firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 06:29:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jkd7DhenM7ujYyKgAaZHVFxtMDTeeKVhg3KXuuwtLP_aFvMuaSnrDg==
Age: 162
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4394
Expires: Thu, 29 Sep 2022 07:45:31 GMT
Date: Thu, 29 Sep 2022 06:32:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lLwGc545UIaICZZ1bYsAXCFTzS2U0h4SlxPMHjAxQGqnzAkWmOnxNg==
age: 3830
X-Firefox-Spdy: h2
error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb
66.94.127.114302 Found 126 B URL HTTP/1.1 error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb
IP 66.94.127.114:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 4a155cb7350eff759f8e5f4848256945
c0f1dae7a9ca82385b7785248dcafb1a923d09c0
d349328f993708f685ab9ecabd1e2fabb58a388c875be12dd640f55628606f52
Analyzer Verdict Alert fortinet Phishing
GET /ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb HTTP/1.1
Host: error.exteriorgraphicsdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 29 Sep 2022 06:31:52 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 5951345e135080c90cb7fabb1f1a5491
Location: https://lotamkt.com/?a=10362&c=117099&s1=XMlaefkkrmq
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.019904
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:32:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 06:29:33 GMT
Expires: Thu, 29 Sep 2022 06:37:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YAIsow0jrpO1mlUsc3j8wAlBSwOwVf0mt-B8zZkdDsFbypyVZmyy2w==
Age: 164
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6a87de307b8716edfb14ef8cd9948653
2bef986fc29158542a037a654059454fbcf6323a
a37848d9ff2d1b32200bd8cad5c5dfb00391e1116c0f72213e4d51f968600207
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 03 Oct 2022 05:26:50 GMT
ETag: "2bef986fc29158542a037a654059454fbcf6323a"
Last-Modified: Thu, 29 Sep 2022 05:26:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7522ae455e92b500-OSL
lotamkt.com/?a=10362&c=117099&s1=XMlaefkkrmq
23.20.168.171302 Found 216 B URL HTTP/1.1 lotamkt.com/?a=10362&c=117099&s1=XMlaefkkrmq
IP 23.20.168.171:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 5c0d409198e320560a6818325a041f47
135bdc6c4215304411aed5c0e17c4f82a8dcb43c
0bbfef270c978c73d67abb41ca0703d5b8ea8dd682ff97df5f622c5591b4b7f0
GET /?a=10362&c=117099&s1=XMlaefkkrmq HTTP/1.1
Host: lotamkt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 216
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Sep 2022 06:32:17 GMT
Location: https://refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=OqVPc7en+1S1KzSB/K9l15DeZUpAeqCLYUzP9nHZCcSBLNmyazhPLQ==; domain=.lotamkt.com; path=/; SameSite=None; secure; HttpOnly
trk=d5GVl1IxbMO1KzSB/K9l15DeZUpAeqCLYUzP9nHZCcSBLNmyazhPLQ==; domain=.lotamkt.com; expires=Sun, 29-Sep-2024 06:32:14 GMT; path=/; SameSite=None; secure; HttpOnly
c21558=OqVPc7en+1TZV053juACvtbouiQWXenL11ujIYzSaFg8eBGUI9rwVw==; domain=.lotamkt.com; expires=Sat, 29-Oct-2022 06:32:14 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3584
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:17 GMT
Last-Modified: Thu, 29 Sep 2022 05:32:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 183336540aa017beb55d9f6d7410bca5
9b092c7ce988a168ca8e5cb41a474492b78c5f31
bc7f4a173bf3cdf792e02d040964ba724c0f0ccc581fefaf0f9d62840ff655d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC7F4A173BF3CDF792E02D040964BA724C0F0CCC581FEFAF0F9D62840FF655D3"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=876
Expires: Thu, 29 Sep 2022 06:46:54 GMT
Date: Thu, 29 Sep 2022 06:32:18 GMT
Connection: keep-alive
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AdxXVtBolLMNKN2RfvKUtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: loqi3gJjgslTjkJ5gO7M7egtQAg=
refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
74.124.27.101200 OK 8.6 kB URL HTTP/1.1 refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
IP 74.124.27.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (778)
Hash 01216ca08e4efca3b50ae6e5b543ecf2
ab14db5623eda4e17074ea4b9c933e7f7d54df2e
544717b9da5031f017bc9e51eb030adafc8741c1e8a70dec212e6065c51f8ec0
GET /news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq HTTP/1.1
Host: refineyoursleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8556
Content-Type: text/html; charset=UTF-8
Set-Cookie: primal=4u1sil5e4lgg0po1kbimb1urp3; path=/; domain=.refineyoursleep.com
fid=1662; expires=Sat, 29-Oct-2022 06:32:18 GMT; Max-Age=2592000; path=/; domain=.refineyoursleep.com
tid=affiliati; expires=Thu, 29-Sep-2022 06:32:08 GMT; Max-Age=-10; path=/; domain=.refineyoursleep.com
cid=517524347%7C10362%7CXMlaefkkrmq; expires=Thu, 29-Sep-2022 06:32:08 GMT; Max-Age=-10; path=/; domain=.refineyoursleep.com
tid=affiliati; expires=Sat, 29-Oct-2022 06:32:18 GMT; Max-Age=2592000; path=/; domain=.refineyoursleep.com
cid=517524347%7C10362%7CXMlaefkkrmq; expires=Sat, 29-Oct-2022 06:32:18 GMT; Max-Age=2592000; path=/; domain=.refineyoursleep.com
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
142.250.74.170200 OK 6.5 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (1190)
Hash c3bdf8c5d3c435f9a254e98df59a76d3
49de71ce7f439579b17b89d41630ecc42990f5f9
6ef91d15e35c54b958239444ffa14bcd4aa4d84f10ea10a5a3af71543b74ee85
GET /ajax/libs/webfont/1.5.18/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 6490
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:50:32 GMT
expires: Fri, 22 Sep 2023 16:50:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 567706
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
refineyoursleep.com/themes/default/css/site.css
74.124.27.101200 OK 116 B URL HTTP/1.1 refineyoursleep.com/themes/default/css/site.css
