubembed.com	pages.upwellness.com
1	lq3-production01.s3.amazonaws.com	pages.upwellness.com
1	live.upwellness.com	pages.upwellness.com
1	pages.upwellness.com
1	go.welldaily.com	1 redirects
1	links.paleohacks-mailing.com	1 redirects
129	64

This site contains no links.

Subject Issuer	Validity	Valid
pages.upwellness.com R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
live.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
store.upwellness.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2023-02-07` - `2023-06-02`	4 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
newsbreak.com Amazon RSA 2048 M01	`2023-02-24` - `2023-08-23`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
thealternativedaily.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-14` - `2023-07-21`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-24`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
leadquizzes.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-14`	a year	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
trovo-tag.com Amazon RSA 2048 M02	`2023-04-08` - `2024-05-07`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Frame ID: 3BEEB4C4A284E92947D271F3BBDD1465
Requests: 108 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 80EED8073F781618BEE627A94024A457
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Frame ID: F7A583C912BE203DAA11D2CDD7321A35
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: DB42499A0223ADF090B0E8D914F6C0F0
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE
Frame ID: 773DCC4F6E7FAD88E58DAE44E0B820B4
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: F814B10C7CB36F62A39DA5C90F90595B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/9958101/746255798/_9f490a464a5ef15dc42b2cb82e3ee16bacd28684/b5b2... HTTP 302
https://go.welldaily.com/aff_c?offer_id=77&aff_id=10&aff_sub=PH41223 HTTP 302
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

92 %
HTTPS

35 %
IPv6

44
Domains

64
Subdomains

55
IPs

7
Countries

2133 kB
Transfer

4705 kB
Size

63
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/9958101/746255798/_9f490a464a5ef15dc42b2cb82e3ee16bacd28684/b5b24551beaa0363e7cba2f14a360d693c3bc7b0 HTTP 302
https://go.welldaily.com/aff_c?offer_id=77&aff_id=10&aff_sub=PH41223 HTTP 302
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=iBttRHw3eThZcDJuQytwU2lIVk04TXJNa2tYOHFJTnR5UG5nT1o0RTBaQmc4L1dBSWFsRzZBVnVweTVYaXdvZVd2SUZTVWFLbUpsYURCSEpIVUJnWXJVRnFjeCt6YndCWEQ1eXpHK2tlL2E4a3B5ZVdWSXh6R2UyKzRFUXpKZE96cFB2aUVLUDJvVlZEMG9QaUQ5bDFhU1U1WUJySEY0Q1lXS2RmMWxCbmFabE5mdzhtTzUwVmRCWWhVc2ZMTGlGcHUxVGQ3QmZxZXd6UXFSRmFYYjV4SmtpM21veU90OFJUOXFSRzZBTWlrYTBzSmd1ZnF0T3RIWjFGU1dWR1JWT2k2bnh0UFlnV1dJVnl5aUUwRlM1MkJjWXlFR0YvdHBRU2lreFFUeWxWUnN1WjdCND18&cppv=2

Request Chain 86

https://rp.liadm.com/j?dtstmp=1681339380212&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1681339380212&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMTphYzg6MjA6M2IwMDoxMDEyOmU4ZDozMGM2OmExYmY%3D&n3pc=true

Request Chain 104

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=inflammation-quiz&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b HTTP 302
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

Request Chain 116

https://a.clickcertain.com/px/ta/?ccid=b6956672-01d5-4540-8431-0a774ab96b4f HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=b6956672-01d5-4540-8431-0a774ab96b4f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=b6956672-01d5-4540-8431-0a774ab96b4f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=7a2b5091-ed76-4ab9-94b3-d2ece885c956

Request Chain 117

https://a.usbrowserspeed.com/cs?puid=29e948ca-527f-565b-a73e-7239841e47aa&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=a4e75db4-6b53-4dd6-8412-c871f77f7b0b&hem=

Request Chain 118

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 119

https://a.clickcertain.com/px/r/?ccid=b6956672-01d5-4540-8431-0a774ab96b4f HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=b6956672-01d5-4540-8431-0a774ab96b4f&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6956672%25252d01d5%25252d4540%25252d8431%25252d0a774ab96b4f%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=b6956672-01d5-4540-8431-0a774ab96b4f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6956672%25252d01d5%25252d4540%25252d8431%25252d0a774ab96b4f%252526anx_uId%25253d%252524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3db6956672%2d01d5%2d4540%2d8431%2d0a774ab96b4f%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6956672%2D01d5%2D4540%2D8431%2D0a774ab96b4f%26anx_uId%3D%24UID&google_gid=CAESEEGlWvAyz3wgyR7bXf57vtA&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6956672-01d5-4540-8431-0a774ab96b4f%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&anx_uId=4187160649041574926 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=b6956672-01d5-4540-8431-0a774ab96b4f&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6956672-01d5-4540-8431-0a774ab96b4f&expires=5&user_group=0

Request Chain 123

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=616743c2-d983-11ed-b9eb-19852bcca8c6 HTTP 302
https://a.clickcertain.com/px/smart/a/?partner_rid=616743c2-d983-11ed-b9eb-19852bcca8c6&type=img&partner_id=193f0456&c=24d1add2443e239 HTTP 302
https://a.clickcertain.com/px/img/?c=24d1add2443e239 HTTP 302
https://a.clickcertain.com/px/img/g/?start_cm=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1 HTTP 302
https://a.clickcertain.com/px/img/g/?google_gid=CAESEEGlWvAyz3wgyR7bXf57vtA&google_cver=1

Request Chain 125

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

129 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.upwellness.com/inflammation-quiz/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/9958101/746255798/_9f490a464a5ef15dc42b2cb82e3ee16bacd28684/b5b24551beaa0363e7cba2f14a360d693c3bc7b0
https://go.welldaily.com/aff_c?offer_id=77&aff_id=10&aff_sub=PH41223
https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10

69 KB
17 KB

80ms
17ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de31232fc4bf2bc89eb534de6d283c88b7c426d9d623f9ac04b2c5f2d2673aa1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 16677
content-location: https://pages.upwellness.com/inflammation-quiz/
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 22:42:58 GMT
etag: "am:f1ab3f09c7824439844150ba9a52c5f4"
link: <https://pages.upwellness.com/inflammation-quiz/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: ce51cc0b-0e94-443c-a27a-24c78d18f232
x-unbounce-variant: am
x-unbounce-visitorid: f1ab3f09-c782-4439-8441-50ba9a52c5f4

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 12 Apr 2023 22:42:58 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102d067275e8fefa9d88c0723e2deb
X-Request-Id: cface70fc8a1c59714c81bef58c6eba2
X-Robots-Tag: noindex, nofollow

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 48ms
8ms Stylesheet
text/css 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:22:01 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 7075258
etag: "3d27e56a34e34b278ab5e182cbc3b587"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: DlwmVLNnIw6lfCO4Sle9Xz-d4JdSAQHzq2JltT4hbkrRf8uEgbsuTg==

GET
H2 200 jquery.min.js Show response
live.upwellness.com/services/scripts/jquery/ 87 KB
31 KB 434ms
193ms Script
application/javascript 3.93.168.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://live.upwellness.com/services/scripts/jquery/jquery.min.js

Requested by

Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.93.168.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-168-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
server: nginx
etag: W/"63298c50-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 48ms
9ms Script
application/javascript 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 04:55:28 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-version-id: d9VLzsxWajtbMG3UrQ.tTHukueqe6Iwa
x-amz-cf-pop: FRA2-C1
age: 2915251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Thu, 09 Mar 2023 18:34:30 GMT
server: AmazonS3
etag: "5f02742dbc8772571f02d57d487471d3"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dFl32LsevftTx43ySO9X3vaevOBlWKdNxOjzFjYv2x5kBj0PDAf3uA==

GET
H2 200 UCInvisibleLink Show response
store.upwellness.com/cgi-bin/ 432 B
813 B 515ms
112ms Script
text/javascript 52.206.179.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.179.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-179-48.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 251

GET
H2 200 UCAffiliateNetworkPixel Show response
store.upwellness.com/cgi-bin/ 2 KB
1 KB 110ms
109ms Script
text/javascript 52.206.179.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.179.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-179-48.compute-1.amazonaws.com

Software

Apache /

Resource Hash

fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 744

GET
H/1.1 200
OK yauvnbjuvs5jog.js Show response
lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/ 28 KB
29 KB 583ms
202ms Script
text/javascript 52.218.250.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.250.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ced5b747fe92122e8fb38c867ac67b80ffba333bd3d42285cdecbff43073a6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:43:00 GMT
x-amz-version-id: hjCZun1v9BnPFkxqCgFAEUqn2KnRYokY
Last-Modified: Tue, 17 Jan 2023 11:02:39 GMT
Server: AmazonS3
x-amz-request-id: EC4MT8M9RNJD37FK
ETag: "5239a9f634a4d1ebed837869f45fb3cb-1"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Cache-Control: no-cache
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 29033
x-amz-id-2: UqLWI7fokDTA1XgAxGaCcZZLhqGNKLNCAE6ngPbrsMmDogJ2pdrZBCXDWgCjRa50wX2qBIwiIw8=
Expires: 0

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 55ms
7ms Script
application/javascript 2600:9000:2250:5800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:41:41 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7347679
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: ifZSe64kTeH9ilBXZNkBu026YwC_Sw3dVnXFukmI29l4vYB1FloA7g==

GET
H2 200 / Show response
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 12 KB
3 KB 54ms
9ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3306be2f35833b06c686cd176ad68eb3654b6d81ba3fe27d85365d7343361c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 2750
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: DPJ4vHYNjoEF4bA=

