www.backtorootshealth.com Open in urlscan Pro
92.205.18.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.backtorootshealth.com/
Effective URL:
https://www.backtorootshealth.com/
Submission: On March 04 via api (March 4th 2024, 9:33:27 pm UTC) from US — Scanned from FR

Summary HTTP 121 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 26 domains to perform 121 HTTP transactions. The main IP is 92.205.18.172, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is www.backtorootshealth.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 14th 2024. Valid for: 3 months.

This is the only time www.backtorootshealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	92.205.18.172 92.205.18.172	21499 (GODADDY-SXB) (GODADDY-SXB)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	52.219.232.225 52.219.232.225	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7d0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:fba8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:589a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	151.101.64.217 151.101.64.217	54113 (FASTLY) (FASTLY)
2	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.1.100 104.18.1.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:272... 2600:9000:2724:6600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
3	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:b05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:a07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
121	30

32 92.205.18.172 (Strasbourg, France) 1 redirects

ASN21499 (GODADDY-SXB, DE)
PTR: 172.18.205.92.host.secureserver.net

www.backtorootshealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.crwd.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.netflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.232.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7d0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:fba8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:589a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.64.217 (United States)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.1.100 (None, )

ASN13335 (CLOUDFLARENET, US)

api.crwd.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:6600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

crwdmarket.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:b05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

7175493.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	crwd.shop app.crwd.shop	2 MB
22	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 3394 f.vimeocdn.com — Cisco Umbrella Rank: 3556 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3474	647 KB
17	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 firebasestorage.googleapis.com — Cisco Umbrella Rank: 6266	6 MB
10	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4928 app.hubspot.com — Cisco Umbrella Rank: 5603 track.hubspot.com — Cisco Umbrella Rank: 2406 forms.hubspot.com — Cisco Umbrella Rank: 5395 js.hubspot.com — Cisco Umbrella Rank: 4543 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4466	53 KB
6	gstatic.com www.gstatic.com	58 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5646	325 KB
4	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 17350 crwdmarket.matomo.cloud	59 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1999 vimeo.com — Cisco Umbrella Rank: 1929	20 KB
3	netflow.co analytics.netflow.co	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	69 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4679 forms.hscollectedforms.net — Cisco Umbrella Rank: 4787	26 KB
2	amazonaws.com s3.us-east-2.amazonaws.com
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 973	171 KB
2	backtorootshealth.com 1 redirects www.backtorootshealth.com	2 MB
1	hubspotusercontent-na1.net 7175493.fs1.hubspotusercontent-na1.net	3 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4886	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	185 B
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 6571	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3504	1 KB
1	crwd.systems api.crwd.systems	654 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3210	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4902	25 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5142	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2220	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2237	17 KB
121	26

	Domain	Requested by
27	app.crwd.shop	www.backtorootshealth.com app.crwd.shop
14	firebasestorage.googleapis.com	www.backtorootshealth.com
12	i.vimeocdn.com	www.backtorootshealth.com player.vimeo.com f.vimeocdn.com
8	f.vimeocdn.com	player.vimeo.com
6	www.gstatic.com	f.vimeocdn.com www.gstatic.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	crwdmarket.matomo.cloud	cdn.matomo.cloud
3	fonts.googleapis.com	www.backtorootshealth.com
3	analytics.netflow.co	www.backtorootshealth.com analytics.netflow.co
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	api.hubspot.com	js.usemessages.com
2	www.youtube.com	app.crwd.shop www.youtube.com
2	player.vimeo.com	app.crwd.shop
2	s3.us-east-2.amazonaws.com	www.backtorootshealth.com
2	use.fontawesome.com	www.backtorootshealth.com use.fontawesome.com
2	www.backtorootshealth.com	1 redirects
1	7175493.fs1.hubspotusercontent-na1.net
1	perf-na1.hsforms.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hubspot.com	js-na1.hs-scripts.com
1	www.facebook.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	vimeo.com	f.vimeocdn.com
1	cdn.matomo.cloud	app.crwd.shop
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	api.crwd.systems	app.crwd.shop
1	js.hscollectedforms.net	app.crwd.shop
1	js.hsadspixel.net	app.crwd.shop
1	js.usemessages.com	app.crwd.shop
1	js.hsleadflows.net	app.crwd.shop
1	js.hs-analytics.net	app.crwd.shop
1	js.hs-banner.com	app.crwd.shop
121	37

This site contains no links.

Subject Issuer	Validity	Valid
backtorootshealth.com cPanel, Inc. Certification Authority	`2024-02-14` - `2024-05-14`	3 months	crt.sh
app.crwd.shop cPanel, Inc. Certification Authority	`2024-01-18` - `2024-04-17`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
analytics.netflow.co cPanel, Inc. Certification Authority	`2024-01-11` - `2024-04-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-19` - `2024-11-19`	a year	crt.sh
player.vimeo.com E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
api.crwd.systems E1	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2024-02-25` - `2024-05-25`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.backtorootshealth.com/
Frame ID: E5F4A68055C5D1EE2B74EDF717465CF3
Requests: 80 HTTP requests in this frame

Frame: https://player.vimeo.com/video/725141484
Frame ID: ADFACD4A66F45D65ED9D78F487E4CCA7
Requests: 14 HTTP requests in this frame

Frame: https://player.vimeo.com/video/578093692
Frame ID: 51BA26F662DC90E117C7FD28F018E750
Requests: 15 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/572468b9a9c849f284ff29b09e6c075e?uuid=5e4d00c0991543ff898e99df5197b6d3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: E1640FB16988C9593429D9C7B01F3B3F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Back to Roots Health - PureCBD Products

Page URL History Show full URLs

http://www.backtorootshealth.com/ HTTP 301
https://www.backtorootshealth.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

121
Requests

98 %
HTTPS

69 %
IPv6

26
Domains

37
Subdomains

30
IPs

4
Countries

11083 kB
Transfer

15129 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.backtorootshealth.com/ HTTP 301
https://www.backtorootshealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

121 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.backtorootshealth.com/
Redirect Chain

http://www.backtorootshealth.com/
https://www.backtorootshealth.com/

2 MB
2 MB

118ms
60ms

Document
text/html

92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash: 19b71ad68338363023517e33fd7de0d1b509f381648184ba5cbff5ee55d2303a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Mar 2024 21:33:19 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 04 Mar 2024 21:33:19 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.backtorootshealth.com/
Server: Apache

GET
H/1.1 200
OK style.css
app.crwd.shop/builderassets/css/ 64 KB
64 KB 145ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/style.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

835477fbc54cd5222d3a9e364a8f9ff52f8512a1c8ccfd5693f1161329fc5fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Jan 2023 15:03:16 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 65219
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK form-styles.css
app.crwd.shop/builderassets/css/ 5 KB
6 KB 146ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/form-styles.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

74df122be2a059f7994950a5c8f6262fff8d9763f381fe6a0c7eaf3877209a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:27:57 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5611
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK order-form-styles.css
app.crwd.shop/builderassets/css/ 13 KB
13 KB 146ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/order-form-styles.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

3e2256fdb0682f202b2e5227e2655c1a7cc3e2e5e17426009be1e46650134c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:27:58 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13383
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.css
app.crwd.shop/builderassets/css/jquery/ 38 KB
38 KB 236ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/jquery/jquery-ui.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:21 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 38638
X-XSS-Protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v6.2.1/css/ 100 KB
23 KB 79ms
35ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1969625
etag: W/"8bb6644125ddeee7a27732e86f65fa05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DYwjQh7P01Rhy11dgLRxB3i4BXcsiYGdcwbitvo3nvnkgt4Bw8egW3g1rZSNCtPihcYsdNMO%2B9SFP7e%2Ff%2FMCxvtiUa1RrO%2BSoZ9nEGPibn8aaV0TcDroQCkMG6xRwidc4JiFMS4gCkVT%2BcLFTOEeutj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85f4fbe4ce8ad5dd-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK bootstrap.min.css
app.crwd.shop/builderassets/css/bootstrap/ 156 KB
156 KB 259ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/bootstrap/bootstrap.min.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:09 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 159521
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dropborders.css
app.crwd.shop/builderassets/css/ 2 KB
3 KB 266ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/dropborders.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

c456f6c9217b828f668f4b0ce9f8ae07a72129f19d946106e9442dae7ff5ae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Jan 2023 14:14:06 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2407
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick-theme.css
app.crwd.shop/builderassets/css/slick/ 3 KB
4 KB 260ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/slick/slick-theme.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:23 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3347
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.css
app.crwd.shop/builderassets/css/slick/ 2 KB
2 KB 175ms
29ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/slick/slick.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:23 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1893
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontello.css
app.crwd.shop/builderassets/css/icon-picker/ 37 KB
37 KB 204ms
31ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/icon-picker/fontello.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

5568d7a302a7539f0f5fcd34ca9cc10039c017385e20654de82ed70df4134e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:15 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 37576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.min.css
app.crwd.shop/builderassets/css/owlcarousel/ 3 KB
4 KB 205ms
30ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/owlcarousel/owl.carousel.min.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:21 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3356
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK quill.bubble.css
app.crwd.shop/builderassets/css/quill/ 27 KB
27 KB 229ms
28ms Stylesheet
text/css 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/quill/quill.bubble.css

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

dd30ebace50c302a53ecb462faca8422cfd87c5bbb1480cde7d685c1f517cd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:22 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 27748
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
analytics.netflow.co/js/ 729 B
1 KB 1578ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.netflow.co/js/script.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 11 Dec 2021 00:12:32 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 729
X-XSS-Protection: 1; mode=block
Expires: Tue, 04 Mar 2025 21:33:21 GMT

GET
H/1.1 200
OK chatscript.js Show response
app.crwd.shop/builderassets/js/ 3 KB
3 KB 273ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/chatscript.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4fa2877587a2dabba4d33a06ce09e86376056a4f8e751e6725b47eaf7ebf8eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 May 2022 10:09:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2886
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
837 B 94ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 21:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 21:21:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
589 B 94ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,700

