r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7806
Expires: Sat, 25 Mar 2023 00:07:36 GMT
Date: Fri, 24 Mar 2023 21:57:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5255
Expires: Fri, 24 Mar 2023 23:25:05 GMT
Date: Fri, 24 Mar 2023 21:57:30 GMT
Connection: keep-alive
stamptions.com/2559857Gm6820925vG99952775gP2760HG2hdr176742Hs
302 Found 0 B URL HTTP/1.1 stamptions.com/2559857Gm6820925vG99952775gP2760HG2hdr176742Hs
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /2559857Gm6820925vG99952775gP2760HG2hdr176742Hs HTTP/1.1
Host: stamptions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 24 Mar 2023 20:44:52 GMT
Server: Apache
location: https://mwebfantastic.com/6755/2386/2/?&subid=17b-2559857-6820925-176742-2760-99952775
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 21:15:18 GMT
content-type: application/json
age: 2532
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14946
Expires: Sat, 25 Mar 2023 02:06:36 GMT
Date: Fri, 24 Mar 2023 21:57:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JLfrZs6I8cOsNRasUuNVhxnhwqR7rG7js8+Zj9t4WkK3HdfWnZChTxLoiMtvUB3wGauAJYh40ec=
x-amz-request-id: JGYGT8JYBJG4ANB1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 21:54:40 GMT
age: 170
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 21:57:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 21:17:23 GMT
age: 2407
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash a4ed6656e3874a01189979d34ae2243c
82932c12aadc51b0cf20808703783576e5028b04
b010f4b6c39e8c9925f39facd5d668ee0b162e26b67f674642ce3b065508aa0e
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167226
Date: Fri, 24 Mar 2023 21:57:31 GMT
Etag: "641e0705-1d7"
Expires: Sun, 26 Mar 2023 20:24:37 GMT
Last-Modified: Fri, 24 Mar 2023 20:24:37 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nMaTyfoxadUndqqyDzUTXWL0xZvbLomNiFRL43CYZyTo6BlVbY4N7g==
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8400
Expires: Sat, 25 Mar 2023 00:17:31 GMT
Date: Fri, 24 Mar 2023 21:57:31 GMT
Connection: keep-alive
go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230324215733667&aff_sub=2386
302 Found 335 B URL HTTP/1.1 go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230324215733667&aff_sub=2386
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aa1787225eebc112e5e571955395dd3a
6e840ca4064d4195f381f68278363c56ce5e18d2
e7d6ad2a8d222ea1fce2298ab17850f29b9a443b9be419a20d453d72752daa6e
GET /aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230324215733667&aff_sub=2386 HTTP/1.1
Host: go.welldaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: enc_aff_session_50=ENC03f50406eba12c7eafd9af5036fde368b4c321fddd0fcba1355c9b4205dea1f3e0153e7fe5b691d8965a505e630c03eed736c3ad62330c23772bc0a45d717545a3bfc4f06ee8b9859ad27a1506517d38a45d98f97dcb6e8bf7472f9ca2e7ca3878b0f5d39aa8fe7fa42540b9f6f3cc8d6fadc3f3e071c2e13788e8b5f151dc1ccc93136e940a87b113b99ed334ef16d18cecce4ca0c9fd93c3e6c7d6800397a69425b7d427; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 24 Mar 2023 21:57:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 335
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=102ac81d925f5afd9639ce6e3d8235&n=tune&AFFID=477232&subid=55_2386
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_2=ENC031d3467da31a75629caf73dc96cf1e6b924c0b5f2d33dd67a30e22ae920caf140ca6ba41cbd1ed3c43c8931f75575787e43ee57c24206bf77dfef39188361350127546fd81d20fb2131f31f69ee8795e574bd0364c88e3d160406a5efd70a9ac62ca6652aafa6e62978b1fc6190306eb887c02ee9501e8776ce918914aa8df0b9279d269a; expires=Fri, 31 Mar 2023 21:57:31 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 16 Feb 2026 08:37:31 GMT; path=/; SameSite=None; Secure
Tracking_id: 102ac81d925f5afd9639ce6e3d8235
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 371616b184e55874bb507f206ed57930
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8ce551c6777b0df269f2c2afc834f60a