GET
H2 200 a-057g.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 162ms
7ms Script
application/javascript 2600:9000:223c:5800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-057g.min.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 04:02:26 GMT
content-encoding: gzip
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 67233
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: nWnDQWUY4djNbG5cN2aeP65ehgH8XGuG0MrDRxN6DAUqTW9tpya_mQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-624541243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14a5f8f03f30a8f371bc718ca618dd1d905cee9a61abc5b70506078421c10ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51352
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 65ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

364943ab1e174a887daf694eaf9593e1da6d4a8e5a59dbfdf1937657efeaca76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68152
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
75 KB 55ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-458254939

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d15f55544e174d9a6ffc8100fc584b976464e16ca0de6baca8240410e940f822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76671
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 68ms
24ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102531

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff0ab7b5cdcdc420def76609dfd60cf6e47a08b1233c8110c7c2756644a85996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 60ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-862759327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90d7c2aac3bd92ed99f12ef3d617ca783cef825f0034e15e75ee2a884b037fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69096
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 main.bundle-85a7477.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 11ms
7ms Script
application/javascript 13.224.189.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 19:49:55 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-version-id: TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop: FRA2-C1
age: 3811985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33747
last-modified: Mon, 27 Feb 2023 19:12:56 GMT
server: AmazonS3
etag: "b4081a636463cc60b1faf49e579e8cb9"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NEoXa9SoXkBSEEyb6qkSjPKINcJtTj99MHSEDXQ7TJdGb3xVnW4TmQ==

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 47ms
14ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0W4HW7QXB2SHB35M
age: 6118388
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: FEGzyGEXXd02UCzPInbXdpgZbREPIuPlN1k/5e++LBXngO5QXCeFt+uM0gOxB4PsKcbo79w4Unw=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mujlzxQ1%2FTZn2hAhXDmE83dCKs2tWGRUg4FV%2BhSJu9Wqz%2BNGe7KM112AtRi%2BfnthK5lodiX%2B487cy0x1Y5Bt2JFT%2B%2FDgFqkRVg5UavjWcE%2FUcqWi936kBeT5L%2BJULNNpacWymMr%2FXLXlnfsDV%2B0e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7b6efc527d723aa0-FRA

GET
H2 200 invisibleLink.jsp Show response
store.upwellness.com/affiliate/ 212 B
1 KB 140ms
140ms Script
text/javascript 52.206.179.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/inflammation-quiz/%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10

Requested by

Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.179.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-179-48.compute-1.amazonaws.com

Software

Apache /

Resource Hash

964bd460c05e714892dceba032d9a98bfc2f4016cf302e56b845997432d9fc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 141

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 30ms
11ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 22:42:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YhACoAou8EGvSIpfwB2VUNAS+NHNnyLGgub9U8QScG5xsz3lLe1CkUm7+mvEnVTuJJD/5jE0TCQ+Xv/OPdhiww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
752 B 168ms
7ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
x-cdn: fastly
etag: "6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 484

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 88ms
17ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:24 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: Z9XS6XE9T1R8BFYS
age: 36
x-amz-server-side-encryption: AES256
x-amz-id-2: 5lnYNcyRB3A822SQKKjCM3pYeT794cM7f3PfJrsBK1DHqs8R6vaicd0hdcdL//0yOcOt1dqJwCA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1225872/ 58 KB
18 KB 47ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a15449f88d130069c34952351c68bbd39f654535671ce7291f833c024536bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: FKLqJimYcWsDUKFW3bUMKKxsoAeBCYX4
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Apr 2023 22:42:59 GMT
x-amz-request-id: VJYJ19APF41B5ZH4
age: 123
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18204
x-amz-id-2: VpuStWMcpJ3iAopye5B9SJHZYcXYysEaqGTOoxWvHS4484gpiuPUaD8IyptrT1jOaKtaudZYJv0=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Sun, 09 Apr 2023 11:13:50 GMT
server: AmazonS3
x-timer: S1681339380.634627,VS0,VE2
etag: "5e6ebafed261807ffe62458d4461d69d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 92ms
14ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:42:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2023 09:41:56 GMT
Server: AkamaiNetStorage
ETag: "838e9c2ec6e148b2af141d9d77d0f660:1680601866.61769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6771
Expires: Wed, 12 Apr 2023 23:02:59 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 570ms
174ms Script
application/javascript 34.210.64.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.64.208 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-64-208.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 16:18:03 GMT
server: istio-envoy
etag: W/"6436d9bb-19c7"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 2

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 164ms
111ms Script
application/javascript 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0185a02302f4f05a13f1c542b21e02388b0a691d5aaf1c30d65ba40863564c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 1d04317a.452096c5
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 95,2.16.240.29
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=12, inner; dur=3
content-length: 1517
pragma: no-cache
server: nginx
x-tt-logid: 20230412224259EA925C48DBF7600343C0
x-cache-remote: TCP_MISS from a23-48-215-228.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.48.215.228
x-tt-trace-host: 018ca5274675d35e421a4a6b1f8f4bb31d64ff39c28478dab4d14977ac9c479696794809d6919b081ecdb72be2e30c9f65f509ee4d580b9f5d33d7e8670df818beabc1a2bfdc2b5d3674e9433dbd02fd9bd24b9b4e4173793fcc71ed2c4cd294f95a51504967c5780af75e8c03a5cc4e07
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 nbpixel.js Show response
static.newsbreak.com/business/tracking/ 8 KB
3 KB 67ms
8ms Script
application/javascript 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1681344000000
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-8.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
content-encoding: gzip
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
date: Wed, 12 Apr 2023 15:35:59 GMT
x-amz-cf-pop: FRA60-P3
age: 37297
x-cache: Hit from cloudfront
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
server: AmazonS3
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: DOlfyylwpKH_R3_1r3rzOH4Zu5EylV4vuBGGNqPbJE3VPWa_9ZildQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
64 KB 24ms
21ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3f3fd3cc9b624f223c1d980059fd94fcce682fc01df2bb975276b0a8ed3f388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65174
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 159ms
109ms Script
application/javascript 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2f2d96b63d5b030a188e36e111d9d4dae0881a1d6763a8567eff1cca9befa29a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 2952f243.452096c7
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 94,2.16.240.29
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=3
content-length: 1417
pragma: no-cache
server: nginx
x-tt-logid: 202304122242599FA0BC101E98E60DDA37
x-cache-remote: TCP_MISS from a23-220-104-22.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.22
x-tt-trace-host: 018ca5274675d35e421a4a6b1f8f4bb31d396db6d3c809244074af65dad2c5d9a757c5b46078d7ac8eeeae13c9a06a451eee8e7ee40e784b93e7bbe5d92c58cc23edf976be75738092d7154a30d0fdff1572301f5457d76eda157ee24ab2317cbb38ba4595eec547e2dc615b8904fb5fa8
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 hotjar-795540.js Show response
static.hotjar.com/c/ 9 KB
4 KB 64ms
8ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-795540.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

dad027718bd24557c89f588f258592940e56ca2b9670e174aec47b74c3c58a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 22:42:23 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/bc9550d48589f249a850a9a2a13d6a9e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: PV9LbkYasiEoe-KWnPMRWMHRbsFpJaf-ot1WAu74bVkFYiFjdPnN5A==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 66ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 12 Apr 2023 22:42:59 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 732C4F966095446EB42C997675BFB969 Ref B: FRAEDGE1717 Ref C: 2023-04-12T22:42:59Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 getmyscorebtn.jpg
www.thealternativedaily.com/wp-content/uploads/2016/07/ 6 KB
6 KB 328ms
100ms Image
image/jpeg 23.23.204.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thealternativedaily.com/wp-content/uploads/2016/07/getmyscorebtn.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.23.204.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-204-175.compute-1.amazonaws.com
Software: Pagely-ARES/1.10.28 /
Resource Hash: 008a49b472b118119bb608c77a2548e473338a1ebcba56942253a6c056b8c1aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 26 Apr 2023 08:01:28 GMT
x-gateway-request-id: 5d0d05337c716988afd91d7adec9426e
date: Wed, 12 Apr 2023 22:42:59 GMT
last-modified: Fri, 23 Sep 2022 21:18:49 GMT
server: Pagely-ARES/1.10.28
etag: "632e22b9-1741"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 0||https|www.thealternativedaily.com|||/wp-content/uploads/2016/07/getmyscorebtn.jpg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5953
x-gateway-cache-status: HIT

GET
H2 200 UCAffiliateNetworkPixel
store.upwellness.com/cgi-bin/ 0
537 B 118ms
117ms Stylesheet
text/plain 52.206.179.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.7707043464603718&r=&u=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10
Requested by: Host: store.upwellness.com
URL: https://store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.179.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-179-48.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
server: Apache
content-length: 0
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 8ms
7ms Script
application/javascript 2600:9000:2250:5800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
date: Sun, 05 Mar 2023 17:27:36 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 6807780
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: RTvIz2Wus3diT5hxBIKLKXjBiKQknSpXZfL7xO22EmBN0XmVBRsB3w==

GET
H/1.1 200
OK global-tracking.css
s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/ 5 KB
5 KB 541ms
187ms Stylesheet
text/css 52.218.182.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.182.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 189d627cc048280c5d155a07a318138f662df0d1ffced3eb687024f5345175a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:43:01 GMT
x-amz-version-id: .zZcEAkgY2IsHf8uyG3CwBul3v9vUK1V
Last-Modified: Mon, 11 Apr 2022 15:45:24 GMT
Server: AmazonS3
x-amz-request-id: PQ166B08P86RX9XQ
ETag: "3ef6a357ce69dfdbd0fc95cd908b7211"
Content-Type: text/css
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 4781
x-amz-id-2: Gcm4GOAz4gWzlyz2/Gt7kFqyVglfpMk34ZVyYbyBVeApIyYlX7orjRlHllI+kllMssCCGSdvS0w=
Expires: 1970-01-01T00:00:00.000Z