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2aee72097aeb633f595376fe943624076bed28999bfe05b3a5498fd5e4a91798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Mar 2024 21:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 20:51:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 96ms
37ms Stylesheet
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Gilroy:300,400,700
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 images%2FWvUEHM6UGV
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 8 KB
9 KB 322ms
234ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FWvUEHM6UGV?alt=media&token=1932bedd-eb3c-4a35-82a0-623954ccb9f7
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d201e290007b210a8f886b9c72091d1d1410e03a03c6346d75ee733dfaa0544d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPqwsx6Ko9pJjGa_r40VQblwbSfgxa_y2cQ5d4SzzzTUX9sn-0EoqWKpjxOONfOBWNqTnXDhak9ysg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''WvUEHM6UGV
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8491
last-modified: Wed, 08 Jun 2022 12:41:41 GMT
server: UploadServer
etag: "930c239ec4b82eb49170fe3647a8ca34"
x-goog-generation: 1654692101925228
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=5uAoEQ==, md5=kwwjnsS4LrSRcP42R6jKNA==
cache-control: private, max-age=0
x-goog-stored-content-length: 8491
x-goog-meta-firebasestoragedownloadtokens: 1932bedd-eb3c-4a35-82a0-623954ccb9f7
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FwWDCEorPvw
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 586 KB
587 KB 326ms
239ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FwWDCEorPvw?alt=media&token=7f550f83-31d9-48bb-b0a4-ea972013e958
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 684d6df6676839133f4c16e07d40f559312fe9dde305ee157f5cf054b0ee516e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPof57DHny_5iUGwGL5M31dJ519IyaXABbXb_lZXmqa5i2cbHryb9JaRJi7y6WDmru9gRmHa37Ulig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wWDCEorPvw
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 599989
last-modified: Wed, 08 Jun 2022 11:24:09 GMT
server: UploadServer
etag: "a09e30d38d09f2321f0dd86c84194f6c"
x-goog-generation: 1654687449356484
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=zVpnng==, md5=oJ4w040J8jIfDdhshBlPbA==
cache-control: private, max-age=0
x-goog-stored-content-length: 599989
x-goog-meta-firebasestoragedownloadtokens: 7f550f83-31d9-48bb-b0a4-ea972013e958
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FuBJuvyf0A0
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 251 KB
252 KB 453ms
449ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FuBJuvyf0A0?alt=media&token=b052078c-1f60-4010-857c-6cffa90cb0a8
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5e51e209c44f498e5d7c3a5c35d5454c37b3c2744746954fa9d759d4a6c08391

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPqBWqTEP_0e1k3WCKIZsKZGHOpbBrQtBxeznvF7h2F9qh0Tn6nm9VI5hNXqaUAkiOzsTCTvSfXFIA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''uBJuvyf0A0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257340
last-modified: Fri, 10 Jun 2022 17:20:39 GMT
server: UploadServer
etag: "c359640f5fcb286bd68306ffd8d6691e"
x-goog-generation: 1654881639304720
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=FRV2Hg==, md5=w1lkD1/LKGvWgwb/2NZpHg==
cache-control: private, max-age=0
x-goog-stored-content-length: 257340
x-goog-meta-firebasestoragedownloadtokens: b052078c-1f60-4010-857c-6cffa90cb0a8
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2Fxb3UpwJYcp
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 566 KB
567 KB 208ms
204ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fxb3UpwJYcp?alt=media&token=ebcbf229-a33d-480c-affe-e2001c0643fb
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cc8c10ead0e5c334043aac99d78221e7dec39abb3510c45e9ddee8bb2dcd5133

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPrrTDlWOrFdMJZb7I5uWqalj7AaJBEE_UFWjtt1xSRMRgScpz2Bi7DYFAemcVyjcEQS1TmTWiUMBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''xb3UpwJYcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579554
last-modified: Fri, 10 Jun 2022 17:20:40 GMT
server: UploadServer
etag: "289fcc256cc9436845ff59ec0f9e8be2"
x-goog-generation: 1654881640306830
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=FrLpmw==, md5=KJ/MJWzJQ2hF/1nsD56L4g==
cache-control: private, max-age=0
x-goog-stored-content-length: 579554
x-goog-meta-firebasestoragedownloadtokens: ebcbf229-a33d-480c-affe-e2001c0643fb
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FM84LeeMiuz
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 742 KB
743 KB 270ms
267ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FM84LeeMiuz?alt=media&token=950f2ee2-f6a6-4228-bbbf-71c6b5f6df84
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c6624c409211922875235c5d6af8b75cc248e400a68d633efad4d5e1f1fafe18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPpRe9BnYlwy8-QVg8nTpqxVoa2zZm8M6Qq7jurjucgh6O24ILqHXgdy5oUqJf9b9Xco85CKF4D2Cw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''M84LeeMiuz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 759803
last-modified: Fri, 10 Jun 2022 17:20:40 GMT
server: UploadServer
etag: "84e40b5bc148876a1b8e9056bcca4787"
x-goog-generation: 1654881640415078
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=KGQoWA==, md5=hOQLW8FIh2objpBWvMpHhw==
cache-control: private, max-age=0
x-goog-stored-content-length: 759803
x-goog-meta-firebasestoragedownloadtokens: 950f2ee2-f6a6-4228-bbbf-71c6b5f6df84
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H/1.1 404
Not Found crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg
s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/ 0
0 415ms
141ms Image
application/xml 52.219.232.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.219.232.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 images%2FwIjSQ9Rrjc
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 467 KB
467 KB 237ms
235ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FwIjSQ9Rrjc?alt=media&token=8519486f-4e90-4a00-b203-e90aece6150f
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 798932e879a71338df9bf6fb7497c00411a9471695d8575208744e53ff6df07b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPr257ieKpjruVKJGh8F0PzbhNQk97rPe1pSNBJfaOm9wegsFjqONbeMsbQr9Qudoi_f_Cmf8J45SA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wIjSQ9Rrjc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477884
last-modified: Tue, 07 Jun 2022 14:10:59 GMT
server: UploadServer
etag: "971acf936d74c69bdd785e7d6d6249d8"
x-goog-generation: 1654611059474037
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=pniEgw==, md5=lxrPk210xpvdeF59bWJJ2A==
cache-control: private, max-age=0
x-goog-stored-content-length: 477884
x-goog-meta-firebasestoragedownloadtokens: 8519486f-4e90-4a00-b203-e90aece6150f
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FIvSNRDwu85
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 555 KB
555 KB 389ms
387ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FIvSNRDwu85?alt=media&token=e9f17d70-5db1-4fb7-bd38-7820cce5949a
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fe48befcf69eb9abf495d891db6c8325a4e21364801035e5206a30ca7e4c443

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPoMc2fgzhGj35jbJZ36Thl1_N9JlSOZjvtthseDnMINPXYVzNuW1ukplIpRf89XIWpgE1LA_cU4Ug
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''IvSNRDwu85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 568136
last-modified: Tue, 07 Jun 2022 13:37:14 GMT
server: UploadServer
etag: "092e9c816ac698c9feff64591adcdced"
x-goog-generation: 1654609034382077
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=Z/Hueg==, md5=CS6cgWrGmMn+/2RZGtzc7Q==
cache-control: private, max-age=0
x-goog-stored-content-length: 568136
x-goog-meta-firebasestoragedownloadtokens: e9f17d70-5db1-4fb7-bd38-7820cce5949a
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FIhxHKBRA0c
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 342 KB
342 KB 451ms
449ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FIhxHKBRA0c?alt=media&token=9617922e-69a7-4568-b5e9-415f9509af52
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b25e1557bc6f9c8d9457ef7b0f0f7da1db62ab7128971f16dffff77efb411592

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPrTSiTr6wqY-m-TUUjeLfYsthAk3ehLecz6gblDyvph107d9kggW9SYTxKldV9USqpWYoxQ6z70iw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''IhxHKBRA0c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349888
last-modified: Mon, 14 Mar 2022 12:41:12 GMT
server: UploadServer
etag: "172a3870375fb95f99ccb6fa17040024"
x-goog-generation: 1647261672630151
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=ZWFqSw==, md5=Fyo4cDdfuV+ZzLb6FwQAJA==
cache-control: private, max-age=0
x-goog-stored-content-length: 349888
x-goog-meta-firebasestoragedownloadtokens: 9617922e-69a7-4568-b5e9-415f9509af52
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FRve22yAjiP
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 42 KB
43 KB 246ms
244ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FRve22yAjiP?alt=media&token=c98bc946-7a5d-45c8-b037-08a5c0740e38
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7f340a2defa886e0fd32def4af9ca322f1136f89338f38bcd5f1d161d60ed07a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPrBNqR-fQAfrAKn9V7xP6MF-9bI8DcbS8rv7nNtPSToMBBbgk9wiSteVEvIxF5OeX77v-vFST0TXQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''Rve22yAjiP
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43278
last-modified: Tue, 05 Jul 2022 13:14:14 GMT
server: UploadServer
etag: "297ad51e60176a31a4809426476b1ef0"
x-goog-generation: 1657026854052211
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=WJeLmA==, md5=KXrVHmAXajGkgJQmR2se8A==
cache-control: private, max-age=0
x-goog-stored-content-length: 43278
x-goog-meta-firebasestoragedownloadtokens: c98bc946-7a5d-45c8-b037-08a5c0740e38
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2Fwrgz2x79Rh
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 652 KB
653 KB 299ms
297ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fwrgz2x79Rh?alt=media&token=464e39e7-0014-48fe-a7f2-03fe00343182
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 085ab8bb50dd2328eac5780f7655253e557474db55025d9ff5a3ad221bb3bdc9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPrdiogJQfCDOVKAiBqC9TLyJ7y5qDAAvtyJ6ETY2XHSLM7AGkuA2hsefP3S-DoU3rBvqPyaOiG18w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''wrgz2x79Rh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667764
last-modified: Tue, 05 Jul 2022 13:14:38 GMT
server: UploadServer
etag: "89b0e1f528e1da6cb18c59a4d2d5fbd4"
x-goog-generation: 1657026878188135
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=zwwMJw==, md5=ibDh9Sjh2myxjFmk0tX71A==
cache-control: private, max-age=0
x-goog-stored-content-length: 667764
x-goog-meta-firebasestoragedownloadtokens: 464e39e7-0014-48fe-a7f2-03fe00343182
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2FeinIcpx5ZU
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 1 MB
1 MB 395ms
393ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FeinIcpx5ZU?alt=media&token=fc8cfda7-29de-45d7-9317-2df75e73e856
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 01e2e921eca318498b76a61b4bda48169533fb6494744cd2b4c77020b37f50d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPph-TlmVIKAFLzz5JBF8I5IOQslQ7xNxTiH2pKBqgBaRD6Nwp_18TCnaNMEKHzrMJXtrHEtQ_Oz0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''einIcpx5ZU
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281555
last-modified: Thu, 13 Oct 2022 15:51:37 GMT
server: UploadServer
etag: "09fb7651c92975b7b43144b9a8efab1a"
x-goog-generation: 1665676297931223
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=HqnHTw==, md5=Cft2Uckpdbe0MUS5qO+rGg==
cache-control: private, max-age=0
x-goog-stored-content-length: 1281555
x-goog-meta-firebasestoragedownloadtokens: fc8cfda7-29de-45d7-9317-2df75e73e856
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 images%2Fu4YDa6wzAx
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 664 B
982 B 270ms
269ms Image
image/png 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2Fu4YDa6wzAx?alt=media&token=7e363f81-97ca-466b-9cc8-9f47d4f4f3bc
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0102d04028714c5980ffdb5c6a9abf38ca9a968534caba224dac4d323caa9723