IP 74.124.27.101:0
Hash 9cfa7f77fb5552267e4b8acb6d899eb9
fa3c6d774fb6141a24ffa76a90ec354b21d517fe
0eea7414307cc23d6c7a4b912a642b7e70093b7316bcf9e7de5466541c68f35d
GET /themes/default/css/site.css HTTP/1.1
Host: refineyoursleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
Cookie: primal=4u1sil5e4lgg0po1kbimb1urp3; fid=1662; tid=affiliati; cid=517524347%7C10362%7CXMlaefkkrmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:18 GMT
Server: Apache
Last-Modified: Thu, 10 Feb 2022 15:37:26 GMT
ETag: "62-5d7abba2ac77a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 116
Content-Type: text/css
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6754
Expires: Thu, 29 Sep 2022 08:24:53 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20618
Expires: Thu, 29 Sep 2022 12:15:57 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2499c23e916918b121205125faf1bf9d
49e8f4ba2dbe264ff85c8681b0974bc631c1d14b
f9ab8ef4fc6cd5e881b5daa9be82b4f2769c262343c5f7785e404ff7b67e232a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9AB8EF4FC6CD5E881B5DAA9BE82B4F2769C262343C5F7785E404FF7B67E232A"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18045
Expires: Thu, 29 Sep 2022 11:33:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20686
Expires: Thu, 29 Sep 2022 12:17:05 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Thu, 29 Sep 2022 12:31:36 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VwWbbPJtnsSB1Y6riPtCZXX0Ocmxw024YRmlebWN1UQxZX3uvjsvOw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:41:14 GMT
age: 3065
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: ccfaad8d-c270-491f-b0fa-ac56fb1ba14e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVJ_G2doAMFXqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268a6-1599ec83051ceef5038d1296;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:06:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G--ubYYfq5CFGAZzorD-TAgKentdIyvzSjrvqjTf_yGWDvjwX75KHg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:21 GMT
age: 7918
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:17:35 GMT
age: 4484
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 08:28:02 GMT
age: 79457
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:12:40 GMT
age: 8379
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 11050
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.primalhealthcrm.com/global/js/primal-health-crm-global.js
74.124.27.105200 OK 4.1 kB URL HTTP/1.1 cdn.primalhealthcrm.com/global/js/primal-health-crm-global.js
IP 74.124.27.105:0
Hash cdd473dea26c380bbcb36646e7ec8ada
705c41f3239209f4b0aa43474e2ca1995e7de73e
c87a01955eda5fc5b0291a4243db11974c2a4dfea1a6f6bb7aef477c066bf4f7
GET /global/js/primal-health-crm-global.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 29 Jun 2022 17:38:23 GMT
ETag: "4ac0-5e2999ea682f8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 4065
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
cdn.primalhealthcrm.com/global/css/default.css
74.124.27.105200 OK 4.7 kB URL HTTP/1.1 cdn.primalhealthcrm.com/global/css/default.css
IP 74.124.27.105:0
Hash 54d8aeda2fcc8bff1c92b5c4af23abb3
4373157ea8ffc52198a2873de7d643736574f5dc
5e637dfc00b4d1fb9f619cb4cef755dc1a8e92b48c09f7495942edb95274ef66
GET /global/css/default.css HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Tue, 18 May 2021 19:13:02 GMT
ETag: "5fed-5c29f7fc311bd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 4741
Content-Type: text/css
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
cdn.primalhealthcrm.com/js/ie10-viewport-bug-workaround.js
74.124.27.105200 OK 423 B URL HTTP/1.1 cdn.primalhealthcrm.com/js/ie10-viewport-bug-workaround.js
IP 74.124.27.105:0
Hash 7faf325a95bea2aa9b5667e2ba8331e5
664eca0eef327eab328e9845a3a9a834de767555
14579148d735c8e823af085b60aa4ef437340b8de900c484b29dddcd72e9d5ef
GET /js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 31 Jan 2018 19:21:02 GMT
ETag: "280-56417613d8380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 423
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
cdn.primalhealthcrm.com/global/css/bootstrap.min.css
74.124.27.105200 OK 23 kB URL HTTP/1.1 cdn.primalhealthcrm.com/global/css/bootstrap.min.css
IP 74.124.27.105:0
File type ASCII text, with very long lines (65324)
Hash 3b5537dce96f57098998e410b0202920
7732b57e4e3bbc122d63f67078efa7cf5f975448
a1c54426705d6cef00e0ae98f5ad1615735a31a4e200c3a5835b44266a4a3f88
GET /global/css/bootstrap.min.css HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 09 Sep 2019 19:46:32 GMT
ETag: "2606e-592240b77bff8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 23238
Content-Type: text/css
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
cdn.primalhealthcrm.com/global/js/bootstrap.min.js
74.124.27.105200 OK 15 kB URL HTTP/1.1 cdn.primalhealthcrm.com/global/js/bootstrap.min.js
IP 74.124.27.105:0
File type ASCII text, with very long lines (57791)
Hash 8c7f5fa6aa5505726872ce0296828eb5
c7ce2e13bd25da05e7c4bc68be2e57e2cb515d33
8e0286a099efe027b863e8b7265ad2c9e053bfaa083f53749e5bf7301987284a
GET /global/js/bootstrap.min.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 09 Sep 2019 19:46:47 GMT
ETag: "e2d8-592240c5946a6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 15437
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
cdn.primalhealthcrm.com/global/js/jquery.js
74.124.27.105200 OK 31 kB URL HTTP/1.1 cdn.primalhealthcrm.com/global/js/jquery.js
IP 74.124.27.105:0
File type ASCII text, with very long lines (65451)
Hash e26795ac1369d6d3fd6e6b165428448f
29fc3c7e89bfafa2f759e13bc51c44ada83f3221
fd3a1b4234a1f5d0d1e47881e39a7f49ec05078ee2bf9a8d412b3efc1d4f762b