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 38ms
7ms Script
application/javascript 108.138.17.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:56 GMT
content-encoding: gzip
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2522524
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: eWInOMTgYNRF_PB-GwJdDzCjF-w0MPgOdjhpZ9QdAHuI0tpFQBTa0g==

GET
H2 200 146844809012010 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 76ms
72ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146844809012010?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

676bd4af8d27b91495ae64cd86e9a5a5ce7e938bd92b45dc0f460b657d0482cb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 22:42:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: T0GCeLzYjH3vGRUpRURNoTA2YdybTK1CPrNN/nJJqWZAMH048a0ZkT9+/a5mQj++Z/gYRPu9BH9HJKu8N7F0qw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
BLOB 200
OK cfb118d7-05fb-4b5a-9023-a50f9f61f6e5
https://pages.upwellness.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.upwellness.com/cfb118d7-05fb-4b5a-9023-a50f9f61f6e5
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 5523
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 8 KB
1 KB 357ms
313ms Stylesheet
text/css 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

e2608c8a00df3c934678bfc382df539176126db71226f19eaad43c4a338ce058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 8dcacf6e-7463-433f-b690-d4d8c005a235
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: DSUOKGjMIAMFgoQ=
content-length: 832
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-643733f3-0411832c446c36553f0f751a
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: X7dx1cMmtYVJJwTDM5pv4SRcmOTzCHMwakFnXKnqMMJdv-ocGPpJ5Q==

GET
H2 200 5ba00849-whiteupwellnesslogo_105d027000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 3 KB
3 KB 54ms
8ms Image
image/png 52.222.250.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-226.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:12:19 GMT
x-amz-version-id: UWchE6JxJR_0i3n._9lEux42YkYaf1Mb
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 18:23:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28481441
etag: "88263fec2db483b6e115f831a65022a9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2981
x-amz-cf-id: OrmCjX2sImj3EDIkQXUT4vKKrIWtL9ZqkM8UZQxe-NGNj1XN9h-AgA==

GET
H2 200 a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/ 7 KB
8 KB 48ms
9ms Image
image/jpeg 52.222.250.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-226.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cddbd04fb6a2bc681de9bd4558b7062169322c73e095466a592152ea9e6fad8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:34:49 GMT
x-amz-version-id: tTiRn0cWmt8FCcq8iYNxVydurx3yu0HI
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 10:47:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 13334891
etag: "e3f1dbb540892e17d5db8c78f7d25dac"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 7563
x-amz-cf-id: 0Exy3oSEYRrif8Xqv1fkREFV5af8-RDy6T79UZXc2sGvP7bluNpOxQ==

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 330ms
104ms Image
image/gif 3.221.88.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1681339379656&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=23f03688-4f03-4a3c-b615-49f150056fd4&dtm=1681339379653&vp=1600x1200&ds=1600x2908&vid=1&sid=6a2dd271-5375-4ed9-a122-5158de25445d&duid=ce77737b-c9a0-424c-9103-617e32f83fe5&uid=f1ab3f09-c782-4439-8441-50ba9a52c5f4&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYW0iLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.88.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-88-80.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 80EE 325 B
816 B 416ms
416ms Document
text/html 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 7b6efc535e2a3aa0-FRA
content-length: 325
content-type: text/html
date: Wed, 12 Apr 2023 22:43:00 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YXuJ5cgzw%2BWXEL4YGEEReidHZhI7%2FQ8IeuqAvPo1Bma4cT3vCowB9h3cw0uL78YE3B0YmHloabqeTUFkShpgb14klU9xUkvrkGalh4h9VUqYVmkDsQgAiImo%2B6uWbLXSQzEuKiyZzIOohWAHDA5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: tMq9+oQ+2EQHEPzYVzSq+TfUH0T9CFxfSFS2CKObFrqGQT0oSLlShjzZDjx5Fu+u9wlr8YSBrKE=
x-amz-request-id: PQ1287K78JMHHE52
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/ 3 KB
2 KB 87ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1681339379817&cv=11&fst=1681339379817&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=476990237.1681339380&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-624541243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

270be632c5f50adafcab3fa9c20c521560c273ca92dfec03a70490ba700156d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/ 3 KB
1 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1681339379854&cv=11&fst=1681339379854&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=476990237.1681339380&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-458254939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ddbff31bb9755c730b16343cc63c7c0bde8d62137390c484fbb6062195313dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1681339379879&cv=11&fst=1681339379879&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=476990237.1681339380&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed8f698cb5a16ec080f5d8b4bb0b3886fa4d2d79da82c8b78566cfde21a44c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/ 3 KB
2 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1681339379906&cv=11&fst=1681339379906&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=476990237.1681339380&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10838597190

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc87752b6f7279828e53a0cb4f3d39cd8519f4bbb83e597e1c741264b29e9ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F7A5 15 KB
6 KB 58ms
19ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 22:42:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 400138
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 10056129.json Show response
s.yimg.com/wi/config/ 46 B
374 B 45ms
16ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10056129.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 21:57:56 GMT
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 2TDCMDCNH8CVRB6F
age: 2704
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: 0QXnHtW2R/ujhqbpdXfwomO4fzJW4L4kiF6hkDbq5Ne/IrEz8/vBAlChF5AN/4Ao4c3IBgZOxaY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
server: ATS
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 10175858.json Show response
s.yimg.com/wi/config/ 46 B
677 B 43ms
15ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10175858.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 11:50:21 GMT
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 88GN3S558Z8W9V3X
age: 39159
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: yUaY/zEBe7Fye73g3sUmNA98dnIVhtr5sv7otuaFK1Y//BMhWwlO1/HkZc0j+yZqwiW7HNgq2t0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
server: ATS
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 json Show response
trc.taboola.com/1225872/trc/3/ 3 KB
2 KB 40ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1225872/trc/3/json?tim=1681339379947&data=%7B%22id%22%3A238%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681339379936%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681339379945%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 700982d7295c040517930c22395ea0809ff49cd53b22c82bc4dcac4381a5b71d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230068-FRA
server: nginx
x-timer: S1681339380.972610,VS0,VE15
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
11ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 22:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2271
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 13 Apr 2023 00:05:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-675938688

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76895562a21bb98b281ff8d4df537378ed9b30a6ec905b213af8fa61db5f5e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51363
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 22:42:59 GMT

GET
H2 200 cl4975ot4arrr6.js Show response
cdn.js.customerlabs.co/ 196 KB
197 KB 106ms
8ms Script
binary/octet-stream 18.66.137.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-97.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f

Request headers

Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: q7mG7hlker5FRiUNkg8qVdDD2fjHsOUI
date: Wed, 12 Apr 2023 22:40:57 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 203
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 201018
last-modified: Mon, 20 Feb 2023 17:59:47 GMT
server: AmazonS3
etag: "cef37c380b37f6c7fbe85e3594e7f2d8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: boit6w2UwwGkxUYIZ4AfUEGOoG3GDNAcrRSPnJ947qn-gqcSw1lDDw==

POST
H2 200 pixel.gif
business.newsbreak.com/tracking/ 0
0 564ms
179ms Ping
application/json 52.25.38.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://business.newsbreak.com/tracking/pixel.gif?id=ID-1585718645907906561&uid=1-y5g6xyru-lgea20i0&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&rl=&ts=1681339379553&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=&bn=Chrome%20111&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by: Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1681344000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.38.36 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-38-36.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 modules.b22f4dd7cd6043d2b479.js Show response
script.hotjar.com/ 264 KB
68 KB 48ms
9ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b22f4dd7cd6043d2b479.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

e40956cd769c1357fd7a8ec0629155ac799c5055ac6ad3f3efccb86192b054c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 27953
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69072
last-modified: Wed, 12 Apr 2023 14:56:47 GMT
etag: "5e657ee37d0e478d570248420fd1b1d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: O0x9Er77GvioJRKmWNKRRi_gAXnoWjEvx3mOTgbJ9nAGMt3oNLw5Tg==

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 395ms
87ms Script
application/javascript 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:43:00 GMT
X-TraceId: 4981d39b66106a6583903139c2023e1e
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 398ms
88ms Image
image/gif 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=008878990878077997&referrer=&cht=gtm&marketerId=00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:43:00 GMT
Cache-Control: no-cache
X-TraceId: 1a261973fb0fe819e457e7435b17dd6a
Content-Length: 53
Content-Type: image/gif;

GET
H2 204 27015508.js Show response
bat.bing.com/p/action/ 0
118 B 108ms
107ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27015508.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 12 Apr 2023 22:42:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3F6ABEEE99040B6BF92836CE83CEA98 Ref B: FRAEDGE1717 Ref C: 2023-04-12T22:43:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=fe08bb66-4d6d-46fb-99df-0b50542ba951&sid=6070c120d98311ed844513c8e3440117&vid=6070faa0d98311ed829c25652b7a50a3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&r=&lt=1651&evt=pageLoad&sv=1&rn=758626

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Apr 2023 22:42:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F59153BB6E4F4F138A36C1B8C875080F Ref B: FRAEDGE1717 Ref C: 2023-04-12T22:43:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.da2a1c8f.js Show response
s.pinimg.com/ct/lib/ 57 KB
17 KB 10ms
9ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: br
x-cdn: fastly
etag: "b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 17556

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&rl=&if=false&ts=1681339380102&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&fbp=fb.1.1681339380100.1872927337&it=1681339379610&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 22:43:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&rl=&if=false&ts=1681339380105&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681339380100.1872927337&it=1681339379610&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 22:43:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&rl=&if=false&ts=1681339380106&sw=1600&sh=1200&v=2.9.101&r=stable&ec=2&o=30&fbp=fb.1.1681339380100.1872927337&it=1681339379610&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 22:43:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 main.MTZiZDQ3NTA5Mw.js Show response
analytics.tiktok.com/i18n/pixel/static/ 262 KB
69 KB 10ms
9ms Script
application/javascript 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5Mw.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4ead6338f4a52184d0a306494c28ad9927cc2f4574f0fc66af67e266d25faa48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 45209abe
date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230406144712B0748A2DEE75BE894706
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0136887fab3639b4b75f61fd3035c3f96bb2cbb703e987729826eefbbb13a8ff7f19ef3d74915a5cdacd0165b0df2423dda9ee0766718823976417a3a7837de47d64b54e8296ee822aa917c01325962415dda258fca7cc7c799a4ffedd97934dab
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 69960