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPrhviIVB7x5W1Tl7bnXsIyzQWiIEz1CLxoJdlSgpNp3Dqnr14U9CQP8TQwnX0u8ums3bmxvUy1R_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''u4YDa6wzAx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664
last-modified: Sat, 12 Mar 2022 11:56:21 GMT
server: UploadServer
etag: "32376b43fcc3e8da72340818b1c6987c"
x-goog-generation: 1647086181014229
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=6T+cjg==, md5=MjdrQ/zD6NpyNAgYscaYfA==
cache-control: private, max-age=0
x-goog-stored-content-length: 664
x-goog-meta-firebasestoragedownloadtokens: 7e363f81-97ca-466b-9cc8-9f47d4f4f3bc
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H/1.1 404
Not Found crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg
s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/ 0
0 394ms
139ms Image
application/xml 52.219.232.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.219.232.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
app.crwd.shop/builderassets/js/jquery/ 87 KB
88 KB 31ms
28ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/jquery/jquery-3.5.1.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:39 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 89476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-ui.js Show response
app.crwd.shop/builderassets/js/jquery/ 527 KB
527 KB 33ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/jquery/jquery-ui.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:40 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 539419
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK popper.min.js Show response
app.crwd.shop/builderassets/js/bootstrap/ 21 KB
21 KB 32ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/bootstrap/popper.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:30 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21260
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
app.crwd.shop/builderassets/js/bootstrap/ 59 KB
59 KB 34ms
31ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/bootstrap/bootstrap.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:29 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 60016
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.zoom.min.js Show response
app.crwd.shop/builderassets/js/zoom/ 3 KB
3 KB 34ms
32ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/zoom/jquery.zoom.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

b732bca54abb8c19181dad21d8323976fad3f16614b26e09be8b502ebc07d987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2621
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.min.js Show response
app.crwd.shop/builderassets/js/slick/ 42 KB
42 KB 57ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/slick/slick.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:41 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42862
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK countdown.min.js Show response
app.crwd.shop/builderassets/js/countdown/ 7 KB
8 KB 30ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/countdown/countdown.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

effd6d38858ccb5be115f36d992b360a6f8fa07a6ac432c4171a6b49e1c30f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:32 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7329
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.min.js Show response
app.crwd.shop/builderassets/js/owlcarousel/ 43 KB
44 KB 30ms
30ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/owlcarousel/owl.carousel.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:40 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 44348
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK newdropborders.js Show response
app.crwd.shop/builderassets/js/ 69 KB
70 KB 31ms
31ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/newdropborders.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

890a5d365cd857bab0c7a52b27ba68aa0bab64bc4c8f9e88aaacf5bc74d80601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Feb 2023 15:47:20 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 70854
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK affiliate.js Show response
app.crwd.shop/builderassets/js/ 13 KB
13 KB 29ms
29ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/affiliate.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

b6d113a2a54337026f4e3253cb769600f754bfe3122ccd4d4cae1642abfe4ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Jan 2023 16:38:24 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13272
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK youtube_background.min.js Show response
app.crwd.shop/builderassets/js/ytbg/ 10 KB
11 KB 38ms
38ms Script
application/javascript 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/js/ytbg/youtube_background.min.js

Requested by

Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

61e91a341f0be6f9c99470775b8c68fcb66d05e6b8dc994a7722b7f5367edc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:42 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10638
X-XSS-Protection: 1; mode=block

GET
H2 200 7175493.js Show response
js.hs-banner.com/ 62 KB
17 KB 481ms
434ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7175493.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afae2955447922b85687972833b8f378a41c68355fa5110a8224bca902979315

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
x-amz-version-id: kz4QZ_pEjXjhulMtYTKHxp9.N53T4vGu
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 25XZQ6W5545B475D
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: ca23ba56-de73-425c-91b1-486056127c88
x-envoy-upstream-service-time: 91
x-amz-id-2: 6pINWoJcmqHRn5S/MzjUH6ikoNdEVyA7LGLGwMjkiJAd1H7JD9QhM4xfN38oncBd0dYWq7RTcso=
x-evy-trace-listener: listener_https
x-request-id: ca23ba56-de73-425c-91b1-486056127c88
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 28 Feb 2024 07:24:33 GMT
server: cloudflare
etag: W/"0448fbb93ed076293b0ecb6c8a51b957"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-rk9w9
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 85f4fbe6b992040d-CDG
expires: Mon, 04 Mar 2024 21:38:20 GMT

GET
H2 200 7175493.js Show response
js.hs-analytics.net/analytics/1652460000000/ 67 KB
21 KB 210ms
160ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1652460000000/7175493.js
Requested by: Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d533a208173db8fbc96a843333ab2447cc76b3d5970c8a99b5e84c8a709ea49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: JSNV77F5BRFRYAD8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 298eb89b-74cb-4d63-9647-59000a5c6303
x-envoy-upstream-service-time: 24
x-amz-id-2: /6TYWoPrMsxUf7t6qk0ydFkgvl4NwErBoG4doOL0WE1ZvJrv1W+rH8UNNhJF0Kj53TUQcjsRqs0=
x-evy-trace-listener: listener_https
x-request-id: 298eb89b-74cb-4d63-9647-59000a5c6303
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 28 Feb 2024 07:24:36 GMT
server: cloudflare
etag: W/"5e4080dc54f03e6abe79bf28da9929cc"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbxg4
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 85f4fbe6da310071-CDG
expires: Mon, 04 Mar 2024 21:38:19 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 218ms
177ms Script
application/javascript 2606:4700::6812:7d0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js&cfRay=85f4fbe6cc7e0371-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2a6dc24f5ac6c8a7eefaadde95ff2129"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js
date: Mon, 04 Mar 2024 21:33:19 GMT
x-amz-version-id: ukHk26vS_rf4a6X6Ik2.9R2qKIwOxT4G
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: b076cfeb-f4d6-47fc-b65b-6d95565d712b
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 35
x-evy-trace-route-configuration: listener_https/all
x-request-id: b076cfeb-f4d6-47fc-b65b-6d95565d712b
last-modified: Tue, 06 Feb 2024 10:46:39 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-q6tzb
cf-ray: 85f4fbe6cc7e0371-CDG
x-amz-cf-id: e11ox1S_pn2PfPMkvcHkvNmEEpi_UN8dqfykN-l4XvZVLH3mAP9g9A==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
25 KB 91ms
32ms Script
application/javascript 2606:4700::6811:fba8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fba8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ac911cb0b21aee74454ff7fbe0e756c012c72434191fa1489bcec323ab9fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-amz-version-id: UN8iAnNBbm1tJd1HOfs7NTFeZ_lT8C7Q
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 240
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15605/bundles/project.js&cfRay=85f4f6071c586f0e-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: df710d36-2385-4bed-a23a-536cb3085077
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: df710d36-2385-4bed-a23a-536cb3085077
last-modified: Thu, 29 Feb 2024 16:18:19 UTC
server: cloudflare
etag: W/"044310d82a442973ea722d999b8b2fc7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-58mtb
cf-ray: 85f4fbe70a176f4e-CDG
x-amz-cf-id: o4wJEo31LwpOUfJa6gMKgIYkUN5uXhPUS5iZRA5VATdylEvnn0ojGg==
x-hs-target-asset: conversations-embed/static-1.15605/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 84ms
35ms Script
application/javascript 2606:4700::6811:e7a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e7a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e97c77e5ac3de5723fb77bf8e7b1d0163d31db985f243a3674610511a5e74cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-amz-version-id: Y85vlkDRLHrO0Ytpv12d97vjrzupHg7A
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 290
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.535/bundles/pixels-release.js&cfRay=85f4f4cd48b52a3f-CDG
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 6575cbae-81de-44af-8364-fe3362b24d36
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6575cbae-81de-44af-8364-fe3362b24d36
last-modified: Mon, 04 Mar 2024 14:57:46 UTC
server: cloudflare
etag: W/"af98135ab2c9431b9c8a29b6c4c8f784"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-xvt9q
cf-ray: 85f4fbe70a560076-CDG
x-amz-cf-id: vJMzX4A1Ko2Bb6UVOhFWylEeQO6G0KpV6BbHH5rBgTMtTkD_JNlC0Q==
x-hs-target-asset: adsscriptloaderstatic/static-1.535/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 204ms
162ms Script
application/javascript 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/chatscript.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
x-amz-version-id: VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 8a6d1910-926d-4758-886b-fe2d674b29a8
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=85f4fbe789da6ffc-CDG
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8a6d1910-926d-4758-886b-fe2d674b29a8
last-modified: Wed, 21 Feb 2024 09:36:07 UTC
server: cloudflare
etag: W/"0892458d49ed5681928e6be69131caa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-r7fvm
cf-ray: 85f4fbe789da6ffc-CDG
x-amz-cf-id: EHFVBKhFINICJqMYO4eFnFjZqsuSy3sHxF01uJBvX19W7xUoP_Ymzg==
x-hs-target-asset: collected-forms-embed-js/static-1.468/bundles/project.js

GET
H2 200 images%2F7mDGNENEg5
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 273 KB
274 KB 178ms
178ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2F7mDGNENEg5?alt=media&token=db6addb3-de38-429a-aaa3-7c6f52ef3870
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f5a7a05a543488f228e50c889218780c81d47197955218934dc3d980f23d0ac8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPqoboWHIz6sjP4F2--VU_KkKzS_opmOPhEKWEkahpY-rGZTHozvSaOQHdw3h7ZDPgAmZsleSRKzAA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''7mDGNENEg5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279873
last-modified: Tue, 07 Jun 2022 13:28:39 GMT
server: UploadServer
etag: "efb313177f22e88320d743d1d6d75e98"
x-goog-generation: 1654608519252916
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=QuH+og==, md5=77MTF38i6IMg10PR1tdemA==
cache-control: private, max-age=0
x-goog-stored-content-length: 279873
x-goog-meta-firebasestoragedownloadtokens: db6addb3-de38-429a-aaa3-7c6f52ef3870
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d_640
i.vimeocdn.com/video/ 18 KB
18 KB 182ms
124ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d_640
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e32d0e21562d2e3246d10b05162357b6534bae3aeca593784b15c5e2f006b31