27c0e74a22cf98773a2b0ba71edf7dae2818b5b2
a06ec084acfa41c925665559442009ac74a1d1c183b1c55c962fadffcaafeab0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A06EC084ACFA41C925665559442009AC74A1D1C183B1C55C962FADFFCAAFEAB0"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 25 Mar 2023 03:57:31 GMT
Date: Fri, 24 Mar 2023 21:57:31 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dh3fGikwZrY7Wq4TTNCxBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NJ01vZrmbLAVKkXx8m855cttGUo=
pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=102ac81d925f5afd9639ce6e3d8235&n=tune&AFFID=477232&subid=55_2386
200 OK 18 kB URL HTTP/1.1 pages.upwellness.com/uc-grplus-vsl01-aff-2/?offer=2&session_id=102ac81d925f5afd9639ce6e3d8235&n=tune&AFFID=477232&subid=55_2386
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12318), with CRLF, LF line terminators
Hash 0cc1e2e6e0fb2e0ef7f1a50cd11c5879
dfb85bb71a5160e4e05771d7c1a8e16811088c81
ba8712da4874e036fd7a9590e47d6779932ecd0deb7254fa082d37b76a679fb7
GET /uc-grplus-vsl01-aff-2/?offer=2&session_id=102ac81d925f5afd9639ce6e3d8235&n=tune&AFFID=477232&subid=55_2386 HTTP/1.1
Host: pages.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ubvs=d4d83f37-37e9-4ce4-aa90-573ababdc90a; ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; outbrain_cid_fetch=true; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; _pin_unauth=dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw; cl4975ot4arrr6_eidsTracked=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Fri, 24 Mar 2023 21:57:31 GMT
content-type: text/html; charset=utf-8
content-length: 18080
set-cookie: ubvs=d4d83f37-37e9-4ce4-aa90-573ababdc90a; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; Max-Age=259200; Domain=upwellness.com; Path=/; SameSite=Lax
ubpv=ak%2Cfbe91892-5070-465e-914a-d53bab95f199; Max-Age=15897600; Path=/uc-grplus-vsl01-aff-2/; SameSite=Lax
content-location: https://pages.upwellness.com/uc-grplus-vsl01-aff-2/
etag: "ak:ea71be80360a456a84c2ff71bfd82ae6"
link: <https://pages.upwellness.com/uc-grplus-vsl01-aff-2/>; rel="canonical"
x-unbounce-pageid: fbe91892-5070-465e-914a-d53bab95f199
x-unbounce-variant: ak
x-unbounce-visitorid: d4d83f37-37e9-4ce4-aa90-573ababdc90a
content-encoding: gzip
x-proxy-backend: page-server
builder-assets.unbounce.com/published-css/main-7b78720.z.css
200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP
File type ASCII text, with very long lines (15017)
Hash 3d27e56a34e34b278ab5e182cbc3b587
b871dae022b6537150e18df2bbf266caaa013fdc
3646920461d3a5dd11dfb46a1d063bee0eaad079e9d3e9341942f24f3688401f
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Sat, 21 Jan 2023 01:22:01 GMT
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
etag: "3d27e56a34e34b278ab5e182cbc3b587"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QzTBqoVI2w9oWnTweB-PKXDyTUEkKxyObF2oSXWCltjn7M6S5EfF8Q==
age: 5430931
X-Firefox-Spdy: h2
cdn1.decide.dev/tracking/rainmakeradventures_lander.js
200 OK 3.4 kB URL HTTP/2 cdn1.decide.dev/tracking/rainmakeradventures_lander.js
IP
File type Unicode text, UTF-8 text, with very long lines (3733)
Hash 67dd49f952cb2ec2847856c8aafcceed
2ee7145a34810f8ce941bfb1a9af27cdded4b013
e0970c98cfdbf9923925aaa7bff1c9e8ac89a2cd0a399d30a6911fb6b3c4be99
GET /tracking/rainmakeradventures_lander.js HTTP/1.1
Host: cdn1.decide.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:31 GMT
cache-control: max-age=2303
content-encoding: gzip
content-length: 3393
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 16:48:56 GMT
accept-ranges: bytes
etag: "851d4fc77aafaf706108376b638e6a36"
x-hw: 1679695051.cds230.sk1.hn,1679695051.cds238.sk1.c
timing-allow-origin: https://decide.dev
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (117310 bytes)
Hash 069fe9e390ba04b1e305cf15d8cbaca0
e94d72e8f2810227ae13d520d969b85f608328d9