GET /global/js/jquery.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 09 Sep 2019 19:51:18 GMT
ETag: "15850-592241c7dbe75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 30675
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
js.go2sdk.com/v2/tune.js
54.230.111.63200 OK 18 kB IP 54.230.111.63:0
File type ASCII text, with very long lines (7486)
Hash 074c9e70b17ef9db8aced963fef4e2d9
caa1063a824083eb483f25bfab3e7aade3441bcd
cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a
GET /v2/tune.js HTTP/1.1
Host: js.go2sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 17921
last-modified: Wed, 06 Jan 2021 18:55:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:05:20 GMT
etag: "074c9e70b17ef9db8aced963fef4e2d9"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u1OKxwQAo2hHWu-M6Sq2COuwi1RmDFfZGaJ-Z9dXEaAeT5it36V80A==
age: 5220
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5f4b013b5656bef604b0022eb233d049
5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b
238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Last-Modified: Thu, 29 Sep 2022 05:15:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5f4b013b5656bef604b0022eb233d049
5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b
238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Last-Modified: Thu, 29 Sep 2022 05:15:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
cdn.primalhealthcrm.com/images/logo-tpss-moon2.png
74.124.27.105200 OK 8.0 kB URL HTTP/1.1 cdn.primalhealthcrm.com/images/logo-tpss-moon2.png
IP 74.124.27.105:0
File type PNG image data, 448 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash 8360532417526dae50a73de25364348c
7a850905a9736657e8f76bb3d6a4859dc504e05f
c42a73b4ffe4bdc105571cb9c09ee394b84395c1652ac31cb6a4a82980baee47
GET /images/logo-tpss-moon2.png HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Tue, 05 May 2020 15:11:01 GMT
ETag: "1f3c-5a4e80e3b4beb-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/png
Content-Encoding: gzip
Content-Length: 7990
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
cdn.primalhealthcrm.com/images/btn-close.png
74.124.27.105200 OK 2.2 kB URL HTTP/1.1 cdn.primalhealthcrm.com/images/btn-close.png
IP 74.124.27.105:0
File type PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash ef7578dd693e23219a00ba8d8e9ad2cf
0342aab5ae4f462c7e57e8e3bb587185bb326a06
6c2260745e7c3720cfabf39a4cab47c4eb50fd0d150601ae893c2a6912e26b0c
GET /images/btn-close.png HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 31 Jan 2018 19:20:53 GMT
ETag: "9a8-5641760b42f40-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/png
Content-Encoding: gzip
Content-Length: 2212
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
cdn.primalhealthcrm.com/images/ajax-loader-3.gif
74.124.27.105200 OK 3.5 kB URL HTTP/1.1 cdn.primalhealthcrm.com/images/ajax-loader-3.gif
IP 74.124.27.105:0
File type GIF image data, version 89a, 128 x 15\012- data
Hash ccb089834f9fd4d09ab89da2a4e18c8f
822d59c255d821e181fb337f292d3976962de658
877575d7351d6eaadc3ceeb2dad0d5f678a6759910c24841c78b0ef7856025b3
GET /images/ajax-loader-3.gif HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 31 Jan 2018 19:20:52 GMT
ETag: "f6f-5641760a4ed00-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/gif
Content-Encoding: gzip
Content-Length: 3453
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.primalhealthcrm.com/images/next-step-gold.png
74.124.27.105200 OK 18 kB URL HTTP/1.1 cdn.primalhealthcrm.com/images/next-step-gold.png
IP 74.124.27.105:0
File type PNG image data, 931 x 260, 8-bit colormap, non-interlaced\012- data
Hash e7ad85e2a85bda776f57f096bc2b4daa
2cad70181a65c5556d115736d0a5e3d4b096170e
974206ab05995e5ab54752b167b635b7a5d394cb31a1bf9b6f799121de558dd0
GET /images/next-step-gold.png HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Thu, 07 May 2020 18:03:14 GMT
ETag: "466a-5a512b1cfb4c2-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/png
Content-Encoding: gzip
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
cdn.primalhealthcrm.com/images/as-seen-on.jpg
74.124.27.105200 OK 16 kB URL HTTP/1.1 cdn.primalhealthcrm.com/images/as-seen-on.jpg
IP 74.124.27.105:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=72, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 636x72, components 3\012- data
Hash ff8ddf33c05acd43ed65aa38113344f9
ed1d91dee0a953792d59920114b35827b0fa1ae6
5f3a642650f479f25eb9c44b37cfba5f340b76c63acc9369baaf62487e6204f0
GET /images/as-seen-on.jpg HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Thu, 08 Apr 2021 19:36:15 GMT
ETag: "597c-5bf7b291e82d1-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/jpeg
Content-Encoding: gzip
Content-Length: 15954
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 390654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.163200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:59:14 GMT
expires: Tue, 26 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 214385
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash eee7efbcba39a3eed67984cf15b8eb50
d43544f205bddb295f41b228b988fb86421b3882
11d0e8acb2d2223d28a2ad596f477001bb50735124f4fca21311fe7880ae4788
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:19 GMT
Last-Modified: Thu, 29 Sep 2022 05:29:18 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aBvGTlgisvzUD-hNMl4Mz4sRUJfo1gFFCy-aHmVpy9i6Bq49_dK1-A==
Age: 3781
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97fac380df6aa6f043561fa235ba692b
f9fd3dea682d1d3f6504c03c2091ad39cd150ce2
59069c4bfe650544c56fe0889a983085ae88eac66c745a94e4aedd9befae8900
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59069C4BFE650544C56FE0889A983085AE88EAC66C745A94E4AEDD9BEFAE8900"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21447