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 919221
x-viewmaster-lossless-format: automatic
x-cache: HIT, MISS
content-length: 17939
x-served-by: cache-dfw-kdfw8210031-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588000.809624,VS0,VE105
etag: "0af9fc193b3d0db7aef3a4b048025501"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 images%2FsLLvuNVvZ0
firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/ 358 KB
358 KB 380ms
380ms Image
image/jpeg 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/instafunnels-91427.appspot.com/o/images%2FsLLvuNVvZ0?alt=media&token=2cc4c93a-a7f9-42f2-bfc7-1ad61e8ad668
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 03b48669dd18b1daa29541e38abc183a5c9f8b8aa8b8906a9da8a3522d6d7f45

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
x-guploader-uploadid: ABPtcPppdChJXPNwPEyiZDCN1-w30UhOuNUr1iuxAETRCuMDJfdZbQgVLUOPqR0Z-Hxr6EqLALeJti0nYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''sLLvuNVvZ0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366145
last-modified: Thu, 10 Mar 2022 16:52:18 GMT
server: UploadServer
etag: "c2f96ebea5d08c788bc91c0dc6c3a5dd"
x-goog-generation: 1646931138821842
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=Z2WL2w==, md5=wvluvqXQjHiLyRwNxsOl3Q==
cache-control: private, max-age=0
x-goog-stored-content-length: 366145
x-goog-meta-firebasestoragedownloadtokens: 2cc4c93a-a7f9-42f2-bfc7-1ad61e8ad668
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:19 GMT

GET
H/1.1 200
OK Gilroy-Regular.ttf
app.crwd.shop/builderassets/css/fonts/ 142 KB
142 KB 496ms
29ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Gilroy-Regular.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:11 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 145148
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Gilroy-Bold.ttf
app.crwd.shop/builderassets/css/fonts/ 134 KB
134 KB 606ms
28ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Gilroy-Bold.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:11 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 137256
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat.ttf
app.crwd.shop/builderassets/css/fonts/ 43 KB
43 KB 661ms
28ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Montserrat.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

8a255170935ba96644a0f7e53c60652300087d4a2799c274e94c1d6a4dba4767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:12 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 43924
X-XSS-Protection: 1; mode=block

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.2.1/webfonts/ 147 KB
148 KB 195ms
153ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.2.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

Request headers

Referer: https://use.fontawesome.com/releases/v6.2.1/css/all.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "328a9d0f59f0ebb55cddac6f39995bea"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9CiOUi04Q5vjfnZjHaAw1MDXzW%2BCuMuX6hFaF7uJwx5tIoFZqvbMH580PlguLf1tTDWFfHNxc2rZJCG1khLOiPbtS967dyFJIoozxf3RL1iQexnZQPDEvRMHHxzFSRNNrAgFUtKfg0oOnJhoDO4HwNH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85f4fbe6aa4b02dd-CDG
alt-svc: h3=":443"; ma=86400
content-length: 150516

GET
H/1.1 200
OK Roboto-Slab-Regular.ttf
app.crwd.shop/builderassets/css/fonts/ 118 KB
119 KB 687ms
28ms Font
font/ttf 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL

https://app.crwd.shop/builderassets/css/fonts/Roboto-Slab-Regular.ttf

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

172.18.205.92.host.secureserver.net

Software

Apache /

Resource Hash

6d7d7d8806cc310d0fc693af61c94b8ad69d1825b1abc86d4c137d32f8b70212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.crwd.shop/builderassets/css/style.css
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Feb 2022 18:28:12 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 121060
X-XSS-Protection: 1; mode=block

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d_640
i.vimeocdn.com/video/ 35 KB
35 KB 135ms
127ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d_640
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 56c34e5cfdbdc3f561556d18e4398f117cf938c7feb99ceaa67c21b9cead99f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:19 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 868767
x-viewmaster-lossless-format: automatic
x-cache: HIT, MISS
content-length: 35480
x-served-by: cache-dfw-kdal2120095-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588000.809611,VS0,VE108
etag: "d8da011304aaa9735bd8fc99d09ababd"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 26, 0

GET stepsTracker.php
app.crwd.shop/builderassets/php/ 0
0

POST funnelfavicon
app.crwd.shop/builder/ 0
0

GET
H/1.1 200
OK 725141484 Show response
player.vimeo.com/video/ Frame ADFA 19 KB
10 KB 512ms
350ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/725141484

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/newdropborders.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc82a98f33fcb8f00ac4181c643481a7de5483f54f0e293a8ac49ad9e1c121e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85f4fbe8c9559152-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Mar 2024 21:33:20 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230077-FRA
X-Timer: S1709588000.137191,VS0,VE310
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-76679d79d-hs9kd
x-content-type-options: nosniff
x-host: player-backend-76679d79d-hs9kd
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 578093692 Show response
player.vimeo.com/video/ Frame 51BA 18 KB
10 KB 419ms
264ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/578093692

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/newdropborders.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d34d8514f37c8873762342e72acff705ff73b76904cfb7918ba0146a469cfdb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85f4fbe8ca5392a7-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Mar 2024 21:33:20 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230130-FRA
X-Timer: S1709588000.142883,VS0,VE216
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm-gke.vhx.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-76679d79d-4x7ph
x-content-type-options: nosniff
x-host: player-backend-76679d79d-4x7ph
x-player-backend: g
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
api.crwd.systems/v1/ 155 B
654 B 346ms
187ms Fetch
application/json 104.18.1.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.crwd.systems/v1/graphql

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/affiliate.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.1.100 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

164fc1aff1b68513a51cfc4a06365e46bcbf14c196c961d4092c1c5fb847a5b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 0
x-request-id: b448ca77ae034e49dcd9d0ad8886bcbd
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
access-control-expose-headers: X-Hasura-Query-Cache-Key,X-Hasura-Query-Family-Cache-Key,Warning
access-control-allow-credentials: true
cf-ray: 85f4fbe8f98f6fd2-CDG

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 187ms
45ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/ytbg/youtube_background.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 04 Mar 2024 21:33:20 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 255ms
254ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7175493&conversations-embed=static-1.15605&mobile=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&traceId=572468b9a9c849f284ff29b09e6c075e

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f115716906fa17a79b51ed19ff09e7dcdf16a8a8a3b4846b12a76f4a563c5a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
X-HubSpot-Messages-Uri: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2efbc6a8-72db-4ef8-9a73-5b7668ebb095
x-envoy-upstream-service-time: 137
content-length: 1366
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2efbc6a8-72db-4ef8-9a73-5b7668ebb095
server: cloudflare
x-trace: 2B53DC55E55E4E52F795575C9A289D2FF9614F06EB000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-sbkb7
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQDEnEsUNhMLHym2LeamO8gvuWNxtB0lZwT1pt6Gl1xzf0UovSJlt8zLWObFQ1sV%2F0h2cVoTaEKCHjWglOc3mek92UmKarQqcIJ8nWNXlFCcm3DPCfqTUppa2AWOdxPpgtuDHOTrT44MUAP1fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 85f4fbe9fa4101fd-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 309ms
181ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.backtorootshealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.backtorootshealth.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 85f4fbe8d90401fd-CDG
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 04 Mar 2024 21:33:20 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTnWx14ISIDnN6egGVofCXTL2oSiFDgCBfnWSh3IDWkyLYeA5WSLtZyeDMpROH7rEthtSsU4b0q7sI1MuU8Krh5RzF1Dko73lkcxNyC70w72BmBOo6eqw6MYY5freW8LnWeu%2FAyk3D7eKRwAvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 60
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-xdwl8
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: f4054cff-f482-4909-a7b2-7a11e020b294
x-request-id: f4054cff-f482-4909-a7b2-7a11e020b294
x-trace: 2B7900341A203B0A5C6FF15084C5F71B312E22475F000000000000000000

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
444 B 125ms
124ms XHR
application/json 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7175493&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb39ee2e75cd39e84fd60931d906431f35101b375b54b8524d699c3a6c50341

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e3bd3777-d6f3-4bb9-adca-4693737583d1
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e3bd3777-d6f3-4bb9-adca-4693737583d1
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-2qqmj
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 85f4fbe8bb856ffc-CDG

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/ 215 KB
67 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68331
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 20:57:21 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
1 KB 171ms
128ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=7175493

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3356fc08932d03ae05a815019ef02a3d28b3174eae447e59a976f8b7f75e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ca6b19e3-c3ce-4499-9a5d-90e730bc5e4c
content-encoding: br
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca6b19e3-c3ce-4499-9a5d-90e730bc5e4c
server: cloudflare
x-trace: 2B1B2E3FEF6F5975163FBD9CA5094DECF1686502BE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-jsm56
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Kam%2BTm9YwUePNOjJrQHvQaR%2Fg%2FNmQK0RN%2FNF7F6FcCbuYTQhyOJ7%2FP6tKtgVrirt4rhx3kZpQbUWuEuIo%2F1eMQjdgXwpXYTX%2BhH40E1tzOYoRzfOuyorjjreq6rydYDS8F0wWI8G5brCSQ4"}],"group":"cf-nel","max_age":604800}
cf-ray: 85f4fbe9ce2d2a11-CDG
access-control-allow-headers: *

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/crwdmarket.matomo.cloud/ 200 KB
58 KB 102ms
30ms Script
application/javascript 2600:9000:2724:6600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js

Requested by

Host: app.crwd.shop
URL: https://app.crwd.shop/builderassets/js/affiliate.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:6600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

80674df4167d5260cbac3f8a6499ae381e36025aea6ad5c8eba25c5eb668e007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:34:38 GMT
x-amz-version-id: u7CWCVwt2dLrjeOxwJfTiJ0upSfcxNdQ
content-encoding: gzip
strict-transport-security: max-age=31536000
via: 1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 10723
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 18 Feb 2024 22:02:29 GMT
server: CloudFront
etag: W/"e028b9b74436105242fb4d41d01c0779"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: lLMrocPfNHpgYg36fxtx4xJQ8HhtO_-pCi92GhDBL0yStnOqGPSM9w==

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.28.12/js/ Frame 51BA 570 KB
137 KB 131ms
27ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e061ae2e26263c053a592e12c426bf56c7c7c9a855d1a4c60ec72a512cd37374

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-eddf8230133-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 275880
x-timer: S1709588000.493421,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 140459
x-cache-hits: 6, 2391

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.28.12/js/ Frame 51BA 417 KB
100 KB 131ms
28ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64e1b0c75d8227ddab7862c64b7c48d18e3e9729432ada838d16abab849ca81c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100168-IAD, cache-fra-eddf8230133-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 275880
x-timer: S1709588000.493389,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 102176
x-cache-hits: 6, 94031