GET
H2 200 main.MTZiZDQ3NTA5MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 241 KB
66 KB 16ms
16ms Script
application/javascript 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFL9L0BC77UEUGLEBMU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2f979dde1b99a98cbbd7d4040e176b20fe3b84ea0445bbfff507218c6a0f91a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 45209ac9
date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202304061444476888115E62BA411B1CAB
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01984dd38eb6b2d6ab0023f5fd85ffc69f68494dce905d8b26bdfce30063a1a25f9c492548a540ab8117423c043f449b66ad710c0ea4fb3d251e0aa2d68d87ba1879b18dc8a592c0f740ea3e9d418659800573bd867f90d988c94bd0928fe9f972
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 66999

GET
H2 200 /
www.google.com/pagead/1p-user-list/624541243/ 42 B
455 B 46ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/624541243/?random=1681339379817&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=279552189&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/624541243/ 42 B
455 B 43ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/624541243/?random=1681339379817&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=279552189&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 123ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2012%20Apr%202023%2022%3A43%3A00%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Apr 2023 22:43:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 103ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Apr 2023 22:43:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 23 KB
24 KB 28ms
12ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5024118
x-amzn-requestid: 509c95d3-d3f5-450b-8dc9-809d9e060ac8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: ASqTvGLXoAMF24w=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63ea8a7e-62e0d88b0540430257ad28f9
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ImN-FjKFdW4UdpeR3O0qoOfmB1IYgJhgsrRUVEv-9nq87WfPJ5Girw==

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.ub-assets.com/fonts/s/merriweather/v30/ 20 KB
20 KB 25ms
10ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 09:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 20028
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 12058633
x-amzn-requestid: 1352c4cf-17c5-49cb-97ee-6c32833acd58
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGUMxGOkIAMFbow=
content-length: 20056
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f33eb-4772d39620ea101514e4a183
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: H07LCwP1BJ8kKJ3TScSqc2NdOHxvR964mTtnf5ImYP2OpMeYDMfTng==

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.ub-assets.com/fonts/s/merriweather/v30/ 19 KB
20 KB 32ms
18ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 09:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 19740
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 12058633
x-amzn-requestid: b175e53d-8f4d-4434-a90c-5b4d71c47562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGUMxFcTIAMFUPA=
content-length: 19768
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f33eb-70ad7f887420f571431f88d6
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vEIK9XJ8Xj1dWqSGyJ1DRmsFUjnZUKIg4pASTu65PmbAuFeeg3tWiQ==

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 10 KB
11 KB 29ms
15ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 10104
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 11607878
x-amzn-requestid: 5ee39d7f-03c2-4a56-8fa7-101ecc9b2189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cXgrOG9UIAMFxyA=
content-length: 10127
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-638614ae-7f0f9074637e0bc574dfb42d
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HQfH46K-SCh9xvusUAHpNbrsBRMjTMY9V8hT1vXChTghP45IV_z0Sw==

GET
H2

200

sid Show response
mug.criteo.com/ Frame F7A5
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=ChromeSyncframe&so=0&topUrl=pages.upwellness.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=iBttRHw3eThZcDJuQytwU2lIVk04TXJNa2tYOHFJTnR5UG5nT1o0RTBaQmc4L1dBSWFsRzZBVnVweTVYaXdvZVd2SUZTVWFLbUpsYURCSEpIVUJnWXJVRnFjeCt6YndCWEQ1eXpHK2tlL2E4a3B5ZVdWSXh6R2UyKzRFUX...

428 B
656 B

52ms
14ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iBttRHw3eThZcDJuQytwU2lIVk04TXJNa2tYOHFJTnR5UG5nT1o0RTBaQmc4L1dBSWFsRzZBVnVweTVYaXdvZVd2SUZTVWFLbUpsYURCSEpIVUJnWXJVRnFjeCt6YndCWEQ1eXpHK2tlL2E4a3B5ZVdWSXh6R2UyKzRFUXpKZE96cFB2aUVLUDJvVlZEMG9QaUQ5bDFhU1U1WUJySEY0Q1lXS2RmMWxCbmFabE5mdzhtTzUwVmRCWWhVc2ZMTGlGcHUxVGQ3QmZxZXd6UXFSRmFYYjV4SmtpM21veU90OFJUOXFSRzZBTWlrYTBzSmd1ZnF0T3RIWjFGU1dWR1JWT2k2bnh0UFlnV1dJVnl5aUUwRlM1MkJjWXlFR0YvdHBRU2lreFFUeWxWUnN1WjdCND18&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7661a280b96b78c08dbe638f7d3131244210ace08f7910d3025b34c1ce1a2ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1368333
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:42:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=iBttRHw3eThZcDJuQytwU2lIVk04TXJNa2tYOHFJTnR5UG5nT1o0RTBaQmc4L1dBSWFsRzZBVnVweTVYaXdvZVd2SUZTVWFLbUpsYURCSEpIVUJnWXJVRnFjeCt6YndCWEQ1eXpHK2tlL2E4a3B5ZVdWSXh6R2UyKzRFUXpKZE96cFB2aUVLUDJvVlZEMG9QaUQ5bDFhU1U1WUJySEY0Q1lXS2RmMWxCbmFabE5mdzhtTzUwVmRCWWhVc2ZMTGlGcHUxVGQ3QmZxZXd6UXFSRmFYYjV4SmtpM21veU90OFJUOXFSRzZBTWlrYTBzSmd1ZnF0T3RIWjFGU1dWR1JWT2k2bnh0UFlnV1dJVnl5aUUwRlM1MkJjWXlFR0YvdHBRU2lreFFUeWxWUnN1WjdCND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 287540
content-length: 0
expires: 0

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 80EE 389 KB
114 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Apr 2024 18:05:17 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 80EE 112 KB
112 KB 18ms
18ms Script
application/javascript 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:00 GMT
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6CKVJTX2C0Y5FN3A
age: 6118387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: dJjkt4CmCUM5DanqGGzIDNZ2oWVIKotyUSH4+csYEKI4PAMYj1OqQDY10IxxET8eX3HEr/6GfcA=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vazFIpF39yv349%2BodqW8EYFuGuU%2FqqJBqZk1IgjjtT7kmh0WjhAEgNz5n1Pojot%2BrR4H6yaj%2Bhy7ybkvUaTB%2B63gKerMewTvTCrasTPIT6oGpy4jG2vkd7XEy9RjbBAjttZY1%2Fr%2Bg0J6LzRqT8bv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 7b6efc5628733aa0-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/458254939/ 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/458254939/?random=1681339379854&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028771188&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/458254939/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/458254939/?random=1681339379854&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2028771188&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/862759327/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/862759327/?random=1681339379879&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3301117192&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/862759327/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/862759327/?random=1681339379879&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3301117192&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v21/ 12 KB
13 KB 8ms
7ms Font
font/woff2 13.32.99.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-123.fra60.r.cloudfront.net

Software

Resource Hash

e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
Origin: https://pages.upwellness.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 05:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 12580
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7233963
x-amzn-requestid: 8f4dc01d-2a93-4b2b-b93c-92f3bb9c9b7b
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: e-XLcFCwIAMFT8w=
content-length: 12603
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63c8d249-42a398b24cb3f4ab69678640
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cG23oInA89K3LAI0PzO9TN7gNvv_FuMrhO8SP1bOUohoS2PzsYa8Ng==

GET
H2 200 json Show response
trc.taboola.com/1523626/trc/3/ 3 KB
1 KB 35ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1523626/trc/3/json?tim=1681339380191&data=%7B%22id%22%3A872%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681339379936%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681339379950%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22tos%22%3A11%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed1206ada9223c40e50154ca6bcd752ac86e3d21e05aff0ef57a55a673e220b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230068-FRA
server: nginx
x-timer: S1681339380.208816,VS0,VE16
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10838597190/ 42 B
64 B 27ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10838597190/?random=1681339379906&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2918373088&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10838597190/ 42 B
64 B 27ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10838597190/?random=1681339379906&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2918373088&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 65ms
21ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28307243-3&cid=1981597419.1681339380&jid=793755039&gjid=1439445256&_gid=274442543.1681339380&_u=YGBAiEABBAAAAEAAI~&z=969980294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Apr 2023 22:43:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2114614320&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=793755039&gjid=1439445256&cid=1981597419.1681339380&tid=UA-28307243-3&_gid=274442543.1681339380&gtm=45He34a0n81M3S986P&z=1391966738

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16668
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1681339380212&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26se...
https://rp4.liadm.com/j?dtstmp=1681339380212&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26s...