Expires: Thu, 29 Sep 2022 12:29:46 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f108848fc1f5aa376128878bba1ba53
0ac8e0d2338f2addc8297f123bdcd0a1f6a9facf
c64c9ef21fc85a4ab6a1071306f96714683228fb233116d9efd24d284fa4ca46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C64C9EF21FC85A4AB6A1071306F96714683228FB233116D9EFD24D284FA4CA46"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18510
Expires: Thu, 29 Sep 2022 11:40:50 GMT
Date: Thu, 29 Sep 2022 06:32:20 GMT
Connection: keep-alive
primalhealthcrm.com/IPN2/visits_pixel.php?tid=affiliati&cid=517524347|10362|XMlaefkkrmq&ip=168430334&domain=93
74.124.27.105200 OK 527 B URL HTTP/1.1 primalhealthcrm.com/IPN2/visits_pixel.php?tid=affiliati&cid=517524347|10362|XMlaefkkrmq&ip=168430334&domain=93
IP 74.124.27.105:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1x1, components 3\012- data
Hash 00b62c6b9684fadb5407aaf99a77fbe7
f16a5742ef54501dacf8e106a66c2161b02a5d47
216394359a8d5ff2d18fc7d719ba061fa3791881dca92be8f6868dbf50a997f9
GET /IPN2/visits_pixel.php?tid=affiliati&cid=517524347|10362|XMlaefkkrmq&ip=168430334&domain=93 HTTP/1.1
Host: primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:20 GMT
Server: Apache
Access-Control-Allow-Origin: *
Vary: User-Agent,Accept-Encoding
Content-Type: image/jpeg
Set-Cookie: PubVisit=201830428; expires=Fri, 30-Sep-2022 06:32:20 GMT; Max-Age=86400; path=/
MasterTid=affiliati; expires=Fri, 29-Sep-2023 06:32:20 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip
Content-Length: 527
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 05:31:14 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xaLQfjPNSInHvaa3uB_hvsImhmGFjTh1pAN-IU3t9udhaojPRiK3Aw==
Age: 3666
vibranthealthnetwork.com/js.js
74.124.27.101200 OK 0 B URL HTTP/1.1 vibranthealthnetwork.com/js.js
IP 74.124.27.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js.js HTTP/1.1
Host: vibranthealthnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:20 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:47:40 GMT
ETag: "0-5d84da417f2e2"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:14 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ynUAa9kyhOwP6vUfetGaZ5cqkLQSq5Rq-hf5niF1nROwSaGqj7oIA==
Age: 5886
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 05:11:58 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UnJGOW8_rIr54zXFu01T7lzuDCY_ojGNKPeEYEd1T25HPeoJLyQsHw==
Age: 4822
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:43:39 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O5wPdQyHjTBMMbBPE-OnUabLnn6wlAz5X1LCgjk_54nf6QmKXktlpw==
Age: 6521
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 05:01:53 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LUAULu9OKySLJrQTHsNfu4figPN2OyZbOmroeFTn9o-rEAzmZJVPLg==
Age: 5427
heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137106&hv=4.18.4
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137106&hv=4.18.4
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137106&hv=4.18.4 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20TID=affiliati&st=1664433137165
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20TID=affiliati&st=1664433137165
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20TID=affiliati&st=1664433137165 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20FID=1662&st=1664433137165
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20FID=1662&st=1664433137165
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20FID=1662&st=1664433137165 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=t&sp=Special%20Offer&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2341289381479821&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Started&ts0=1664433137114&st=1664433137164
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=t&sp=Special%20Offer&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2341289381479821&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Started&ts0=1664433137114&st=1664433137164
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=t&sp=Special%20Offer&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2341289381479821&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Started&ts0=1664433137114&st=1664433137164 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&z=0&h=%2Fnews%2F1662%2Fvideo_sr_mb&q=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&d=refineyoursleep.com&t=Special%20Offer&k=FID&k=1662&k=TID&k=affiliati&k=CID%20Part%201&k=517524347&k=CID%20Part%202&k=10362&k=CID%20Part%203&k=XMlaefkkrmq&ts=1664433137161&st=1664433137162
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&z=0&h=%2Fnews%2F1662%2Fvideo_sr_mb&q=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&d=refineyoursleep.com&t=Special%20Offer&k=FID&k=1662&k=TID&k=affiliati&k=CID%20Part%201&k=517524347&k=CID%20Part%202&k=10362&k=CID%20Part%203&k=XMlaefkkrmq&ts=1664433137161&st=1664433137162
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&z=0&h=%2Fnews%2F1662%2Fvideo_sr_mb&q=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&d=refineyoursleep.com&t=Special%20Offer&k=FID&k=1662&k=TID&k=affiliati&k=CID%20Part%201&k=517524347&k=CID%20Part%202&k=10362&k=CID%20Part%203&k=XMlaefkkrmq&ts=1664433137161&st=1664433137162 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20IP=91.90.42.154&st=1664433137165
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20IP=91.90.42.154&st=1664433137165
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20IP=91.90.42.154&st=1664433137165 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 29 Sep 2022 06:52:20 GMT
Date: Thu, 29 Sep 2022 06:32:20 GMT
Content-Length: 3249
Connection: keep-alive