GET
H2 200 player.css
f.vimeocdn.com/p/4.28.12/css/ Frame 51BA 209 KB
22 KB 161ms
38ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae61eee52a74b081700b0d5e04f90dc0472f834b50da52075259a9c152545674

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200028-IAD, cache-fra-eddf8230102-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 275880
x-timer: S1709588001.527334,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22094
x-cache-hits: 6, 87486

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 51BA 2 KB
2 KB 123ms
122ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6daa20307a8faab300c4b2eb2aad676122aaf5bf270f09e4d3354e5507aa157f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 951966
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 2132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210023-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588000.391454,VS0,VE104
etag: "a7fba177c525c062060f0aa1bfba4880"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 29, 0

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.28.12/js/ Frame ADFA 570 KB
137 KB 41ms
24ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e061ae2e26263c053a592e12c426bf56c7c7c9a855d1a4c60ec72a512cd37374

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-eddf8230133-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 275880
x-timer: S1709588000.493397,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 140459
x-cache-hits: 6, 2391

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.28.12/js/ Frame ADFA 417 KB
100 KB 86ms
69ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64e1b0c75d8227ddab7862c64b7c48d18e3e9729432ada838d16abab849ca81c

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100168-IAD, cache-fra-eddf8230133-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 275880
x-timer: S1709588000.493506,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 102176
x-cache-hits: 6, 94032

GET
H2 200 player.css
f.vimeocdn.com/p/4.28.12/css/ Frame ADFA 209 KB
22 KB 75ms
38ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.28.12/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae61eee52a74b081700b0d5e04f90dc0472f834b50da52075259a9c152545674

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200028-IAD, cache-fra-eddf8230102-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 275880
x-timer: S1709588001.527310,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22094
x-cache-hits: 6, 87486

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame ADFA 2 KB
2 KB 131ms
128ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f53b467c880d31529344cfdacf57caa39853030de281f24789fb7b5d2cf8972

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 235216
x-viewmaster-lossless-format: automatic
x-cache: HIT, MISS
content-length: 1559
x-served-by: cache-dfw-kdal2120055-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588000.481435,VS0,VE109
etag: "d5fab6481e2a3f2143449b6382190e61"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 0

POST
H2 204 matomo.php
crwdmarket.matomo.cloud/ 0
175 B 130ms
64ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/matomo.php?action_name=Back%20to%20Roots%20Health%20-%20PureCBD%20Products&idsite=8&rec=1&r=413304&h=22&m=33&s=20&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&_id=fd49f7e1f12772f5&_idn=0&send_image=0&_refts=0&pv_id=jnm2kW&pf_net=58&pf_srv=60&pf_tfr=194&pf_dm1=563&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.backtorootshealth.com
date: Mon, 04 Mar 2024 21:33:20 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 configs.php Show response
crwdmarket.matomo.cloud/plugins/HeatmapSessionRecording/ 116 B
291 B 92ms
31ms Script
application/javascript 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=8&trackerid=UuVZk9&url=https%3A%2F%2Fwww.backtorootshealth.com%2F
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1f57eeb8cd3ed221423b6af0bee1cc6adc836120ca4364aa62fed0e52c71fb7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
server: Apache
content-length: 119
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 572468b9a9c849f284ff29b09e6c075e Show response
app.hubspot.com/conversations-visitor/7175493/threads/utk/ Frame E164 52 KB
20 KB 214ms
171ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/7175493/threads/utk/572468b9a9c849f284ff29b09e6c075e?uuid=5e4d00c0991543ff898e99df5197b6d3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d66215d7022217bfc428cc9d82403ce5da1fc1e29ba8ef53b05541e2aff52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.backtorootshealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: false
age: 3288
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 85f4fbebeea3008e-CDG
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18063/html/index.html&cfRay=85f4fbebeea3008e&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F7175493%2Fthreads%2Futk%2F572468b9a9c849f284ff29b09e6c075e%3Fuuid%3D5e4d00c0991543ff898e99df5197b6d3%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dbacktorootshealth.com%26inApp53%3Dfalse%26messagesUtk%3D572468b9a9c849f284ff29b09e6c075e%26url%3Dhttps%253A%252F%252Fwww.backtorootshealth.com%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.backtorootshealth.com%2F&cfenv=prod&pdt=2024-03-04&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 21:33:20 GMT
etag: W/"44c56580b5973e9d6e520540610ba0d8"
last-modified: Thu, 29 Feb 2024 16:18:19 UTC
origin-trial: Aqk2Dm2ZNOeMxifFm26pJzN4DTOHc1z7UYEx7QaWtHTVqsFhooI36f0r5tbw602aKbEI4WJ0fgx7+KHwlyi4HwwAAABceyJvcmlnaW4iOiJodHRwczovL2h1YnNwb3QuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=85f4fbebeea3008e&resource=conversations-visitor-ui/static-1.18063/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-cf-id: qs5vJ_dq2csKmS4PEe5qHVYcB7gOjvGcV_FieF3NHuMexB6QA0GVRA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: W_Frrabhg3MGs.vCUSAgOB5XPx5mwqUM
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 14
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-gjs7x
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.18063/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 81faec41-af36-4627-84d3-378dd55c07ab
x-request-id: 81faec41-af36-4627-84d3-378dd55c07ab

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 51BA 2 KB
1 KB 24ms
23ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/578093692
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230102-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1183613
x-timer: S1709588001.640545,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 1, 235677

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 51BA 4 KB
2 KB 133ms
73ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:20 GMT

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 51BA 14 KB
15 KB 129ms
129ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=300&mh=300
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 742a5257f5d3141756d0aa7435f70ad178f47aac857d071e1653a0d2cecce0d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 358508
x-viewmaster-lossless-format: automatic
x-cache: HIT, MISS
content-length: 14791
x-served-by: cache-dfw-kdal2120076-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.661429,VS0,VE108
etag: "ce6c596cc227502cb67475ea9dc7e5d3"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 9, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 51BA 0
142 B 182ms
113ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5ae479cf0e885b374787edadaa21f20c83d518d91709588000
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame ADFA 2 KB
1 KB 23ms
21ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/725141484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230102-FRA
date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1183613
x-timer: S1709588001.703467,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 1, 235678

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame ADFA 4 KB
2 KB 153ms
139ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:20 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame ADFA 17 KB
17 KB 129ms
129ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=600&mh=346
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 039842bb3f6ede7b1bd847238ccffa8a2576cdd4fde7d0c5b363ff05f23b3ab6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 235216
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 17132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210028-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.706615,VS0,VE112
etag: "9f7de964504e1e55534326181b1297b8"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame ADFA 0
40 B 138ms
114ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=e1bb715928f327062f848b57b7ca7e5550686ff61709588000
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 51BA 0
924 B 248ms
174ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=5ae479cf0e885b374787edadaa21f20c83d518d91709588000

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 04 Mar 2024 09:33:20 GMT
Date: Mon, 04 Mar 2024 21:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kjyo7100155-IAD, cache-fra-eddf8230039-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1709588001.816148,VS0,VE131
x-backend-proxy: webproxy5
x-frame-options: sameorigin
Vary: User-Agent,x-http-method-override
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-bcc5fcc87-v2jjr
Accept-Ranges: bytes
CF-RAY: 85f4fbecf91c9143-FRA
X-Cache-Hits: 0, 0

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 51BA 14 KB
15 KB 25ms
25ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=300&mh=300
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 742a5257f5d3141756d0aa7435f70ad178f47aac857d071e1653a0d2cecce0d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 358508
x-viewmaster-lossless-format: automatic
x-cache: HIT, HIT
content-length: 14791
x-served-by: cache-dfw-kdal2120076-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.810053,VS0,VE0
etag: "ce6c596cc227502cb67475ea9dc7e5d3"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 9, 1

GET
H2 200 1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d
i.vimeocdn.com/video/ Frame 51BA 2 KB
2 KB 18ms
18ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1195833990-fa0d397a19891906eebb71dc9a2208bf4ef249ee94723b0f860d375b0292a91b-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6daa20307a8faab300c4b2eb2aad676122aaf5bf270f09e4d3354e5507aa157f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 951966
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 2132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210023-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.815778,VS0,VE0
etag: "a7fba177c525c062060f0aa1bfba4880"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 29, 1

GET
H2 200 51965547_60x60
i.vimeocdn.com/portrait/ Frame 51BA 449 B
603 B 145ms
145ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/51965547_60x60?subrect=878%2C137%2C3610%2C2869&r=cover
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b0ef2d38cf8ce549261bdc5b889c4d3daed15564cd73a9ea88c603fca6bed49f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-viewmaster-lossless-format: automatic
x-cache: HIT, MISS
content-length: 449
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210175-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.816089,VS0,VE105
etag: "70ad5fd60eca7e02346deff2106ecd89"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
accept-ranges: bytes
x-cache-hits: 40, 0