13 B
552 B

328ms
98ms

XHR
application/json

3.216.127.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1681339380212&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMTphYzg6MjA6M2IwMDoxMDEyOmU4ZDozMGM2OmExYmY%3D&n3pc=true

Requested by

Protocol

Server

3.216.127.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-127-149.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:00 GMT
x-pixel-event-id: ca908644-ff2b-4402-8c10-679ac66e68fb
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: a22981e75245b68e
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 12 Apr 2023 22:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1681339380212&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MjAwMTphYzg6MjA6M2IwMDoxMDEyOmU4ZDozMGM2OmExYmY%3D&n3pc=true
access-control-allow-origin: https://pages.upwellness.com
request-time: 0
access-control-allow-credentials: true
trace-id: 3717258ffbab26bb
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 identify_821f6.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 10ms
9ms Script
application/javascript 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_821f6.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5Mw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 45209bcb
date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230406144420405BCDE511E4C216B2BB
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ef56ae0824340a17d9afb1957206ee7cb25b6a1fad064721826194c959952c657f2f87d3692694c28cb3f1325acb2b23ccd2c7c0966acdc9ad07bf9b2995a609ba96bce6e2ce125a9058a8363116c96455fe8b9de9333331fe6686e7d6848bb9
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 30892

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
690 B 129ms
129ms Ping
text/plain 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5Mw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d0435c0.45209c6b
date: Wed, 12 Apr 2023 22:43:00 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 117,2.16.240.29
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=36, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023041222430086131075C7890E0F7193
x-cache-remote: TCP_MISS from a23-48-215-228.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.48.215.228
x-tt-trace-host: 018ca5274675d35e421a4a6b1f8f4bb31d64ff39c28478dab4d14977ac9c479696794809d6919b081ecdb72be2e30c9f65fc040673366856baf0396c7b297cf752270370f02bf6864ccee829c58ab021a30ffca251792eb97915986b4bd419c6a8407d76240e76268849149821fa5e0351
expires: Wed, 12 Apr 2023 22:43:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
690 B 156ms
156ms Ping
text/plain 2.16.241.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZiZDQ3NTA5Mw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c1c3047e.45209c77
date: Wed, 12 Apr 2023 22:43:00 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 130,2.16.240.29
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=41, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230412224300BAA64EFAE2E269AFED16
x-cache-remote: TCP_MISS from a23-220-104-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.220.104.13
x-tt-trace-host: 018ca5274675d35e421a4a6b1f8f4bb31d396db6d3c809244074af65dad2c5d9a761ad647a679c14aeb0e66d15ed77b982124291a43bcde47f0597a028e7483a252b549815f1e8b5d34c1c6bf6edcb873bbd99cd35d371e6aa7753f6809bc54e64ee82e659818c179033c09e7cdb6acaf6
expires: Wed, 12 Apr 2023 22:43:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
857 B 115ms
49ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1681339380332&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ccd5ce17.1681339380.17917106
x-envoy-upstream-service-time: 4
content-length: 372
x-pinterest-rid: 6571547384522047
pin-unauth: dWlkPU9HUXhaakkzT0dZdE9UQTNPUzAwWkRnNUxXRmhOall0TkRJM01EbG1PVE16WVRCaw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1681339380341&cv=11&fst=1681339380341&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&hn=www.googleadservices.com&frm=0&auid=476990237.1681339380&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-675938688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db07071fbfe2e5c25d414f00b11386403e286606f8ba1c08f7532d756dd172e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1981597419.1681339380&jid=793755039&_u=YGBAiEABBAAAAEAAI~&z=1706619410

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28307243-3&cid=1981597419.1681339380&jid=793755039&_u=YGBAiEABBAAAAEAAI~&z=1706619410

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 42ms
42ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1681339380420

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ccd5ce17.1681339380.1791712d
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7273150572766257
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 660ms
173ms Image
text/plain 35.165.42.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&ndclid=&rf=&sem=&tm=0
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.165.42.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-42-57.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
x-envoy-upstream-service-time: 6
server: istio-envoy
context-id: e3b48224-8afa-4ebc-8760-6b16f72bee5c

GET
H3 200 /
www.google.com/pagead/1p-user-list/675938688/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/675938688/?random=1681339380341&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2800739139&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/675938688/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/675938688/?random=1681339380341&cv=11&fst=1681336800000&bg=ffffff&guid=ON&async=1&gtm=45be34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&frm=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2800739139&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trtc0limNRYJwhvfi9uRqUFQo0w1 Show response
api.useproof.com/pixel/ Frame 80EE 178 B
1023 B 424ms
386ms XHR
application/json 2606:4700:3035::6815:2f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:00 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
content-encoding: br
x-amzn-remapped-content-length: 178
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: f9a743da-0240-467c-b2e9-c7c60bd92b2e
surrogate-control: no-store
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: DSUOSGl5oAMFdTQ=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAZVlcwawF6mYN7PfwpLZdBTd1Se%2F5o5hwKjMiSjvhDP3vA8p%2BdzJmODTW1HvJYvK0k1Z03L5WelNHzQDEUtaACPJkjf0nm8CoTMaCNil4j0fpfkDJitfPPnkhAdIEMZ0yKmCOtyXEKpngXfspRF"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7b6efc583ed7924d-FRA
x-amzn-remapped-date: Wed, 12 Apr 2023 22:43:00 GMT
x-amz-cf-id: d3rn-DFiF9ZuAuoGuoFpJYLGyEbqWnh1_6IKO8-JQztOjxuI-ddxNw==
expires: 0

POST
H2 500 save Show response
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ 169 B
684 B 304ms
304ms XHR
application/json 2606:4700:20::681a:9a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 109a5b21d9c2fbef9e37a4640b5cdb1c5e2e8b9261c65f3d967f8afc19ece4ed

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.23
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://pages.upwellness.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUdZxYZ%2F3I17xZV6h6Fu5YFpM9B1RyV7wrbQoo8K2uQ8SU06Eh0npINlM%2BiVJNH5ipKLXfxoW0Q67pAzKe7gIqSbBceYwjKXmeBRyUBPI%2BhgjQOihfzl%2FkzBlEpM5xJ81vorX8OC0%2FJ7b3ehglVWkwg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization,Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 7b6efc59ba2e9274-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 12 Apr 2023 22:43:00 GMT

OPTIONS
H2 204 save
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ Frame 0
0 199ms
162ms Preflight 2606:4700:20::681a:9a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7b6efc58a9849274-FRA
date: Wed, 12 Apr 2023 22:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anKuBBY9NwiAq4ktz0oVg%2FUE4QuChOBra0Kk29iU01XKY6bnB%2FEoh3KtPDeopWzQrmiMoGZMyR%2B%2BfKvXIBqZOuv1raD6wSSyJWZHfHARRec%2FtoAs5y40yQtkIMosvXdLoHQYgPQ4I1uX6POfVnzZ5Jw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 website-popup Show response
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ 23 B
450 B 319ms
319ms XHR
application/json 2606:4700:20::681a:9a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 8a0989e03715f36714c74897fd554f6dfc00f87e0145feda60300babf0fbfb26

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.23
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://pages.upwellness.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXSWZriFzB0BWqtq9L4EyJoZ%2FU8AwAP6yYns7IvVcYjITP1ircf4ilrMF89SEDWmMj6R0TXAmvu4hnG7Sdf82sbC9X0AV4XaWstGqSWbFOHdMo8bzaQR4ovoDV4ZYyiV%2F0HF%2BhXeY8JtAocs3MEVlfA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization,Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 7b6efc59ca389274-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 12 Apr 2023 22:43:01 GMT

OPTIONS
H2 204 website-popup
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ Frame 0
0 169ms
169ms Preflight 2606:4700:20::681a:9a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7b6efc58b9889274-FRA
date: Wed, 12 Apr 2023 22:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7bzUohkqnpqYG4AyBj48EeBbUA1WPkpIXnvocjuJOA51wGKQOuptkck1ss2FABehNfHmM96D5VmwenzH%2FyHFx3L0%2BV%2BSo6VjdsF0zRVjkr%2BfVEycCazEkJeL%2BWCPpp6tZ7V6GkjYsWL3l2S4HcXTpU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146844809012010&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10&rl=&if=false&ts=1681339380609&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=3&o=30&fbp=fb.1.1681339380100.1872927337&it=1681339379610&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 22:43:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b
https://a.clickcertain.com/px/smart/a/?seg=inflammation-quiz&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b
https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c

4 KB
2 KB

131ms
131ms

Script
text/javascript

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7846fcda713e0f3f3f037770af9a7e9bedc3db7f872585f306eafa7a6930288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
content-encoding: br
x-frontend: cc-nginx-658c9dc844-769d4:cc-nginx-658c9dc844-769d4
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: fd5d35e0-8b63-44a2-b245-191d2958d59f
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPOADdovHv7CQz2XRUbjL6EX30MzEtHTk%2Bbu%2Fld6tdO9kpYzM909tvy0TNHDiVQeR9d8ogv3xM%2FNwHF%2F%2Fdw5dGqg9vQdn2W2TMK%2FCyroANWdc6qUJG8SdmTlG%2Bpv%2F1CiShXtVcsmgHPZ1PPgvh7FBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7b6efc5d2be8360f-FRA

Redirect headers

date: Wed, 12 Apr 2023 22:43:01 GMT
x-frontend: cc-nginx-658c9dc844-w6vnz:cc-nginx-658c9dc844-w6vnz
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: d5c21f53-c01a-48be-be92-d50e1b1c8970
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFiQ%2FXNp4c3YvdRUdAHAzpWQn3lP3%2FRbCuY6FXlE0ylXkTcRuOMNPQGIyNSfDA%2FtG%2Fd4DtnvbgI2Hfy7y4joBAcczzS5dnPJFgI2U1%2FipRo%2BzuRoWshvUQ4%2FFUh1Qcm5Eh8NrB8cD%2BEhVue%2BjNnL%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
cf-ray: 7b6efc5c4afb360f-FRA