17cf41a535a1b281316f3f3358ccbfd0d4ff9798485106a88023bb3351dc6b4b
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:39 GMT
etag: "069fe9e390ba04b1e305cf15d8cbaca0"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:31 GMT
age: 840
x-served-by: cache-iad-kjyo7100121-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 33
x-timer: S1679695052.777804,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 117310
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
IP
File type ASCII text, with very long lines (5768)
Hash 80d32cd842ee52c797f93c3ad333fee7
25f1f19b451c98a4331953e3a15c77895943aba4
8edc3e55ff918c30ea7d8784901d8b3a2bde111588f79e8da3c0abe6fd4e5bf1
GET /embed/medias/aeu9oe7qwy.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"a66368f5954042ba3f7a2586c6dc2e1a"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 1819e6671c5650a6e46179f343a16823
x-runtime: 0.056613
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:31 GMT
age: 20437
x-served-by: cache-iad-kiad7000112-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 357, 1
x-timer: S1679695052.777927,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1831
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
200 OK 4.0 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash bedc068a9cc6964d07e1673050cbb3ec
ba9a082014112801aa5b12602be54b52792d0a2d
0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa
GET /embed/medias/aeu9oe7qwy/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31449593
content-disposition: inline
content-type: image/jpeg
last-modified: Wed, 23 Mar 2022 20:25:50 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:31 GMT
age: 20469
x-served-by: cache-iad-kiad7000125-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 528, 1
x-timer: S1679695052.777778,VS0,VE1
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4021
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg/swatch
200 OK 4.3 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg/swatch
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash fb5a783f53d0a1085ac33c2afda39271
ba3edaca28fc953f25c45261c637e8d880d1e357
b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b
GET /embed/medias/tmmqdtznyg/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31535970
content-disposition: inline
content-type: image/jpeg
last-modified: Tue, 13 Apr 2021 18:37:38 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:31 GMT
age: 20469
x-served-by: cache-iad-kcgs7200153-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 547, 1
x-timer: S1679695052.789069,VS0,VE1
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4324
X-Firefox-Spdy: h2
cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
200 OK 498 kB URL HTTP/2 cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
IP
File type Unicode text, UTF-8 text, with very long lines (60034), with no line terminators
Size 498 kB (497733 bytes)
Hash 0426397a9b31146729ac86c5be8595d3
953342b7defc23d1c552eba63f42bb915aae90f3
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
GET /proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1 HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:31 GMT
content-type: application/javascript
content-length: 497733
x-amz-id-2: XfamGhBMjZBo/sWrg3mxYdwUMUL0rpYArqF2RUd2t+2nxyqUognVNx+1xnHz8Eg7hGncdCbH6WA=
x-amz-request-id: RVX6E6XRK17ASENB
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "0426397a9b31146729ac86c5be8595d3"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
age: 60541850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7jeBiyApYs5TasoHxEfhsC0t2UrYt9%2BKh49%2FN9udVj91TsI%2BGQQg0zuozjLXNHfHHkSYeuSu8U0%2F7XlDImLf5GpNy09wpwnXy3ikNaIdl%2Bu8xgDHTGhOfwVepTaHgjCDqjq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad22b9a0c85b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"b365470290754d9cfca3f630faf36f40"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 24 Mar 2023 21:57:31 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"b365470290754d9cfca3f630faf36f40"