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.368/ Frame E164 44 KB
17 KB 74ms
30ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/572468b9a9c849f284ff29b09e6c075e?uuid=5e4d00c0991543ff898e99df5197b6d3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
x-amz-version-id: wWLMJ6qW0lXJfco2m026CzodYMop32jV
via: 1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 1010116
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=85f4fbed6ce36fa5-CDG
last-modified: Tue, 11 Jul 2023 18:31:41 GMT
server: cloudflare
etag: W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYAoYwk4uecG%2BWJP5uwl4T%2FqzUdOKXLE9oABtb0PSyZvjpCOj6eBGEWynDmY%2FS%2F17NVyR0SEipcj8WISK%2F6lvkCyhCeB5T%2BrOktLUiCkhO6siSdWCNv995E2BYrL3Bf3qAmsi61VHFMiarZa225b4SDnwRo%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 85f4fbed6ce36fa5-CDG
x-amz-cf-id: m2yKvB2moMLM8Hd6hCb4JGepjobMG2GKwz5WK3e5sIDa5fTb1atItw==
expires: Tue, 04 Mar 2025 21:33:20 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/ Frame E164 19 KB
4 KB 81ms
37ms Stylesheet
text/css 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
x-amz-version-id: 8JK3Qs8SBE2zTXCiSEFRAiP414rxQpaa
via: 1.1 8b20ff9a1799265d378bf510ac3db6de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 930053
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=85f4fbed6cce0485-CDG
last-modified: Thu, 02 Nov 2023 14:28:10 GMT
server: cloudflare
etag: W/"686ebda4c47b0bdb5d9460221c8036d1"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtoeRBQkLsg%2FPnjMYXTV4izN3Kbo4GBih7p5ZewYUCRxFxw8avt3ClKsrWTAO4KYgwGF%2FRoRT%2F62R3VGNwUH0y5bVOPH9pK10z1cB7zlerr3V0zd6LydIdm1B5LPkRjC4b%2FHBYoiOBfYfikB9Y2%2FVLvMeSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 85f4fbed6cce0485-CDG
x-amz-cf-id: 5hlm6Z7WECg_bfFNzTx0hm_OGTENqfAoMbrhZNbTvPN2MUoRQ0VOJw==
expires: Tue, 04 Mar 2025 21:33:20 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.522/ Frame E164 295 KB
94 KB 74ms
31ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.522/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f6d8db6a6b4d9aa01991c751c30e4b6aef7a4197da21be7e61a41448c5ae69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
x-amz-version-id: rKh51R63oxz5N3dfuB2VkIuksUjUA_yy
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 2269735
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=85f4fbed6ce56fa5-CDG
last-modified: Mon, 08 Jan 2024 19:59:33 GMT
server: cloudflare
etag: W/"7625f1a8376f1cb513c308136c837d2d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7otel29FjxrjTVHSodphXiRwOpCj2Llhe3duIrmih2NwXwJBEEuLgJjc3y6GN6eshqEKOcXiQt%2F7mAOqlgci1Tu40OUXr4onsaay2vplGCzWvFZSFPd%2FZL9hMbgwmXIldNGLz8K6kCe7fnENWzGOn9gBiY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 85f4fbed6ce56fa5-CDG
x-amz-cf-id: Ghzk0kCWMbb_9zWGvmhUOpVmMgPpZMDQQLHYWbiQEJRQkcA1qGlXfQ==
expires: Tue, 04 Mar 2025 21:33:20 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.18063/bundles/ Frame E164 704 KB
209 KB 74ms
30ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.18063/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aea90b17d4496878f449ecd072bc094457a2a6dc2d7dfc622fadc1f3df38327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
x-amz-version-id: 20u4cnupNLcU1L8H1rU4auKLNJwQ6sBv
via: 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 364488
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=85f4fbed6ce46fa5-CDG
last-modified: Thu, 29 Feb 2024 15:31:22 GMT
server: cloudflare
etag: W/"96d9225405bcab02a1db4b0f4cb83e7d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrUCoGfRBZdV47OBTdtmIsm3cJ8cR7T65d5J%2BP0fBKhGR1T5fkU8fIr2ZfC12tM0vt6bxunN%2FYWSAj8EXfEbzJPMPYuWkfj9sttKFBqASOJxcqMp%2B0iIM7aYRILfWhD964ZURiBsqWe%2B5O9pv21dUV6QAtw%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 85f4fbed6ce46fa5-CDG
x-amz-cf-id: P2zZ3R_fxb43OpjMhdtPizKM2GaMVtLW9MUixv-dDiwNM2b184y6Wg==
expires: Tue, 04 Mar 2025 21:33:20 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 51BA 35 KB
12 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:20 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame 51BA 50 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 05 Mar 2024 01:16:11 GMT

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame ADFA 17 KB
17 KB 19ms
19ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=600&mh=346
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 039842bb3f6ede7b1bd847238ccffa8a2576cdd4fde7d0c5b363ff05f23b3ab6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 235216
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 17132
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210028-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.841441,VS0,VE0
etag: "9f7de964504e1e55534326181b1297b8"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d
i.vimeocdn.com/video/ Frame ADFA 2 KB
2 KB 20ms
19ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1459920231-0acc33c33f67910ded3185d91cc67d1ed875a54be528d358db4aeb44a8b0b05b-d?mw=80&q=85
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.28.12/js/vendor.module.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f53b467c880d31529344cfdacf57caa39853030de281f24789fb7b5d2cf8972

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 235216
x-viewmaster-lossless-format: automatic
x-cache: HIT, HIT
content-length: 1559
x-served-by: cache-dfw-kdal2120055-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.852128,VS0,VE0
etag: "d5fab6481e2a3f2143449b6382190e61"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 60078268_60x60
i.vimeocdn.com/portrait/ Frame ADFA 1 KB
2 KB 131ms
130ms Image
image/avif 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/60078268_60x60?subrect=170%2C164%2C1971%2C1965&r=cover
Requested by: Host: www.backtorootshealth.com
URL: https://www.backtorootshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 867b3a461019a9c39cd64d8799c21bc73f1f9a838809c20c10d5c335fe65418a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 235215
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1516
viewmaster-server: viewmaster-glb-prod
x-served-by: cache-dfw-kdfw8210041-DFW, cache-lcy-eglc8600050-LCY
x-timer: S1709588001.852106,VS0,VE106
etag: "78dc2645b1f7883fb6d6aab1358c77f1"
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 16, 0

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame ADFA 35 KB
12 KB 113ms
111ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 04 Mar 2024 21:33:20 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame ADFA 50 KB
14 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 01:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 05 Mar 2024 01:16:11 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.18016/ Frame E164 841 B
976 B 30ms
30ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.18016/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.18063/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b3dec15f116e16896963b9540544ca78cc6d91b5990575779bfd49cac12fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
x-amz-version-id: kow2hcggVZhplOR9ZtMMB_ENX3LCx4A.
via: 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P2
age: 523813
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
server-timing: cfr;desc=85f4fbee8dfb6fa5-CDG
last-modified: Fri, 23 Feb 2024 20:00:11 GMT
server: cloudflare
etag: W/"af868f7ce5e8ec5ccaa7189f5765ac4e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS1haj4T4aRtGE%2BjrAYqw2KPUmdY03276cNpJo4r4vm8dCfLT01Xi1G21ajsBWb68Jck70bRMkx3LRjuNTQU%2BtL3Ga8WYxNZTrNBGOcUQRVVd0%2Ftnn%2BUs%2FaK3oonx2FI5T6StlMP7zFBZAgembzLJ1QIV%2FY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 85f4fbee8dfb6fa5-CDG
x-amz-cf-id: -T3OCx3SZ8G79bnHqPQJf139LNkvGkZW08kwXxYJmbp-4M7sKGE8ew==
expires: Tue, 04 Mar 2025 21:33:21 GMT

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame E164 0
1 KB 139ms
130ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.18063

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.18063/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/572468b9a9c849f284ff29b09e6c075e?uuid=5e4d00c0991543ff898e99df5197b6d3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5c28ce6f-1bb5-4684-a9d1-0210dbba4540
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5c28ce6f-1bb5-4684-a9d1-0210dbba4540
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKKnatFvIGx7DowlZZ9zSwiuAlkc0F1ZiILU7Nn%2BmqzB1VtAQIWp9MaEXiT4NQIa1xV1SP3T%2Fa6SzIliJpwt%2F5eQWXn46RGVW8tK5hcBiTaeBSDhQE8SUFdFwu0j4GUsUFm9WnrnaP%2B1ZyClzg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-kkvgt
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 85f4fbeefaaf008e-CDG
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Dpl-Correlation-Group-Id, X-HubSpot-Dpl-Parent-Log-Id
timing-allow-origin: *

GET
H2 200 1 Show response
app.hubspot.com/api/livechat-public/v1/feedback/survey/ Frame E164 17 B
714 B 151ms
150ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/feedback/survey/1?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.18063&conversations-visitor-ui=static-1.18063&traceId=572468b9a9c849f284ff29b09e6c075e&sessionId=AMOaWbKIlh9B3Up6w0mcjXuET2RnXcGnHzsWtbWuDH65RNzF_Vp8A6yQE4gMv0ULjkt-TJ_wa_xSenc4BmKU1zzmc4m0cl-oVWQy1ZcaJz1Y0KIGdy8Jy_DBSGhAnQJ-PNMJLM4yhmDd5Rz-1wkUIGemaaZlwjQIAQILx3CkNoScXsDxL8ZoY-o

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5acf3ff77b4420677b5923071f303facaba7a9273a346284a667a275df325146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/572468b9a9c849f284ff29b09e6c075e?uuid=5e4d00c0991543ff898e99df5197b6d3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8d7da0ea-721c-417a-b42a-c0f69a88313a
x-envoy-upstream-service-time: 15
content-length: 17
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8d7da0ea-721c-417a-b42a-c0f69a88313a
server: cloudflare
x-trace: 2B3DDB5FF9C06FB02DF12453B47CE3ECE13418CAFD000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-62gmh
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FprLkTgy5alT%2Bqw0p8JtN8gL7T8rRqlQBIRuiBFHoGNU554GfQ4F7fdf53NjQE2TtWygwVwjRa0xaz0ACnMKYkfmtxMw1ByFG3Il%2FddMx%2FqZAp3%2FWzLrV6LFiKW6npvc0%2FoWx%2FAeyWDr28nbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 85f4fbeefab1008e-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1673853/ Frame E164 1 KB
1 KB 157ms
156ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1673853/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.18063&conversations-visitor-ui=static-1.18063&traceId=572468b9a9c849f284ff29b09e6c075e&sessionId=AMOaWbKIlh9B3Up6w0mcjXuET2RnXcGnHzsWtbWuDH65RNzF_Vp8A6yQE4gMv0ULjkt-TJ_wa_xSenc4BmKU1zzmc4m0cl-oVWQy1ZcaJz1Y0KIGdy8Jy_DBSGhAnQJ-PNMJLM4yhmDd5Rz-1wkUIGemaaZlwjQIAQILx3CkNoScXsDxL8ZoY-o

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea011212792c46832209af1e6826bcdd61986c137c9ceaf96e75e61b1e6ab3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/7175493/threads/utk/572468b9a9c849f284ff29b09e6c075e?uuid=5e4d00c0991543ff898e99df5197b6d3&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=backtorootshealth.com&inApp53=false&messagesUtk=572468b9a9c849f284ff29b09e6c075e&url=https%3A%2F%2Fwww.backtorootshealth.com%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dd2e2cff-4044-4123-8ff9-127c9e0c8e67
content-encoding: br
x-envoy-upstream-service-time: 33
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dd2e2cff-4044-4123-8ff9-127c9e0c8e67
server: cloudflare
x-trace: 2B0A781A6BAD0C097BBABB6D69368C01C838C781A3000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-69nxg
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVzzTUi7aRDm0gFJa6uysIG5U7FYj1kxCPaHFJHhEse5ExniMsRx0k8s1%2FQ6b%2Bb4JGyr0AozqderRd7%2BhQNffAiNYkCbIqwYrZqbrEMZNcs749EFKSDiLRYG4GHqj7kwHQUFaVkAjCWTDolXuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 85f4fbeefab2008e-CDG
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

POST
H/1.1 200
OK event Show response
analytics.netflow.co/api/ 3 B
410 B 277ms
277ms XHR
text/html 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.netflow.co/api/event
Requested by: Host: analytics.netflow.co
URL: https://analytics.netflow.co/js/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 04 Mar 2024 21:33:22 GMT
Server: Apache
X-RateLimit-Remaining: 59
Vary: Origin
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.backtorootshealth.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked