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 594ms
162ms Image
application/json 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b&id=cl4975ot4arrr6&uid=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b
Requested by: Host: pages.upwellness.com
URL: https://pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102d067275e8fefa9d88c0723e2deb&n=tune&cid=10_PH41223&mid=10_PH41223&AFFID=477232&subid=10_PH41223&partner_id=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 80EE 0
200 B 105ms
104ms XHR
text/plain 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Wed, 12 Apr 2023 22:43:01 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 80EE 86 B
733 B 262ms
225ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522e7f0ed29-e2cc-4f8a-bd33-b2b918e136f6%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102d067275e8fefa9d88c0723e2deb%2526n%253Dtune%2526cid%253D10_PH41223%2526mid%253D10_PH41223%2526AFFID%253D477232%2526subid%253D10_PH41223%2526partner_id%253D10%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102d067275e8fefa9d88c0723e2deb%2526n%253Dtune%2526cid%253D10_PH41223%2526mid%253D10_PH41223%2526AFFID%253D477232%2526subid%253D10_PH41223%2526partner_id%253D10%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: de4f4c6bb4d7da3aea21a95f0fb9f13beb55f7df1a7e5e91751aabdbfa80f512

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"56-UfGeTrSZrBpBGgQIzqZ30QUGJNM"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CrOZ%2BYIFMNcoIqgojYY1UWBABA8%2BpX3%2FfcWIeL7bv3f9t1iqaXpdpZQHN7CgtjWpCK8mN2bUjQk8lmTtgxHJgmugf7kTU6LO8%2BjIf0OBTmWFp4v86Ycbm9omMjMTmUZzRqKMpUTgALioziraEYOyZ8NL9Dq"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7b6efc5aed7d2bae-FRA
access-control-allow-headers: X-Requested-With,content-type

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 468ms
103ms Preflight 54.83.6.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.6.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-6-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Wed, 12 Apr 2023 22:43:01 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

GET
H2 200 announcement-bar Show response
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ 23 B
401 B 197ms
196ms XHR
application/json 2606:4700:20::681a:9a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
Requested by: Host: lq3-production01.s3.amazonaws.com
URL: https://lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.23
Resource Hash: 8a0989e03715f36714c74897fd554f6dfc00f87e0145feda60300babf0fbfb26

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.23
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: https://pages.upwellness.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1Pg%2FsTFZ9UhW8cjudTOCIt21dsJWViQxjGLAIr5TFRVXAubfTpuqVTuO6xojwhORqptC0SQOIjheiWrlQIFaoeG42Z1592HxE75dgasAc6e5EATVCILXsup5OmM2WYhUIgZJU2KFIAiZYKWDq0lBl8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Authorization,Content-Length,Content-Range
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
cf-ray: 7b6efc5cdc789274-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Wed, 12 Apr 2023 22:43:01 GMT

OPTIONS
H2 204 announcement-bar
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/ Frame 0
0 166ms
166ms Preflight 2606:4700:20::681a:9a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pages.upwellness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pages.upwellness.com
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7b6efc5bcbb29274-FRA
date: Wed, 12 Apr 2023 22:43:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSFEOKNcLHKRIoN2QE4T%2BjAaXm1Rpy3J5RyKzqVsEaMZswQRU6ZJQXWj5V5DFaGBpnebulKV4BJi8z4YyXw3CatNAzANl9RvOQVrrIcreVfCicIpCIz8RWyqPdIdur2m96onCBBzqv59Uqp8y3J5CtU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
324 B 324ms
127ms Ping
text/plain 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 12 Apr 2023 22:43:01 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK firstVisit
io.v2.customerlabs.co/cl/ 0
324 B 350ms
147ms Ping
text/plain 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 12 Apr 2023 22:43:01 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
324 B 314ms
112ms Ping
text/plain 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl4975ot4arrr6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pages.upwellness.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Wed, 12 Apr 2023 22:43:01 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame DB42 565 B
590 B 43ms
42ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.ccd5ce17.1681339381.17917a95
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 22:43:01 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8679944697704459

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 773D 1 KB
987 B 114ms
114ms Document
text/html 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74760b74c79204476e7953258fa58b7302ae9743e5c1bac8e43bce28932e49e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b6efc5e2cff360f-FRA
content-encoding: br
content-type: text/html
date: Wed, 12 Apr 2023 22:43:01 GMT
etag: W/"YjY5NTY2NzJnMDFkNWc0NTQwZzg0MzFnMGE3NzRhYjk2YjRmLXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3%2FkpEXMmg8oHyCwNsyO2ixYHBJeSP0tr1n%2BGjmpjhnSXEOc58UyuCx2v1M0OkUrsz6x1gC1cH2zhwjB50GB8y3NuhhjmwrtnhRTpAHlgma%2BaniCJQmrZJOpqF9T%2BoTAxe1%2Bo74UMbvS9t4UOEP5aw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-658c9dc844-xnxk5:cc-nginx-658c9dc844-xnxk5
x-requestid: 84b71dca-49eb-401c-a5c1-fef3ad322899

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 773D
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=b6956672-01d5-4540-8431-0a774ab96b4f
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=b6956672-01d5-4540-8431-0a774ab96b4f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=b6956672-01d5-4540-8431-0a774ab96b4f&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=7a2b5091-ed76-4ab9-94b3-d2ece885c956

0
538 B

128ms
128ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=7a2b5091-ed76-4ab9-94b3-d2ece885c956
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:01 GMT
x-frontend: cc-nginx-658c9dc844-vn24c:cc-nginx-658c9dc844-vn24c
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 1b7008ac-0334-48cf-a79a-a6886fe75d97
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=him%2F%2FKV7%2BVJgd4RQc02XhVu1j1DEejjZdMqqkKCdj1wEvviSsNWnssr9xeOXqDrDmtAfOw%2FdzXoPecPIzf2QSX8fONfysQOHJwHffHqcmoxZ%2F1tQLNSYtgUhSYY1mzc64SbfDq3vPAdQtWWaE1eK%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b6efc5fff30360f-FRA

Redirect headers

date: Wed, 12 Apr 2023 22:43:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=7a2b5091-ed76-4ab9-94b3-d2ece885c956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 773D
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=29e948ca-527f-565b-a73e-7239841e47aa&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=a4e75db4-6b53-4dd6-8412-c871f77f7b0b&hem=

0
412 B

127ms
127ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=a4e75db4-6b53-4dd6-8412-c871f77f7b0b&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:02 GMT
x-frontend: cc-nginx-658c9dc844-fc58w:cc-nginx-658c9dc844-fc58w
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 8b365977-841f-4241-bf55-1a0ae3875958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rIPnaoXZ9TemurMWRH9rwWNRck9mQTjfTCY9%2FnL7NB5nboc0LbuDfT5A7snV7GHWfSKgnHdJO4UtMjC1pgfdM8CC4h9gV1o%2BfLZZEbzZ7fVC6ueJtEHzNkC7oPKGjHXm8NgauS2l%2Bj3bcSvLeqgJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b6efc626a3e360f-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=a4e75db4-6b53-4dd6-8412-c871f77f7b0b&hem=
date: Wed, 12 Apr 2023 22:43:02 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 773D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

56ms
30ms

Image
text/plain

52.30.78.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE

Protocol

HTTP/1.1

Server

52.30.78.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-52.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:43:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Wed, 12 Apr 2023 22:43:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 773D
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=b6956672-01d5-4540-8431-0a774ab96b4f
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=b6956672-01d5-4540-8431-0a774ab96b4f&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=b6956672-01d5-4540-8431-0a774ab96b4f&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6956672%2D01d5%2D454...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&anx_uId=$UID
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6956672-01d5-4540-8431-0a774ab96b4f%26anx_uId%3D%24UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&anx_uId=4187160649041574926
https://x.bidswitch.net/sync?dsp_id=179&user_id=b6956672-01d5-4540-8431-0a774ab96b4f&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6956672-01d5-4540-8431-0a774ab96b4f&expires=5&user_group=0

43 B
345 B

9ms
8ms

Image
image/gif

18.156.40.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6956672-01d5-4540-8431-0a774ab96b4f&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE
Protocol: H2
Server: 18.156.40.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-40-75.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6956672-01d5-4540-8431-0a774ab96b4f&expires=5&user_group=0
date: Wed, 12 Apr 2023 22:43:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame F814 490 B
760 B 69ms
25ms Document
text/html 18.66.122.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6956672-01d5-4540-8431-0a774ab96b4f&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-34.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: c8ca0e60036e2624c6b8bf81878885be3511a8311cb16728fefac33ea97d3495

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Wed, 12 Apr 2023 22:43:01 GMT
server: CloudFront
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id: _Os4qKQwQ12_qjzFoUYh4PnWJw1dwx0X1gLlWpLoyAAlV0vfCS6mZw==
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
250 B 66ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1697&scd=0&ssd=1&est=1681339379939&ver=36&isls=true&src=i&invt=1500&msa=1708&rv=1&tim=1681339381637&vi=1681339379936&ri=0d62c9aa87d18b30fcd1ed2e4c9a6f33&ref=null&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Wed, 12 Apr 2023 22:43:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 66ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=1698&scd=0&ssd=1&est=1681339379939&ver=36&isls=true&src=i&invt=1500&msa=1708&rv=1&tim=1681339381638&vi=1681339379936&ri=7f62503bb8a119111c933b67d03913cc&ref=null&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Wed, 12 Apr 2023 22:43:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

204

/
a.clickcertain.com/px/img/g/ Frame F814
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=616743c2-d983-11ed-b9eb-19852bcca8c6
https://a.clickcertain.com/px/smart/a/?partner_rid=616743c2-d983-11ed-b9eb-19852bcca8c6&type=img&partner_id=193f0456&c=24d1add2443e239
https://a.clickcertain.com/px/img/?c=24d1add2443e239
https://a.clickcertain.com/px/img/g/?start_cm=1
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
https://a.clickcertain.com/px/img/g/?google_gid=CAESEEGlWvAyz3wgyR7bXf57vtA&google_cver=1