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 5.9 kB IP 188.125.94.204:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TXEHCovb7BvrM0h0lZ0ZLhRuDUYjUVL2SDcEsSimaFMn84dd0BbD6crNCSWjGy7BJ7Edh38wIfw=
x-amz-request-id: VVJN7W6EQES283TV
date: Thu, 29 Sep 2022 05:58:43 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 2018
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1074154/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1074154/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58509)
Hash ef4ef43e7287b3187c204296a0dcbbfe
99088f063958ecceb269bbb5610488faacbf6c9f
3a79bc527e0b7354c7a83d22590eb0a6285a6a08526f915bca080e4cbbe9cbe8
GET /libtrc/unip/1074154/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uVQ2Kp74w7SzLQaocn4yD7nrS8EoQgrxcXzAax/5Sh08E7bYDQdS2wVYjDeobkxe86UsT9JhVtc=
x-amz-request-id: TN60AKKVQKZMK3JE
x-amz-replication-status: COMPLETED
last-modified: Sun, 25 Sep 2022 11:08:34 GMT
etag: "5b862c6b3d457db51a45eceece43ecb7"
x-amz-version-id: ICU6ksb_DdYxGnEl5jMVj3IMB18crXyP
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 06:32:20 GMT
via: 1.1 varnish
age: 3960
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664433140.407381,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 82
content-length: 17962
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 04:41:09 GMT
expires: Thu, 29 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 6671
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0B9462957ECE68A03B1B70BB7F3B6940; domain=.bing.com; expires=Tue, 24-Oct-2023 06:32:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 570B578E418341E89C58A09190BBE85A Ref B: OSL30EDGE0117 Ref C: 2022-09-29T06:32:20Z
date: Thu, 29 Sep 2022 06:32:20 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.primalhealthcrm.com/global/img/faviconsr.ico
74.124.27.105200 OK 3.5 kB URL HTTP/1.1 cdn.primalhealthcrm.com/global/img/faviconsr.ico
IP 74.124.27.105:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 47b8dabcc032d70ca57687a54013e4ac
ec2b12d1a96a5075c7b32515ef04b7aa35e537cb
3590aa9018469eaa96de8fab05681fb94f886b9d75d9b86d68126c9eb6f5b910
GET /global/img/faviconsr.ico HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:20 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 04 May 2020 20:18:39 GMT
ETag: "3aee-5a4d83c8bb740-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/vnd.microsoft.icon
Content-Encoding: gzip
Content-Length: 3464
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 91aeda53c7726ce8e29cc1eb871e6315
92559ccfe237539d123b29085708666e45a620e0
bec8494b8bc023d54056e2b8d68d6887f3c8079e00e1483ee24587e1b28e7400
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Sep 2022 06:32:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 21:32:48 GMT
Expires: Thu, 29 Sep 2022 21:32:48 GMT
ETag: "92559ccfe237539d123b29085708666e45a620e0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
static.hotjar.com/c/hotjar-1796349.js?sv=5
143.204.55.37200 OK 2.2 kB URL HTTP/2 static.hotjar.com/c/hotjar-1796349.js?sv=5
IP 143.204.55.37:0
File type ASCII text, with very long lines (3790)
Hash a9d4418a45ce60e79d585e547aa1c65e
25a6ca6d9a9cb7cc3327b5d50a453cbc6024bcd9
1f486fac77a4538ce3c7c6048eb67e1753f6ad3a1bf9ba0a6b4ce459e30cc58e
GET /c/hotjar-1796349.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 29 Sep 2022 06:32:20 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/63e0d322332d1ce55d017c62a59bdec3
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wYtqWhCVfBEstXUuJujxpH3VgO_VgHKJdmpln5xjmuBv7vvABcSzRA==
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VSltGLCl_UIm5X4h9K8ttkZI58Qijn9Grdl8KoIG0kgsdCqBa0Z65A==
age: 1890913
X-Firefox-Spdy: h2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=5483607258049077&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Complete&ts0=1664433138067&st=1664433138068
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=5483607258049077&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Complete&ts0=1664433138067&st=1664433138068
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=5483607258049077&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Complete&ts0=1664433138067&st=1664433138068 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137112&hv=4.18.4
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137112&hv=4.18.4
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137112&hv=4.18.4 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1257
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/awesome-log?cid=DOBezDQw
107.178.211.97200 OK 43 B URL HTTP/2 stats.vidalytics.com/awesome-log?cid=DOBezDQw
IP 107.178.211.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=DOBezDQw HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "DOBezDQw/hKpck7yGvgTnp7lI"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 20
access-control-allow-origin: *
X-Firefox-Spdy: h2
licensing.bitmovin.com/licensing
35.227.229.24200 OK 165 B URL HTTP/2 licensing.bitmovin.com/licensing
IP 35.227.229.24:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 150
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Thu, 29 Sep 2022 06:32:20 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 91aeda53c7726ce8e29cc1eb871e6315
92559ccfe237539d123b29085708666e45a620e0
bec8494b8bc023d54056e2b8d68d6887f3c8079e00e1483ee24587e1b28e7400
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Sep 2022 06:32:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 21:32:48 GMT
Expires: Thu, 29 Sep 2022 21:32:48 GMT
ETag: "92559ccfe237539d123b29085708666e45a620e0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
script.hotjar.com/modules.cf44a0a6b448df1b035e.js