OPTIONS
H/1.1 204
No Content event
analytics.netflow.co/api/ Frame 0
0 805ms
218ms Preflight 92.205.18.172
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.netflow.co/api/event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.205.18.172 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 172.18.205.92.host.secureserver.net
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.backtorootshealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.backtorootshealth.com
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: Keep-Alive
Date: Mon, 04 Mar 2024 21:33:21 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 73ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 21:33:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: Zc++RGPz/AopYhZnQiGgoGCLK7ClIHivEkcFFah7WrhOKa5gU/lR/bzOTPs95GwtrzGqD4SrIofmaGsoiXKz4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 7175493.js Show response
js-na1.hs-scripts.com/ 3 KB
1 KB 322ms
281ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/7175493.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1652460000000/7175493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f724e0fea92016f21b79d3d90c5f06b984c21f4da02ffbb445677d8f09cb7b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 574575cb-81fa-47ce-81b7-152d45d6f4de
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 574575cb-81fa-47ce-81b7-152d45d6f4de
last-modified: Mon, 04 Mar 2024 18:45:02 GMT
server: cloudflare
x-trace: 2BB7A9282ACAA809C399EF6B4EF3FE59DEE2D49A8B000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-mt2zt
access-control-allow-credentials: true
cf-ray: 85f4fbf07aabd5e9-CDG

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
614 B 155ms
154ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1689330705&v=1.1&a=7175493&pu=https%3A%2F%2Fwww.backtorootshealth.com%2F&t=Back+to+Roots+Health+-+PureCBD+Products&cts=1709588001306&vi=b0f9a15d81d359e4a2065e3891de0d89&nc=true&u=3073967.b0f9a15d81d359e4a2065e3891de0d89.1709588001305.1709588001305.1709588001305.1&b=3073967.1.1709588001305&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9bbc8c73-8df0-427c-b6c0-1c36ff0daa8f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9bbc8c73-8df0-427c-b6c0-1c36ff0daa8f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjY87nZZU6FNL%2FDWwHDHSgDuoR3g1WTyfk6lka0CYjThaiYVZoR8mcKGTWn5lp1lftziLaaNHL7mgR5ZkvHqXyrHhQ%2F2uu6TlrEmEpKXXAfidi62INjGo%2FRBq0U%2BO4qBNmtd2VxQPpNQmdnHHccK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-gzdtb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 85f4fbf03c81008e-CDG
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 173ms
173ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7175493&utk=b0f9a15d81d359e4a2065e3891de0d89&__hstc=3073967.b0f9a15d81d359e4a2065e3891de0d89.1709588001305.1709588001305.1709588001305.1&__hssc=3073967.1.1709588001305&currentUrl=https%3A%2F%2Fwww.backtorootshealth.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e2cabe33a818ac324b5dfcddc4ccfe8dc215262423afd8b672865a2cc5a3c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 717ebc08-4656-4f2f-8ba0-aaee1c5f9850
content-encoding: br
x-envoy-upstream-service-time: 47
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 717ebc08-4656-4f2f-8ba0-aaee1c5f9850
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0mcZN208fd5BjfecJTLXOTJ1cDi8WVPuQ8UPNTcJZ7phzF6VSiGv2tLtIWJ6DjIb3dquDeI4krFFF7NQedL1SpWNjS32GfwIw5fDwNz5RsZyGNqKWHadrVJ2olhkPj8R%2BR%2BtktzG%2F1eYSiTaPw1"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 85f4fbf0b99001fd-CDG
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-ndvzs

GET
H2 200 621921788454574 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 128ms
127ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/621921788454574?v=2.9.148&r=stable&domain=www.backtorootshealth.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2db96b7f1df2ba2963f422063a29e658d584304bb4a6dcaceaed3410c3ecc966

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Mar 2024 21:33:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 9lGx9JqUbQK1LdlUcxaQZZIG6/u6a1Te8hnnH0kZvIJBY6K+HoNlPFZEqCQdHIUe5S92Dk0h8CJhx8QowMUApg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 81ms
33ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=621921788454574&ev=PageView&dl=https%3A%2F%2Fwww.backtorootshealth.com%2F&rl=&if=false&ts=1709588001578&sw=1600&sh=1200&ud[external_id]=b0f9a15d81d359e4a2065e3891de0d89&v=2.9.148&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1709588001577.642317793&cs_est=true&ler=empty&cdl=API_unavailable&it=1709588001440&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Mar 2024 21:33:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 84 KB
25 KB 149ms
146ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/7175493.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

989d0ff16db0110879e677d9ef14c48e83b028831830566393225fb0c39fe2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.backtorootshealth.com/
Origin: https://www.backtorootshealth.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.932/bundles/project.js&cfRay=85f4fbf24b2701fd-CDG
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"35c4e3d2f89657082d5372c7bc6e79d3"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.932/bundles/project.js
date: Mon, 04 Mar 2024 21:33:21 GMT
x-amz-version-id: cAhbXPz2og2F4B.zBTxw9oB4G3dvep2P
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3b478ed4-293f-4572-ad10-915c65d1ea09
x-cache: Miss from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 29
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3b478ed4-293f-4572-ad10-915c65d1ea09
last-modified: Wed, 28 Feb 2024 14:13:53 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUlycN1FFq72A7WsrtX0rRfxOIVbzoCZOm28UcoN4l6bRMp7jcu%2BpXPnOraa%2BL1UwHDuVtNOTICXDonOqadji%2B8tV5aY7FylKZPpPcsDMMl1E9s7uVTpMtB0mk376SkDWRTOr7X148gXzC1s"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-nnhlv
cf-ray: 85f4fbf24b2701fd-CDG
x-amz-cf-id: Vrl50YYQ7tMIJyCZK7ty5-GJ-LZKf7hP0yux5qicJyd5-8jSsXWXuw==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 433 B
1 KB 135ms
127ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7175493&currentUrl=https%3A%2F%2Fwww.backtorootshealth.com%2F&utk=b0f9a15d81d359e4a2065e3891de0d89&__hstc=3073967.b0f9a15d81d359e4a2065e3891de0d89.1709588001305.1709588001305.1709588001305.1&__hssc=3073967.1.1709588001305

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: df597cbc-5ccd-4263-abf9-0962f6a449c7
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: df597cbc-5ccd-4263-abf9-0962f6a449c7
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.backtorootshealth.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MjxkWWt7m6z0%2FVc4O7FT0Escq0ZzBH8tiggO6eFoBcbosI2I7IPRbGyz9bFLO%2FIp2pbaY0BfOsULmvXJkmKLmgphBckMwWPArbRXt%2FNMbU5ax5PhbK4%2BEbLiUW3HTHXt6BTgK2sdVySucJ4gtaps1CL95KkvyWvLSA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 85f4fbf35c3c01fd-CDG
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-h9f8j

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 569ms
154ms Image
image/gif 2606:4700::6812:a07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.backtorootshealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 21:33:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 50da137f-a216-4026-b611-b24a872db402
x-envoy-upstream-service-time: 25
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 50da137f-a216-4026-b611-b24a872db402
Last-Modified: Mon, 04 Mar 2024 21:33:22 GMT
Server: cloudflare
X-Trace: 2BCABD7F59BE278CDF136C38E8C1C032607D56235C000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-bbxhh
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 85f4fbf6bb286f90-CDG

POST
H2 204 matomo.php
crwdmarket.matomo.cloud/ 0
175 B 106ms
105ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crwdmarket.matomo.cloud/matomo.php
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/crwdmarket.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.backtorootshealth.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.backtorootshealth.com
date: Mon, 04 Mar 2024 21:33:23 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 crwd_market.png
7175493.fs1.hubspotusercontent-na1.net/hub/7175493/hubfs/ Frame E164 2 KB
3 KB 333ms
276ms Image
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7175493.fs1.hubspotusercontent-na1.net/hub/7175493/hubfs/crwd_market.png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48caccda9f544c59672d2251e0c7f50b5c3aba885d2642f6ded832dce7a9c870

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:33:24 GMT
via: 1.1 85fc1201a1918facbeb30836e7391660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-73540437539,P-7175493,FLS-ALL
content-length: 2130
cf-resized: internal=ok/m q=0 n=191+0 c=0+6 v=2024.2.2 l=2130
last-modified: Fri, 13 May 2022 17:00:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfycx960Wfk4a8AsnGVyelHn-wUn9Bg2vL7Sxl6y2PDQ:b5254a5ee7cf91458b235ab00fa79a68"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 85f4fc022cf2d540-CDG

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.crwd.shop
URL: https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534

Domain: app.crwd.shop
URL: https://app.crwd.shop/builder/funnelfavicon

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: P0SOEvsd21U
.youtube.com/	1970-01-20 23:12:20	Name: VISITOR_INFO1_LIVE Value: Q6bFAVLGdHI
.vimeo.com/	1970-01-20 18:53:09	Name: __cf_bm Value: 7M91aFiUB.TsvqGF2WN5erkZBShnjRDJ.kLRbKlIBTI-1709588000-1.0.1.1-Cyff0cU1Ol8whiFZGGYgF6xwAbcDIBp0pGyxXKhnbfAOD.8IpHMNGn2MP3LCVaucgFBTAlympQYHAeUkJpxrpw
www.backtorootshealth.com/	1970-01-21 04:19:03	Name: _pk_id.8.092f Value: fd49f7e1f12772f5.1709588000.
www.backtorootshealth.com/	1970-01-20 18:53:09	Name: _pk_ses.8.092f Value: 1
.vimeo.com/	1970-01-21 04:29:08	Name: vuid Value: pl2144132887.1202038984
.hubspot.com/	1970-01-20 18:53:09	Name: __cf_bm Value: nirJ9gIkfQEPZkhTNYZ3NSOp8nHc5K5a3bjMDrDrAjs-1709588000-1.0.1.1-KBjNwIXZNa5F8ClI.ChLIrsmEwqVl9KT_nNQJQATKlKHQAu0M8S18ZEqQjNWtnLnxtVX_gLx9gglaFYHFnHL3g
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3zEtG.1FehDG1TVKgIyz4VuVbY7i7oVQjNvCAn.O_Xo-1709588000773-0.0.1.1-604800000
.backtorootshealth.com/	1970-01-20 23:12:20	Name: messagesUtk Value: 572468b9a9c849f284ff29b09e6c075e
www.backtorootshealth.com/	1970-01-20 23:12:20	Name: __hstc Value: 3073967.b0f9a15d81d359e4a2065e3891de0d89.1709588001305.1709588001305.1709588001305.1
www.backtorootshealth.com/	1970-01-20 23:12:20	Name: hubspotutk Value: b0f9a15d81d359e4a2065e3891de0d89
www.backtorootshealth.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.backtorootshealth.com/	1970-01-20 18:53:09	Name: __hssc Value: 3073967.1.1709588001305
.backtorootshealth.com/	1970-01-20 21:02:44	Name: _fbp Value: fb.1.1709588001577.642317793
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: T7PEWdMfuJ38PWnSOXw5xBVK2kedR4Fol7Yhf1jBMuA-1709588002494-0.0.1.1-604800000