0
336 B

134ms
133ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/g/?google_gid=CAESEEGlWvAyz3wgyR7bXf57vtA&google_cver=1
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:02 GMT
x-frontend: cc-nginx-658c9dc844-47hmm:cc-nginx-658c9dc844-47hmm
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 6095a5c9-1c4a-46f0-80ce-edd0f5d1c50b
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPeuJfcTHTNHtbv2bgs%2BZLGbV%2Bapn49NhKQtq0FmilxVduWbIP1Sn052fOkA434z9MM8XGjFUcmQoJvJ0eY1ZaPQiIT%2FH%2B%2ByDZ5o9OxVtfzbRONnRB%2Bd0KB3BRRJKUzuRESUuA0prpvyI01iwI6qCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b6efc62caa7360f-FRA

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 22:43:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.clickcertain.com/px/img/g/?google_gid=CAESEEGlWvAyz3wgyR7bXf57vtA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 lds
a.usbrowserspeed.com/ Frame F814 0
148 B 477ms
188ms Image
text/plain 52.10.142.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.142.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-142-145.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:43:02 GMT
server: awselb/2.0

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame F814
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

33ms
33ms

Image
text/plain

52.30.78.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Server

52.30.78.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-52.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 22:43:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Wed, 12 Apr 2023 22:43:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 194ms
194ms Image
application/json 52.22.191.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1681339380100.1872927337&customerlabs_user_id=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b&id=cl4975ot4arrr6&uid=cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b&t=0&sc=1600%20x%201200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.191.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-191-215.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 204 unip Show response
trc-events.taboola.com/1225872/log/3/ 0
249 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4699&scd=0&ssd=1&est=1681339379939&ver=36&isls=true&src=i&invt=3000&msa=1708&rv=1&tim=1681339384639&vi=1681339379936&ri=0d62c9aa87d18b30fcd1ed2e4c9a6f33&ref=null&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Wed, 12 Apr 2023 22:43:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1523626/log/3/ 0
249 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1523626/log/3/unip?en=pre_d_eng_tb&tos=4699&scd=0&ssd=1&est=1681339379939&ver=36&isls=true&src=i&invt=3000&msa=1708&rv=1&tim=1681339384639&vi=1681339379936&ri=7f62503bb8a119111c933b67d03913cc&ref=null&cv=20230404-24-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102d067275e8fefa9d88c0723e2deb%26n%3Dtune%26cid%3D10_PH41223%26mid%3D10_PH41223%26AFFID%3D477232%26subid%3D10_PH41223%26partner_id%3D10
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.upwellness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://pages.upwellness.com
pragma: no-cache
date: Wed, 12 Apr 2023 22:43:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.upwellness.com/inflammation-quiz/	1970-01-20 15:27:16	Name: ubpv Value: am%2Cce51cc0b-0e94-443c-a27a-24c78d18f232
i.liadm.com/s	1970-01-20 11:45:31	Name: _li_ss Value: CgA
links.paleohacks-mailing.com/	1970-01-20 11:03:02	Name: _session_id Value: 2db7e8406a16bd1f5a5acafd17ae65e1
go.welldaily.com/	1970-01-20 11:12:24	Name: enc_aff_session_77 Value: ENC03c05d4b629fa0dc4e24ee4a0ebcffa4f1b5e26520d2accf3a1edcfa3f36e0ec736e1889df7b240dec6f0b254e9131490cece81386f462687de2e52ce592997cf17a2e1fd31b79daee64c1779326fb6cd6f4eabed8d7aa135a495149ed2bce970486da6356aa175438d780683394914442dadcd35a6a4965b04731fd4602a42fae11f6ee39
go.welldaily.com/	1970-01-20 20:38:19	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/	1970-01-20 15:21:31	Name: ubvs Value: f1ab3f09-c782-4439-8441-50ba9a52c5f4
.upwellness.com/	1970-01-20 11:06:38	Name: ubvt Value: v2%7Cf1ab3f09-c782-4439-8441-50ba9a52c5f4%7Cce51cc0b-0e94-443c-a27a-24c78d18f232%3Aam%3Aweighted
.upwellness.com/	1969-12-31 23:59:59	Name: UltraCartShoppingCartID Value: 7A1307DB74BC02018777A2EEA7204500
.upwellness.com/	1970-01-20 20:38:19	Name: ucacid Value: 1125243356.244096
.store.upwellness.com/	1970-01-20 20:38:19	Name: ucacid Value: 1125243356.244096
store.upwellness.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abczwKqlJnGWcBJUlZ-4I
store.upwellness.com/	1969-12-31 23:59:59	Name: LBJSESSIONID Value: abczwKqlJnGWcBJUlZ-4I.n252
store.upwellness.com/	1970-01-20 11:12:24	Name: AWSALB Value: FrFiFdohaQoReWUZSnVNsLhioUtMItwlOr6BCnWNssdnUVNKrJLYOfBxuVjEJQSfHwRN7gLpBD1heNggzoxo2H1vmKUZJHAVL0wEU4t6RLcPeISXyD9oRjbZmtrJ
store.upwellness.com/	1970-01-20 11:12:24	Name: AWSALBCORS Value: FrFiFdohaQoReWUZSnVNsLhioUtMItwlOr6BCnWNssdnUVNKrJLYOfBxuVjEJQSfHwRN7gLpBD1heNggzoxo2H1vmKUZJHAVL0wEU4t6RLcPeISXyD9oRjbZmtrJ
.store.upwellness.com/	1970-01-20 19:47:55	Name: UPWEL-ANP Value: 6141
.tiktok.com/	1970-01-20 20:23:55	Name: _ttp Value: 2OLUVXrP2YaaLMSMHjQKRnmAiKV
.upwellness.com/	1970-01-20 13:11:55	Name: _gcl_au Value: 1.1.476990237.1681339380
.upwellness.com/	1970-01-20 20:38:19	Name: __nbpix_uid Value: 1-y5g6xyru-lgea20i0
.criteo.com/	1970-01-20 20:23:55	Name: uid Value: 2e5c3b4a-d5b9-49c0-bdd6-227449e646d3
.doubleclick.net/	1970-01-20 20:23:55	Name: IDE Value: AHWqTUn6ooLQp00WZp76KCUvQKEdNz8noliaIpAbywb2tiN-XXMgJF-M93T06ZmK
.upwellness.com/	1970-01-20 11:03:45	Name: _uetsid Value: 6070c120d98311ed844513c8e3440117
.upwellness.com/	1970-01-20 20:23:55	Name: _uetvid Value: 6070faa0d98311ed829c25652b7a50a3
.upwellness.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .upwellness.com
.upwellness.com/	1970-01-20 20:38:19	Name: _lc2_fpi Value: f0f26c15fa8f--01gxvt5wakhjmpyjj3tzty4j95
.bing.com/	1970-01-20 20:23:55	Name: MUID Value: 386D4152B89566CB3DE653A3B9956780
.upwellness.com/	1970-01-20 13:11:55	Name: _fbp Value: fb.1.1681339380100.1872927337
.upwellness.com/	1970-01-20 20:38:19	Name: _ga Value: GA1.2.1981597419.1681339380
.upwellness.com/	1970-01-20 11:03:45	Name: _gid Value: GA1.2.274442543.1681339380
.upwellness.com/	1970-01-20 11:02:19	Name: _dc_gtm_UA-28307243-3 Value: 1
.yahoo.com/	1970-01-20 19:48:16	Name: A3 Value: d=AQABBPQzN2QCEL9y7b5HFf8yVpy7P73s1H8FEgEBAQGFOGRBZAAAAAAA_eMAAA&S=AQAAAumRYrRPYurSTTfHs-GnTiA
.upwellness.com/	1970-01-20 20:23:55	Name: _tt_enable_cookie Value: 1
.upwellness.com/	1970-01-20 20:23:55	Name: _ttp Value: hBn0xkzxERmwq7o9ond7qxhZslU
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_source Value: Direct
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_starts Value: 1681339380322
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.upwellness.com/	1970-01-20 19:47:55	Name: cl4975ot4arrr6_uid Value: cl4975ot4arrr644f8c03d-d038-4c8d-838a-d190a696e00b
.upwellness.com/	1970-01-20 19:47:55	Name: cl4975ot4arrr6_sid Value: CL-87d7975b-9565-4fed-b697
.upwellness.com/	1970-01-20 19:47:55	Name: cl4975ot4arrr6_gid Value: cl4975ot4arrr6efeaac81-f318-417d-83a9-d6f21a88fa36
.upwellness.com/	1970-01-20 19:47:55	Name: _hjSessionUser_795540 Value: eyJpZCI6ImU3YmYwYzBkLTJhOGItNWEyNi05MGVmLTQ1N2VkYmJmNDYyOSIsImNyZWF0ZWQiOjE2ODEzMzkzODAzNzQsImV4aXN0aW5nIjpmYWxzZX0=
.upwellness.com/	1970-01-20 11:02:21	Name: _hjFirstSeen Value: 1
.upwellness.com/	1970-01-20 11:02:19	Name: _hjIncludedInSessionSample_795540 Value: 1
.upwellness.com/	1970-01-20 11:02:21	Name: _hjSession_795540 Value: eyJpZCI6ImRkZjBiMGFhLTdjM2EtNDM5Ny1iZGJiLTI0Nzg4N2Y0MjBjNyIsImNyZWF0ZWQiOjE2ODEzMzkzODAzODQsImluU2FtcGxlIjp0cnVlfQ==
.upwellness.com/	1970-01-20 11:02:21	Name: _hjAbsoluteSessionInProgress Value: 0
.upwellness.com/	1970-01-20 20:31:43	Name: cto_bundle Value: ObJKVl9aVHZ5SnNVV2FDNWhQZ1diVUl1dUhaNVlTNHNIdTB6cVlUYWVHQmlLdXYxOTl1cjFoQTRXV0lncHVZJTJGY2pqTW8lMkJFVnIlMkZ2YlpsTDMwNDdtVzZKZHNHYVpvMmtyUTFPOWdNejZmV1FyeXdXbXUxdyUyRk9ETUtnZDdkZm9vNENQWE1mZkUwa1B5RTV3ZHdqTEF2elRRNzdSQSUzRCUzRA
pages.upwellness.com/	1970-01-20 11:02:19	Name: outbrain_cid_fetch Value: true
.pages.upwellness.com/	1970-01-20 19:47:55	Name: _pin_unauth Value: dWlkPU9HUXhaakkzT0dZdE9UQTNPUzAwWkRnNUxXRmhOall0TkRJM01EbG1PVE16WVRCaw
.liadm.com/	1970-01-20 20:38:19	Name: lidid Value: 75cf73c2-51cb-4ed8-b287-cf33ad723f10
a.clickcertain.com/	1970-01-20 19:47:55	Name: _ccpx_u Value: b6956672%2d01d5%2d4540%2d8431%2d0a774ab96b4f
.upwellness.com/	1969-12-31 23:59:59	Name: cl4975ot4arrr6_session_ends Value: 1681341181334
a.clickcertain.com/	1970-01-20 19:47:55	Name: _ccpx_24a3d6f0fe7dd9c Value: 1
.tapad.com/	1970-01-20 12:28:43	Name: TapAd_TS Value: 1681339381728
.tapad.com/	1970-01-20 12:28:43	Name: TapAd_DID Value: 7a2b5091-ed76-4ab9-94b3-d2ece885c956
.tapad.com/	1970-01-20 12:28:43	Name: TapAd_3WAY_SYNCS Value:
.bidr.io/	1970-01-20 20:30:52	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 20:30:52	Name: bito Value: AAB8eE7IbmgAACBiK1eebg
.upwellness.com/	1970-01-20 19:47:55	Name: cl4975ot4arrr6_eidsTracked Value: true
a.clickcertain.com/	1970-01-20 19:47:55	Name: _ccpx_24d1add2443e239 Value: 1
a.clickcertain.com/	1970-01-20 19:47:55	Name: _ccpx Value: 24d1add2443e239
.a.usbrowserspeed.com/	1970-01-20 19:47:55	Name: tuid Value: a4e75db4-6b53-4dd6-8412-c871f77f7b0b
.adnxs.com/	1970-01-20 13:11:55	Name: uuid2 Value: 4187160649041574926
.bidswitch.net/	1970-01-20 19:47:55	Name: tuuid Value: 34feb13f-b8fb-46d3-8dae-7c2f0fd0bd9f
.bidswitch.net/	1970-01-20 19:47:55	Name: c Value: 1681339382
.bidswitch.net/	1970-01-20 19:47:55	Name: tuuid_lu Value: 1681339382