143.204.55.96200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.cf44a0a6b448df1b035e.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f131c93ccff63ccc86d0067d0eebf99
a599898399783be0db5f757c043b828a0726deec
91980f4223c639c3849139a6e692ccf10310f0b57d74b403198af020fc7398a2
GET /modules.cf44a0a6b448df1b035e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66148
date: Wed, 28 Sep 2022 11:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f131c93ccff63ccc86d0067d0eebf99"
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TyI_EapoMPKS9Ll07SYHE-6xaAP68wKvCAx1q-Ta5W6-aRW2RL9t5g==
age: 68115
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11042310&Ver=2&mid=bb9b269a-8ca5-461e-9255-90dc6ace9369&sid=76e949e03fc011edae30ffde97659114&vid=76e948703fc011ed89050936891e5292&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Special%20Offer&p=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&r=<=2865&evt=pageLoad&sv=1&rn=417865
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11042310&Ver=2&mid=bb9b269a-8ca5-461e-9255-90dc6ace9369&sid=76e949e03fc011edae30ffde97659114&vid=76e948703fc011ed89050936891e5292&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Special%20Offer&p=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&r=<=2865&evt=pageLoad&sv=1&rn=417865
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11042310&Ver=2&mid=bb9b269a-8ca5-461e-9255-90dc6ace9369&sid=76e949e03fc011edae30ffde97659114&vid=76e948703fc011ed89050936891e5292&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Special%20Offer&p=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&r=<=2865&evt=pageLoad&sv=1&rn=417865 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=36A73766D67B67A610FD2548D78E6629; domain=.bing.com; expires=Tue, 24-Oct-2023 06:32:21 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF3CD16BCF71417B986F2E06E9F29C78 Ref B: OSL30EDGE0117 Ref C: 2022-09-29T06:32:21Z
date: Thu, 29 Sep 2022 06:32:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&gjid=196322115&_gid=898740492.1664433138&_u=YGBAgEABAAAAAE~&z=2034161245
64.233.165.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&gjid=196322115&_gid=898740492.1664433138&_u=YGBAgEABAAAAAE~&z=2034161245
IP 64.233.165.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&gjid=196322115&_gid=898740492.1664433138&_u=YGBAgEABAAAAAE~&z=2034161245 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://refineyoursleep.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b-code.liadm.com/a-060r.min.js
143.204.55.58200 OK 11 kB URL HTTP/2 b-code.liadm.com/a-060r.min.js
IP 143.204.55.58:0
File type Unicode text, UTF-8 text, with very long lines (28096), with CRLF, LF line terminators
Hash 819a5a160f4985b4f15e11e7eabc4b4d
74187a36d9c7ca2643e04cee05dda3c3d8e39ef6
2a49d76d1aeb2862ba397d9ff2b2198fb10776ba9070678d964b810c1bba562d
GET /a-060r.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 13:56:34 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YadCpy8cbvx4LmzJaj_3_2LLDEvOv83gxcXRKS68zqm9FraedHNOKw==
age: 59746
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/config/10012620.json
188.125.94.204200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10012620.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10012620.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: YBV68S4CPWAQD7J3
x-amz-id-2: 5KucWIlsToTvfBQIndDw23KhYeHI+az+ottBC2Yab1phJ7LdglZD3Pp9VlRZW7DmVnk0N+oNfH8=
content-type: application/json
date: Thu, 29 Sep 2022 06:32:20 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74da23feb51541d5a4eb7eff61088b65
5b70a903aa00d079dc55487c7f7edd3bf0fd6bf6
23bbfc9938e7f0fe3a0cfb6f364bc149782ec836e4d6f5f31640a7ddacee7014
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Last-Modified: Thu, 29 Sep 2022 05:30:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74da23feb51541d5a4eb7eff61088b65
5b70a903aa00d079dc55487c7f7edd3bf0fd6bf6
23bbfc9938e7f0fe3a0cfb6f364bc149782ec836e4d6f5f31640a7ddacee7014
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6427
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Last-Modified: Thu, 29 Sep 2022 04:45:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/tag/uet/11042310
13.107.246.53200 OK 1.5 kB URL HTTP/2 www.clarity.ms/tag/uet/11042310
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1495), with no line terminators
Hash 63edddac7b1c3174affbe17ad478f79f
9a9cf8d41aeb51094caa7540263d844b3c397afa
93fe663d51a6192745091a67ca50b63b5d1539c5d6a60dccc3cda6f495db2b0c
GET /tag/uet/11042310 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1495
content-type: application/x-javascript
expires: -1
set-cookie: CLID=d2ea5139f5374d19b3111fcac2c97be7.20220929.20230929; expires=Fri, 29 Sep 2023 06:32:21 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 09Ts1YwAAAAAdZnr49j8OR7gV+WMbjDM4U1ZHMjBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 29 Sep 2022 06:32:20 GMT
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-
34.235.93.114302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-
IP 34.235.93.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 0
trace-id: 72f21b5f734ea1be
vary: Origin
location: /j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true
set-cookie: lidid=4567eb03-af99-4169-ae55-be42c2f6bc1b; Max-Age=63072000; Expires=Sat, 28 Sep 2024 06:32:21 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00c8cb59043e91fe98cbb336c2f007ab19&obApiVersion=1.0&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&optOut=false&bust=009596332978630329&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00c8cb59043e91fe98cbb336c2f007ab19&obApiVersion=1.0&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&optOut=false&bust=009596332978630329&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00c8cb59043e91fe98cbb336c2f007ab19&obApiVersion=1.0&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&optOut=false&bust=009596332978630329&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:21 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 2cf056e2167cac1b3aa6644c7ab518b3