age: 20439
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1679695052.927847,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash ed58545d2291bf0b11981d148bf0cdd6
7f905031a665c98d84129a8e5bc9cd37a814c08f
573f6235fe20595b2be1104a978b70088bdd063ff278f5ce4cff2787c8c62376
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139272
Date: Fri, 24 Mar 2023 21:57:32 GMT
Etag: "641d8f8a-1d7"
Expires: Sun, 26 Mar 2023 12:38:44 GMT
Last-Modified: Fri, 24 Mar 2023 11:54:50 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mN1UJkoiRUqxAv6oRmu3s2Bn6CjRVBac7fTG3FhF2hR0sCZ_QucPvg==
Age: 2634
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
200 OK 1.4 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2859)
Hash f83ae28f4673e647d19dea6ae013cda9
54ae8f981959a356c53e92c407c4845e1139405f
b9a500064063fde40295b4555800d8cc55d4152d938f59cafcf633ceab12531a
GET /i18n/pixel/events.js?sdkid=C7LJJ239OPOGJH4N4JI0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230324215732AF76A46ECD4F6E7197BE
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6bd3152ec8cd84a159ff00f76409a0b3024e4bee7a308a3046f4e4f2dcd374c63af919c46fe44136945ac260d05da4d35e71a6da77539fd3b07ebd504676a4902867e6745853723c90b25b2426ce9d84b6a323f831ec8de171dae234bbeda9b25
content-encoding: gzip
content-length: 1361
x-origin-response-time: 6,104.78.78.37
x-akamai-request-id: 10dc3843.59fa33d
expires: Fri, 24 Mar 2023 21:57:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 21:57:32 GMT
x-cache: TCP_MISS from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-78-78-37.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
x-parent-response-time: 104,95.101.11.167
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8a8950b497cc2ef541dadd4204bc7922
8999f592c8c951378491a0502ff7bb727be7751b
307f0c99274b5c69130be704058f1b734e60f9bd38f44060e17c2aed55b3029c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "307F0C99274B5C69130BE704058F1B734E60F9BD38F44060E17C2AED55B3029C"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 25 Mar 2023 03:57:32 GMT
Date: Fri, 24 Mar 2023 21:57:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8a8950b497cc2ef541dadd4204bc7922
8999f592c8c951378491a0502ff7bb727be7751b
307f0c99274b5c69130be704058f1b734e60f9bd38f44060e17c2aed55b3029c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "307F0C99274B5C69130BE704058F1B734E60F9BD38F44060E17C2AED55B3029C"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Sat, 25 Mar 2023 03:56:34 GMT
Date: Fri, 24 Mar 2023 21:57:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 51c0a14cda94d24174dc79e2e0c5cd2e
89b427881664b14c11d0c3cb12591dc83e168641
9cfe515a97921b2d07879ea3ab5e1c5a9b79e678ee649c5f21d8269d680950c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CFE515A97921B2D07879EA3AB5E1C5A9B79E678EE649C5F21D8269D680950C4"
Last-Modified: Fri, 24 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 25 Mar 2023 03:57:32 GMT
Date: Fri, 24 Mar 2023 21:57:32 GMT
Connection: keep-alive
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
200 OK 744 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
IP
File type ASCII text, with CRLF line terminators
Hash 3110f39a7f2fe9edef25454e9b7a57c2
273c540727af9f5f57cf7f0164d8eb43c56c1b71
b6591997ffdba5b81c1af7fa96a8f6cf26597eb4046d64f91301eb1000a54853
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; AWSALB=w0SzFWeP/8TM3hQoqp9yhMmNZnqcVikQLY/Vhrb5U3dy2/8fLDn9rPFh9Yg8CV8PG+L1eBOfV8SIFdgbjXniBwh0K+Itw5BzIVhVWJmKj9yY1gCYJGZOxeqDXzLF; AWSALBCORS=w0SzFWeP/8TM3hQoqp9yhMmNZnqcVikQLY/Vhrb5U3dy2/8fLDn9rPFh9Yg8CV8PG+L1eBOfV8SIFdgbjXniBwh0K+Itw5BzIVhVWJmKj9yY1gCYJGZOxeqDXzLF; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; UPWEL-ANP=6141; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:32 GMT