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
ads.nextdoor.com
amplify.outbrain.com
analytics.proofapi.com
analytics.tiktok.com
api.leadquizzes.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
business.newsbreak.com
cdn.js.customerlabs.co
cdn.taboola.com
cdn.useproof.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dynamic.criteo.com
events.ub-analytics.com
flask.nextdoor.com
fonts.ub-assets.com
go.welldaily.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
io.v2.customerlabs.co
links.paleohacks-mailing.com
live-visitor-counts.herokuapp.com
live.upwellness.com
lq3-production01.s3.amazonaws.com
match.prod.bidr.io
mug.criteo.com
pages.upwellness.com
pixel.tapad.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
s3-us-west-2.amazonaws.com
script.hotjar.com
secure.adnxs.com
sp.analytics.yahoo.com
static.hotjar.com
static.newsbreak.com
stats.g.doubleclick.net
store.upwellness.com
tag.trovo-tag.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.thealternativedaily.com
x.bidswitch.net
108.138.17.78
13.224.189.28
13.32.99.123
13.32.99.8
141.226.228.48
142.250.186.98
151.101.193.131
151.101.193.44
178.250.1.11
18.156.40.75
18.213.140.229
18.66.122.34
18.66.137.97
18.66.97.10
2.16.241.93
2001:4860:4802:32::178
212.82.100.181
23.206.208.183
23.23.204.175
23.35.237.86
2600:1f18:730:b120:6f9e:97b:4367:31b2
2600:9000:223c:5800:8:8845:1500:93a1
2600:9000:2250:5800:1d:11cf:5800:93a1
2606:4700:20::681a:37a
2606:4700:20::681a:932
2606:4700:20::681a:9a2
2606:4700:3035::6815:2f0c
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c03::9c
2a02:2638:3::e
2a02:2638:d::d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:8d::84
2a06:98c1:3121::3
3.126.202.50
3.216.127.149
3.221.88.80
3.93.168.254
34.111.113.62
34.210.64.208
35.165.42.57
35.238.129.105
37.252.171.21
52.10.142.145
52.206.179.48
52.218.182.160
52.218.250.19
52.22.191.215
52.222.236.74
52.222.250.226
52.25.38.36
52.30.78.52
52.31.40.31
54.83.6.65
64.202.112.159
008a49b472b118119bb608c77a2548e473338a1ebcba56942253a6c056b8c1aa
0185a02302f4f05a13f1c542b21e02388b0a691d5aaf1c30d65ba40863564c89
09f4901e0b0dc161eee6f30ecb384c5e777f5768754b4583f7ccff038d7fc810
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0ddbff31bb9755c730b16343cc63c7c0bde8d62137390c484fbb6062195313dc
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
109a5b21d9c2fbef9e37a4640b5cdb1c5e2e8b9261c65f3d967f8afc19ece4ed
14a5f8f03f30a8f371bc718ca618dd1d905cee9a61abc5b70506078421c10ca4
189d627cc048280c5d155a07a318138f662df0d1ffced3eb687024f5345175a4
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ed1206ada9223c40e50154ca6bcd752ac86e3d21e05aff0ef57a55a673e220b
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
270be632c5f50adafcab3fa9c20c521560c273ca92dfec03a70490ba700156d7
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
2f2d96b63d5b030a188e36e111d9d4dae0881a1d6763a8567eff1cca9befa29a
2f979dde1b99a98cbbd7d4040e176b20fe3b84ea0445bbfff507218c6a0f91a6
3306be2f35833b06c686cd176ad68eb3654b6d81ba3fe27d85365d7343361c6c
364943ab1e174a887daf694eaf9593e1da6d4a8e5a59dbfdf1937657efeaca76
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a15449f88d130069c34952351c68bbd39f654535671ce7291f833c024536bb4
3be5e8684889eb373cd73c7bd5ce7e6c7e62fb709708d8fa8e427b818c4ce13f
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4ead6338f4a52184d0a306494c28ad9927cc2f4574f0fc66af67e266d25faa48
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
676bd4af8d27b91495ae64cd86e9a5a5ce7e938bd92b45dc0f460b657d0482cb
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
700982d7295c040517930c22395ea0809ff49cd53b22c82bc4dcac4381a5b71d
7661a280b96b78c08dbe638f7d3131244210ace08f7910d3025b34c1ce1a2ab4
76895562a21bb98b281ff8d4df537378ed9b30a6ec905b213af8fa61db5f5e32
7829607946e3646237a5e0e8398db0eddef2797050f73a55d89d1c7257cf370f
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
8a0989e03715f36714c74897fd554f6dfc00f87e0145feda60300babf0fbfb26
90d7c2aac3bd92ed99f12ef3d617ca783cef825f0034e15e75ee2a884b037fb8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
964bd460c05e714892dceba032d9a98bfc2f4016cf302e56b845997432d9fc49
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c
c3f3fd3cc9b624f223c1d980059fd94fcce682fc01df2bb975276b0a8ed3f388
c74760b74c79204476e7953258fa58b7302ae9743e5c1bac8e43bce28932e49e
c8ca0e60036e2624c6b8bf81878885be3511a8311cb16728fefac33ea97d3495
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc87752b6f7279828e53a0cb4f3d39cd8519f4bbb83e597e1c741264b29e9ac0
cddbd04fb6a2bc681de9bd4558b7062169322c73e095466a592152ea9e6fad8f
ced5b747fe92122e8fb38c867ac67b80ffba333bd3d42285cdecbff43073a6e6
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d15f55544e174d9a6ffc8100fc584b976464e16ca0de6baca8240410e940f822
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
dad027718bd24557c89f588f258592940e56ca2b9670e174aec47b74c3c58a89
db07071fbfe2e5c25d414f00b11386403e286606f8ba1c08f7532d756dd172e9
de31232fc4bf2bc89eb534de6d283c88b7c426d9d623f9ac04b2c5f2d2673aa1
de4f4c6bb4d7da3aea21a95f0fb9f13beb55f7df1a7e5e91751aabdbfa80f512
e2608c8a00df3c934678bfc382df539176126db71226f19eaad43c4a338ce058
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40956cd769c1357fd7a8ec0629155ac799c5055ac6ad3f3efccb86192b054c7
e7080f115951349f3d1ea349f5cf6489889c7f86bca6d20c341d3716023beeff
ed8f698cb5a16ec080f5d8b4bb0b3886fa4d2d79da82c8b78566cfde21a44c54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7846fcda713e0f3f3f037770af9a7e9bedc3db7f872585f306eafa7a6930288
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fdabac16981e7df2da195a8fbfb028b8b81dcf0edc1429b5fb418baab6df758a
ff0ab7b5cdcdc420def76609dfd60cf6e47a08b1233c8110c7c2756644a85996

pages.upwellness.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

92 %HTTPS

35 %IPv6

44 Domains

64 Subdomains

55 IPs

7 Countries

2133 kBTransfer

4705 kBSize

63 Cookies

0 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pages.upwellness.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

92 %
HTTPS

35 %
IPv6

44
Domains

64
Subdomains

55
IPs

7
Countries

2133 kB
Transfer

4705 kB
Size

63
Cookies

129 HTTP transactions
1 data transactions