content-encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f457b92cc8ead600e5c297206466eff8
07dc558538848093c071d422f5f0df9885466df1
83bb44907eeb0602b45d29d12c65ffc60ded954d9751078fc958a4494b87fe70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:21 GMT
Last-Modified: Thu, 29 Sep 2022 05:15:27 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 87cocAYFQjs3oDR55rwxFwPrVPjhhh5A1_idIeEKHMBsWOa287QXDg==
Age: 4614
fast.vidalytics.com/video/DOBezDQw/HUjuKumKcypbkfn0/61240/52296/stream.mpd
151.139.128.11200 OK 2.6 kB URL HTTP/2 fast.vidalytics.com/video/DOBezDQw/HUjuKumKcypbkfn0/61240/52296/stream.mpd
IP 151.139.128.11:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash fcc3e08cedb8dbcc572faabcaeabcb5d
053815266a8db8be691059018e26970d762ab0e0
cc01f3a2d5c3e1f61d05f4765942eac8d658eb6c3e65c57464da4ab2995f24ad
GET /video/DOBezDQw/HUjuKumKcypbkfn0/61240/52296/stream.mpd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
accept-ranges: bytes
content-length: 2621
content-type: application/dash+xml
x-hw: 1664433140.cds024.sk1.hn,1664433140.cds209.sk1.s,1664433140.dop008.la3.r,1664433141.cds233.la3.c,1664433141.cds209.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycduTbMyTxukQYnyfyFWwgrdVm5UstvL7Et5a_o39NNAF3-oPtEk10dRaXk-Xy5AVBhEKd3_aw7fswQs57SEJw9Vz7RP_KYwv
cache-control: public, max-age=31104000
etag: "fcc3e08cedb8dbcc572faabcaeabcb5d"
x-goog-generation: 1648481768937712
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2621
x-goog-hash: crc32c=PHLYVA==, md5=/MPgjO2428xXL6q8rqvLXQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Mon, 28 Mar 2022 15:36:09 GMT
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19
64.202.112.159200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19
IP 64.202.112.159:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:21 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 146785059ac7ea77dafd4da860803c59
content-encoding: gzip
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2006%3A32%3A18%20GMT&n=0&b=Special%20Offer&.yp=10012620&f=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&enc=UTF-8&yv=1.13.0
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2006%3A32%3A18%20GMT&n=0&b=Special%20Offer&.yp=10012620&f=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&enc=UTF-8&yv=1.13.0
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2006%3A32%3A18%20GMT&n=0&b=Special%20Offer&.yp=10012620&f=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&enc=UTF-8&yv=1.13.0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
expires: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPU7NWMCEIZOV4GEbaWu8Gf0EPCzb6sFEgEBAQGNNmM_YwAAAAAA_eMAAA&S=AQAAAvn3MzJw81TimC7pS1GGu-c; Expires=Fri, 29 Sep 2023 12:32:21 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true
34.235.93.114200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true
IP 34.235.93.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Referer: https://refineyoursleep.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
content-length: 13
trace-id: e4068c159392bea8
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 755aebf1-b938-4232-a5c0-749d30ccd1c2
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics/error
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics/error
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics/error HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 524
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1836
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics/error
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics/error
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics/error HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 513
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.246.53200 OK 24 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54809)
Hash 1a7d206cf77e52160f7d49ab1c167fe5
08d824c483c1a2428bdc4e583d61a5ca8d1afb74
5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d107429df470"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 09Ts1YwAAAADuzYZ7tyWRRovpCe89W+DzU1ZHMjBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 29 Sep 2022 06:32:20 GMT
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 408
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2805926485646633&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Played&ts0=1664433138975&st=1664433138977
44.206.92.210200 OK 37 B URL HTTP/2 heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2805926485646633&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Played&ts0=1664433138975&st=1664433138977
IP 44.206.92.210:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2805926485646633&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Played&ts0=1664433138975&st=1664433138977 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1827
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 541
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=04E98CBDD14063E73DE19E93D5406DC3; domain=.clarity.ms; expires=Tue, 24-Oct-2023 06:32:22 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 541
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refineyoursleep.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3AC74AB53FA966230A1C589B3E5C6790; domain=c.bing.com; expires=Tue, 24-Oct-2023 06:32:22 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F92CECABECBF401088D48AD71514CE71 Ref B: OSL30EDGE0117 Ref C: 2022-09-29T06:32:22Z