content-type: text/javascript; charset=utf-8
content-length: 744
set-cookie: AWSALB=aKv+iSakzo1QraP3RtvTq5qp2HH86sjvFhYhuQZG63HC4z+Cr3JmtpbsmUsEZ42xNdRoDTWtYHeRO+ukT0mK4QDxDH0kLjeDiF5v2qMhw5OGpgFxxNUdto9t19su; Expires=Fri, 31 Mar 2023 21:57:32 GMT; Path=/
AWSALBCORS=aKv+iSakzo1QraP3RtvTq5qp2HH86sjvFhYhuQZG63HC4z+Cr3JmtpbsmUsEZ42xNdRoDTWtYHeRO+ukT0mK4QDxDH0kLjeDiF5v2qMhw5OGpgFxxNUdto9t19su; Expires=Fri, 31 Mar 2023 21:57:32 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
200 OK 251 B URL HTTP/2 store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
IP
File type ASCII text, with CRLF line terminators
Hash e6735c6f608ee64c784286185e5ec194
fc90f684a019712ed8bba84418bd7aee5e691bb9
5a74dbf85d18206e84e65be38b869a0a2cc8bc71ac8adeb26321ccc5ef1411e2
GET /cgi-bin/UCInvisibleLink?merchantId=UPWEL HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; AWSALB=w0SzFWeP/8TM3hQoqp9yhMmNZnqcVikQLY/Vhrb5U3dy2/8fLDn9rPFh9Yg8CV8PG+L1eBOfV8SIFdgbjXniBwh0K+Itw5BzIVhVWJmKj9yY1gCYJGZOxeqDXzLF; AWSALBCORS=w0SzFWeP/8TM3hQoqp9yhMmNZnqcVikQLY/Vhrb5U3dy2/8fLDn9rPFh9Yg8CV8PG+L1eBOfV8SIFdgbjXniBwh0K+Itw5BzIVhVWJmKj9yY1gCYJGZOxeqDXzLF; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; UPWEL-ANP=6141; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:32 GMT
content-type: text/javascript; charset=utf-8
content-length: 251
set-cookie: AWSALB=0fTJOZnYYM7rs5yJIiThMooMfp0zpmyvEQy0ePFBwy14n9XghaxFd7Lb3yCAb7hpOHhg64bnAHQEcBxyBn3Sdt8SJxKypwJbgNU56AL4GQAqjx8SDN/ysGBjL2pP; Expires=Fri, 31 Mar 2023 21:57:32 GMT; Path=/
AWSALBCORS=0fTJOZnYYM7rs5yJIiThMooMfp0zpmyvEQy0ePFBwy14n9XghaxFd7Lb3yCAb7hpOHhg64bnAHQEcBxyBn3Sdt8SJxKypwJbgNU56AL4GQAqjx8SDN/ysGBjL2pP; Expires=Fri, 31 Mar 2023 21:57:32 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 41fcbe3887a3080e1522d4fddd4f03f0
39d08908118db26a756e76e40813e617d88b6511
7e6289ca141f30c7ff99421c76f93e1832bebfc2dd030dc63c2abe30d165a56a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 21:57:32 GMT
Last-Modified: Fri, 24 Mar 2023 20:09:34 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aIx9_QNN2irn7C3ubkJCkwutoGKQbjF75hN7nbUjkrSh1ES4zi5A5w==
Age: 6478
analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMw.js
200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMw.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 228b00aace5fbf57eaefea685420ed6c
bd8fe73cf98fb206840246b8d738201977961953
47fb80c3dd0e27562dc81474df381a7f1360a9ba720405500cdd201851e78335
GET /i18n/pixel/static/main.MTE3ZGZjMmFkMw.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221151209DB4F598CC576F5F7623D
x-tt-trace-host: 0191a2b9a3cfeb42c0a1cff6ba94016356eec40e3b3561d2f4cf6c2f8ae77c392a9fe5c33f0212ff548e7f828d51d93272d6938b61122ea11a65e50711ae13ebc3473eb967e1d5039659e1f87ca40dc96c09b193e2d4ef6bf030e7cf112dfff74e
content-encoding: gzip
content-length: 68810
date: Fri, 24 Mar 2023 21:57:32 GMT
x-cache: TCP_HIT from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=2
x-akamai-request-id: 59fa486
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 3b1aa0707b4338ec927a2c8fb36a53c8
edac5aea728868d3ca2a831e5a2e56d11d3c908f
47afaa2e80ba4988f64a789a08635f87a29a96eb98741bfc9db3f27f35236cd7
GET /i18n/pixel/static/main.MTE3ZGZjMmFkMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023022114580197D1D9F27BA49920249D
x-tt-trace-host: 01376d55e9207fb9b53694a8f226bffc96be017fcc9929f495cda36706d13d6e11252724595407ade7067d1e832642900227e4bb81b44f01f8bbbe2b2c1e899fffb51fa5a948bf12890b478b1c02faf5a5d3ae8ebdc1f4737586b94bff6633e168
content-encoding: gzip
content-length: 66083
date: Fri, 24 Mar 2023 21:57:32 GMT
x-cache: TCP_HIT from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 59fa48b
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3054647b7b7785036f2ec0a55ad92d84
74280b3fb83a092e7d0497514b9d529ed1021bfd
8f0d08a76175588339942b4c1ec8db6bfc7fec1b2b110eafb28c089f50b407ce