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=Gilroy:300,400,700 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://app.crwd.shop/builderassets/js/newdropborders.js(Line 1024) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_bcd95d8a10c31e04edf267c50b8aaf3b.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s3.us-east-2.amazonaws.com/crwdworld/uploads/photos/2022/06/crwd_dbc265d3dcaa49257c708e4ec2bf42a3.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.backtorootshealth.com/ Message: Access to XMLHttpRequest at 'https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534' from origin 'https://www.backtorootshealth.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.crwd.shop/builderassets/php/stepsTracker.php?stepID=7970&user_id=866&funnelID=1534 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.backtorootshealth.com/ Message: Access to XMLHttpRequest at 'https://app.crwd.shop/builder/funnelfavicon' from origin 'https://www.backtorootshealth.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.crwd.shop/builder/funnelfavicon Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/621921788454574?v=2.9.148&r=stable&domain=www.backtorootshealth.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.backtorootshealth.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7175493.fs1.hubspotusercontent-na1.net
analytics.netflow.co
api.crwd.systems
api.hubapi.com
api.hubspot.com
app.crwd.shop
app.hubspot.com
cdn.matomo.cloud
connect.facebook.net
crwdmarket.matomo.cloud
cta-service-cms2.hubspot.com
f.vimeocdn.com
firebasestorage.googleapis.com
fonts.googleapis.com
forms.hscollectedforms.net
forms.hubspot.com
fresnel.vimeocdn.com
i.vimeocdn.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
player.vimeo.com
s3.us-east-2.amazonaws.com
static.hsappstatic.net
track.hubspot.com
use.fontawesome.com
vimeo.com
www.backtorootshealth.com
www.facebook.com
www.gstatic.com
www.youtube.com
app.crwd.shop
104.18.1.100
146.75.118.109
151.101.64.217
162.159.128.61
162.159.138.60
2600:9000:2724:6600:c:7d55:b3c0:93a1
2606:4700:4400::6812:22e5
2606:4700:4400::6812:297c
2606:4700::6810:4fba
2606:4700::6810:bd59
2606:4700::6811:589a
2606:4700::6811:cbcc
2606:4700::6811:e7a3
2606:4700::6811:fba8
2606:4700::6812:7d0c
2606:4700::6812:a07d
2606:4700::6812:b05d
2606:4700::6813:9b53
2606:4700:e6::ac40:cf26
2a00:1450:4001:800::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.126.133.169
34.120.202.204
52.219.232.225
92.205.18.172
0102d04028714c5980ffdb5c6a9abf38ca9a968534caba224dac4d323caa9723
01e2e921eca318498b76a61b4bda48169533fb6494744cd2b4c77020b37f50d7
039842bb3f6ede7b1bd847238ccffa8a2576cdd4fde7d0c5b363ff05f23b3ab6
03b48669dd18b1daa29541e38abc183a5c9f8b8aa8b8906a9da8a3522d6d7f45
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
085ab8bb50dd2328eac5780f7655253e557474db55025d9ff5a3ad221bb3bdc9
08ac911cb0b21aee74454ff7fbe0e756c012c72434191fa1489bcec323ab9fdb
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
0f53b467c880d31529344cfdacf57caa39853030de281f24789fb7b5d2cf8972
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
164fc1aff1b68513a51cfc4a06365e46bcbf14c196c961d4092c1c5fb847a5b2
19b71ad68338363023517e33fd7de0d1b509f381648184ba5cbff5ee55d2303a
1aea90b17d4496878f449ecd072bc094457a2a6dc2d7dfc622fadc1f3df38327
1e97c77e5ac3de5723fb77bf8e7b1d0163d31db985f243a3674610511a5e74cc
1f57eeb8cd3ed221423b6af0bee1cc6adc836120ca4364aa62fed0e52c71fb7a
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87
2ad3356fc08932d03ae05a815019ef02a3d28b3174eae447e59a976f8b7f75e9
2aee72097aeb633f595376fe943624076bed28999bfe05b3a5498fd5e4a91798
2db96b7f1df2ba2963f422063a29e658d584304bb4a6dcaceaed3410c3ecc966
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
3d34d8514f37c8873762342e72acff705ff73b76904cfb7918ba0146a469cfdb
3e2256fdb0682f202b2e5227e2655c1a7cc3e2e5e17426009be1e46650134c6c
3e32d0e21562d2e3246d10b05162357b6534bae3aeca593784b15c5e2f006b31
3ea011212792c46832209af1e6826bcdd61986c137c9ceaf96e75e61b1e6ab3c
405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8
44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3
48caccda9f544c59672d2251e0c7f50b5c3aba885d2642f6ded832dce7a9c870
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4e2cabe33a818ac324b5dfcddc4ccfe8dc215262423afd8b672865a2cc5a3c66
4fa2877587a2dabba4d33a06ce09e86376056a4f8e751e6725b47eaf7ebf8eb6
4fb5913ee978bde28acce2944e8139aaedc5c22bd51f88a1fcab174b1cc5694a
4fc82a98f33fcb8f00ac4181c643481a7de5483f54f0e293a8ac49ad9e1c121e
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
51d66215d7022217bfc428cc9d82403ce5da1fc1e29ba8ef53b05541e2aff52d
5568d7a302a7539f0f5fcd34ca9cc10039c017385e20654de82ed70df4134e0e
56c34e5cfdbdc3f561556d18e4398f117cf938c7feb99ceaa67c21b9cead99f3
59f6d8db6a6b4d9aa01991c751c30e4b6aef7a4197da21be7e61a41448c5ae69
5acf3ff77b4420677b5923071f303facaba7a9273a346284a667a275df325146
5e51e209c44f498e5d7c3a5c35d5454c37b3c2744746954fa9d759d4a6c08391
61e91a341f0be6f9c99470775b8c68fcb66d05e6b8dc994a7722b7f5367edc1f
64e1b0c75d8227ddab7862c64b7c48d18e3e9729432ada838d16abab849ca81c
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
684d6df6676839133f4c16e07d40f559312fe9dde305ee157f5cf054b0ee516e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d7d7d8806cc310d0fc693af61c94b8ad69d1825b1abc86d4c137d32f8b70212
6daa20307a8faab300c4b2eb2aad676122aaf5bf270f09e4d3354e5507aa157f
6f115716906fa17a79b51ed19ff09e7dcdf16a8a8a3b4846b12a76f4a563c5a1
7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9
742a5257f5d3141756d0aa7435f70ad178f47aac857d071e1653a0d2cecce0d9
74df122be2a059f7994950a5c8f6262fff8d9763f381fe6a0c7eaf3877209a17
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
798932e879a71338df9bf6fb7497c00411a9471695d8575208744e53ff6df07b
7f340a2defa886e0fd32def4af9ca322f1136f89338f38bcd5f1d161d60ed07a
7fe48befcf69eb9abf495d891db6c8325a4e21364801035e5206a30ca7e4c443
80674df4167d5260cbac3f8a6499ae381e36025aea6ad5c8eba25c5eb668e007
835477fbc54cd5222d3a9e364a8f9ff52f8512a1c8ccfd5693f1161329fc5fd4
867b3a461019a9c39cd64d8799c21bc73f1f9a838809c20c10d5c335fe65418a
890a5d365cd857bab0c7a52b27ba68aa0bab64bc4c8f9e88aaacf5bc74d80601
8a255170935ba96644a0f7e53c60652300087d4a2799c274e94c1d6a4dba4767
8cb39ee2e75cd39e84fd60931d906431f35101b375b54b8524d699c3a6c50341
8d533a208173db8fbc96a843333ab2447cc76b3d5970c8a99b5e84c8a709ea49
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab
989d0ff16db0110879e677d9ef14c48e83b028831830566393225fb0c39fe2fd
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
ae61eee52a74b081700b0d5e04f90dc0472f834b50da52075259a9c152545674
afae2955447922b85687972833b8f378a41c68355fa5110a8224bca902979315
b0ef2d38cf8ce549261bdc5b889c4d3daed15564cd73a9ea88c603fca6bed49f
b25e1557bc6f9c8d9457ef7b0f0f7da1db62ab7128971f16dffff77efb411592
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
b6d113a2a54337026f4e3253cb769600f754bfe3122ccd4d4cae1642abfe4ae1
b732bca54abb8c19181dad21d8323976fad3f16614b26e09be8b502ebc07d987
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c456f6c9217b828f668f4b0ce9f8ae07a72129f19d946106e9442dae7ff5ae71
c6624c409211922875235c5d6af8b75cc248e400a68d633efad4d5e1f1fafe18
c86ac6a00f889f8e40dd0f18c4ed35cae50140a8e88dd2d0491df0b82af65fc5
cc8c10ead0e5c334043aac99d78221e7dec39abb3510c45e9ddee8bb2dcd5133
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
d201e290007b210a8f886b9c72091d1d1410e03a03c6346d75ee733dfaa0544d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd06fef6b720110a47b58b60fc648e9d1927e475f1bf7172c709e51a985212fd
dd30ebace50c302a53ecb462faca8422cfd87c5bbb1480cde7d685c1f517cd47
e061ae2e26263c053a592e12c426bf56c7c7c9a855d1a4c60ec72a512cd37374
e0b3dec15f116e16896963b9540544ca78cc6d91b5990575779bfd49cac12fc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
effd6d38858ccb5be115f36d992b360a6f8fa07a6ac432c4171a6b49e1c30f7b
f5a7a05a543488f228e50c889218780c81d47197955218934dc3d980f23d0ac8
f724e0fea92016f21b79d3d90c5f06b984c21f4da02ffbb445677d8f09cb7b67
fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29

www.backtorootshealth.com Open in urlscan Pro 92.205.18.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

98 %HTTPS

69 %IPv6

26 Domains

37 Subdomains

30 IPs

4 Countries

11083 kBTransfer

15129 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.backtorootshealth.com Open in urlscan Pro
92.205.18.172 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

98 %
HTTPS

69 %
IPv6

26
Domains

37
Subdomains

30
IPs

4
Countries

11083 kB
Transfer

15129 kB
Size

15
Cookies

121 HTTP transactions
0 data transactions