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 524
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refineyoursleep.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 29-Sep-2022 06:42:22 GMT; path=/; SameSite=None; Secure;
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 42
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 513
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2
trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664433139574&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664433139574&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1074154/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664433139574&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 29 Sep 2022 06:32:22 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 121783
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Thu, 29 Sep 2022 06:32:22 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664433142575&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664433142575&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1074154/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664433142575&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 29 Sep 2022 06:32:25 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1806
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:25 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fast.vidalytics.com/video/DOBezDQw/fE3hsU0RSw93Dcuo/img/thumbnail/1overlay-opt-3-5ff7a5bd71d7b.gif
151.139.128.11200 OK 0 B URL HTTP/2 fast.vidalytics.com/video/DOBezDQw/fE3hsU0RSw93Dcuo/img/thumbnail/1overlay-opt-3-5ff7a5bd71d7b.gif
IP 151.139.128.11:0
GET /video/DOBezDQw/fE3hsU0RSw93Dcuo/img/thumbnail/1overlay-opt-3-5ff7a5bd71d7b.gif HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 352025
content-type: image/gif
last-modified: Fri, 08 Jan 2021 00:22:21 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvRb1ru04hREDdAdUbqvCMsgYiRnH577Q8yPoSs7dDBHPx5otQZfjwR8wzu09726t44AZX1qR8UvuTguDmNbCSiQtPWi5m0
x-goog-generation: 1610065341644167
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 352025
x-goog-hash: crc32c=7Q3i8g==, md5=HhONN/pfuaDSo3CBd09V9g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=31104000
etag: "1e138d37fa5fb9a0d2a37081774f55f6"
age: 1120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664433141.cds258.sk1.hn,1664433141.cds261.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:19 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9879893
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7522ae533f38b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.heapanalytics.com/js/heap-1279333676.js
54.230.111.113200 OK 0 B URL HTTP/2 cdn.heapanalytics.com/js/heap-1279333676.js
IP 54.230.111.113:0
GET /js/heap-1279333676.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 29 Sep 2022 06:31:50 GMT
server: nginx
etag: W/"1b5ce-6tWSLi2bR3oFWBbvyjUG6w"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _Xvss4KExDSY7CsSPq5H0tGdpf7IBP63GqzKQ_lAAjiFUOnqXluKEw==
age: 29
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1796349/visit-data?sv=5
54.76.60.60200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1796349/visit-data?sv=5
IP 54.76.60.60:0
POST /api/v2/client/sites/1796349/visit-data?sv=5 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 131
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
trc.taboola.com/1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 06:32:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664433141.112837,VS0,VE94
vary: Accept-Encoding
x-vcl-time-ms: 94
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/player-dash-mse.min.js
151.139.128.11200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/player-dash-mse.min.js
IP 151.139.128.11:0
GET /embeds/DOBezDQw/1q01xpVeThenmcsk/player-dash-mse.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:58:52 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdu8s8LV1U7QoFP5VGY5tLsMXrWR2lknZMH8kbUxLb-yzv8q9cOrhj_um_Gc8YsHIvczH69IL7sXhawCqb48-sRjig
x-goog-generation: 1661435932011405
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 494002
x-goog-hash: crc32c=UKYPmw==, md5=ItdUsAMIIjlekR3SAWI23g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
server: UploadServer
cache-control: public, max-age=300, s-maxage=2592000
etag: "22d754b0030822395e911dd2016236de"
age: 993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-cdn: 4
content-encoding: gzip
x-hw: 1664433139.cds024.sk1.hn,1664433139.cds024.sk1.hc,1664433139.cds253.sk1.c,1664433139.cds024.sk1.sl
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js
151.139.128.11200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js
IP 151.139.128.11:0
GET /embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:19 GMT
expires: Sat, 29 Oct 2022 06:32:19 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtIzdCGun0BCiVoK1Ahd4wkqeCBZnEF45XK0nsLvQ64CzGs6_fQ63Nh_uiIySDKWrtTprjHKyDz8yfdL8lZLJuLgWfWWuDT
x-goog-generation: 1661435931587555
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-storage-class: MULTI_REGIONAL
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
server: UploadServer
cache-control: public, max-age=300, s-maxage=2592000
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Thu, 25 Aug 2022 13:58:51 GMT
x-cdn-info: loader
x-cdn: 4
content-encoding: gzip
x-hw: 1664433139.cds258.sk1.hn,1664433139.cds258.sk1.hc,1664433139.cds223.sk1.sc,1664433139.cds223.sk1.p,1664433139.cds258.sk1.sl
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,400i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 06:32:19 GMT
date: Thu, 29 Sep 2022 06:32:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2