GET /i18n/pixel/static/identify_cab4d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023022114580197D1D9F27BA4992024AC
x-tt-trace-host: 01376d55e9207fb9b53694a8f226bffc96be017fcc9929f495cda36706d13d6e11252724595407ade7067d1e83264290023339a38c4398fa7e9674f03248c35bba037c1cbbc4e8abc78ccb6d0a96324511c2c1ecd0e5f2813f0d917b1e792888e6
content-encoding: gzip
content-length: 30721
date: Fri, 24 Mar 2023 21:57:32 GMT
x-cache: TCP_MEM_HIT from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
x-akamai-request-id: 59fa520
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 876
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202303242157328938868C34EA80759EC6
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6bd3152ec8cd84a159ff00f76409a0b30de9e03d832a79828ef32ca4983e7d432a3b4ef4ce82790571749e8220a05ef0a4f6d15002040de72918c6c3c39db9d63232a24af552bfed7994b3f8d1f7c7f22b2bb53985d3c1cbe2698869c9b4e2f5d
x-origin-response-time: 26,104.78.78.29
x-akamai-request-id: 55f9566d.59fa53f
expires: Fri, 24 Mar 2023 21:57:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 21:57:32 GMT
x-cache: TCP_MISS from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-cache-remote: TCP_MISS from a104-78-78-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=26, inner; dur=23
x-parent-response-time: 125,95.101.11.167
X-Firefox-Spdy: h2
assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
200 OK 48 kB URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
IP
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash 11a2f3a10b6c5d788306c6a0b656621b
87c3fc7f5e8ccd3ec231640d8e3e85a496cc668b
17cd7977687c8d33fa4ef7433f562036a211f70cb73bf1529ac2a38751fabb5e
GET /universalscript/releases/v0.180.0/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 14 Mar 2023 18:00:56 GMT
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5gEu54xF61vsCmsKgqHpeQZETSqz-eR_6uYJ8J7v15fe-IMSP2CYmA==
age: 878197
X-Firefox-Spdy: h2
store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff-2/%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386
200 OK 138 B URL HTTP/2 store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff-2/%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386
IP
File type ASCII text, with CRLF, LF line terminators
Hash 0a0dad1202bc5ff832dabf235ef56d65
ad4e6f5465bf615e93ac688901dbf5451cd82f9c
ca4c195e5ec4eab21b44b0d3b04e80c509cc86a1b6329552afc283649c024094
GET /affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff-2/%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; AWSALB=0fTJOZnYYM7rs5yJIiThMooMfp0zpmyvEQy0ePFBwy14n9XghaxFd7Lb3yCAb7hpOHhg64bnAHQEcBxyBn3Sdt8SJxKypwJbgNU56AL4GQAqjx8SDN/ysGBjL2pP; AWSALBCORS=0fTJOZnYYM7rs5yJIiThMooMfp0zpmyvEQy0ePFBwy14n9XghaxFd7Lb3yCAb7hpOHhg64bnAHQEcBxyBn3Sdt8SJxKypwJbgNU56AL4GQAqjx8SDN/ysGBjL2pP; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; UPWEL-ANP=6141; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:32 GMT
content-type: text/javascript; charset=utf-8
content-length: 138
set-cookie: AWSALB=6jH1tCp1qfCCTQBsr/qHMi5XLB0JeiaMjEZvdpOs/Qu8aFkWzf0yfIhDMOjZd2H4Cjgu8MoFGYLOChgr6tBJsWxxW0sErVThsrgk6kiS8hIoqCShbMLXxLyPpPnP; Expires=Fri, 31 Mar 2023 21:57:32 GMT; Path=/
AWSALBCORS=6jH1tCp1qfCCTQBsr/qHMi5XLB0JeiaMjEZvdpOs/Qu8aFkWzf0yfIhDMOjZd2H4Cjgu8MoFGYLOChgr6tBJsWxxW0sErVThsrgk6kiS8hIoqCShbMLXxLyPpPnP; Expires=Fri, 31 Mar 2023 21:57:32 GMT; Path=/; SameSite=None; Secure
UltraCartShoppingCartID=15B930C42150D9018715A07F431F8B00;Version=0;Path=/;Domain=.upwellness.com
JSESSIONID=abc4zD9WxTHCzLS2KPpsg; path=/; HttpOnly
LBJSESSIONID=abc4zD9WxTHCzLS2KPpsg.n246; path=/; HttpOnly
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&ndclid=&rf=&sem=&tm=0
204 No Content 0 B URL HTTP/2 flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&ndclid=&rf=&sem=&tm=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&ndclid=&rf=&sem=&tm=0 HTTP/1.1
Host: flask.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:32 GMT
server: istio-envoy
context-id: 168a84cc-d554-4a26-9792-c09693982c9c
x-envoy-upstream-service-time: 6
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
200 OK 34 kB URL HTTP/2 builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 66a5c759b0a898469971e281c08667e4
51e3971069d04d68fba726778d9c2314e8668454
724752ff4503b904731abf8e889ff53cffa3850a04788d333075a36485bbaaf7
GET /published-js/main.bundle-e1f0b93.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33858
date: Thu, 09 Feb 2023 23:57:42 GMT
last-modified: Thu, 09 Feb 2023 23:08:27 GMT
etag: "66a5c759b0a898469971e281c08667e4"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: 17zN0KsTjJudzmBpRx16GR4geRdzQrok
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b6nQbxLKFNA6qZf0suFAYtAj4hpvKfR-xLztDx-GYMbD8KAuIKAwqQ==
age: 3707991
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 4b1bf4ac254bbe3d50595fe627e9cf0e
a17b6935606b6ec11efde5ba65c77f1ae1ccafe6
f4314b1dc897fccf81ccba176cee75cb523cb3028d414f8df263f77b7614c581
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 21:57:32 GMT
Last-Modified: Fri, 24 Mar 2023 20:41:42 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: haX5nmJtPJvMzgmSiqaP2XoukgsQ-isVaNLjcyi_0U5M3UtxzFP4bQ==
Age: 4550
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 897
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: _ttp=2NTjGcsaDgwZj5W6OkxHq5Bt2B6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230324215732A3062EEAE6152A70FC6F
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6bd3152ec8cd84a159ff00f76409a0b30824527feb13fed90cb12a88f092fe6c26864f19d3f9758710f54935f716ef8e4ffc1a15563a79222f94deff57ebc6107a7f7b2360388e5078eff27aa4ae46c467f1319e1c5b32941fcc38418b73998d2
x-origin-response-time: 55,104.78.78.7
x-akamai-request-id: 759a42a.59fa535
expires: Fri, 24 Mar 2023 21:57:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 21:57:32 GMT
x-cache: TCP_MISS from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-cache-remote: TCP_MISS from a104-78-78-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=286, origin; dur=55, inner; dur=27
x-parent-response-time: 335,95.101.11.167
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
IP
Hash fde4d3457a50df6eb5c2e00c8f2ae5b3
e5cf16a28cc4234d5eaa77b2b0dd53f3522aa135
268ae6468593e886241a5aad414e64f7775e7ac13311ab55e9d35e34a24129ba
GET /ub.js?1673990108 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1865
date: Tue, 17 Jan 2023 21:41:41 GMT
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A8slHlNvxtoGm5s_e4ljMAXYoPur_22PmwbNs2RNlC83wvPBwwZ1xA==
age: 5703352
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
200 OK 484 B IP
File type ASCII text, with very long lines (1095), with no line terminators
Hash e524dc72fce18b784da6f9faf16ef525
b5462ffa269648bed7935ea6b4cf0fa7cfe36c21
facd4e773e8e7ed257a31badbe841267f57f79942cd3444884477d68148af9db
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "e524dc72fce18b784da6f9faf16ef525"
x-amz-server-side-encryption: AES256
cache-control: max-age=7200
content-encoding: br
accept-ranges: bytes
content-type: application/javascript
content-length: 484
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 6.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (19718), with no line terminators
Hash e072c2eeb57e57e4a307195a51fc750a
3109ce8e5ccba038646b6ddc290f63a2d8edd98a
64f77a0e6f8760825a06da7538a6ea06a4723478e1b7895078a39f2671456138
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "d19ad32008c4bc3916ea7137df776b3d:1678969189.53513"
Last-Modified: Thu, 16 Mar 2023 09:30:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Fri, 24 Mar 2023 22:17:32 GMT
Date: Fri, 24 Mar 2023 21:57:32 GMT
Content-Length: 6278
Connection: keep-alive
X-RG: EU
X-CC: NO
d3pkntwtp2ukl5.cloudfront.net/uba.js
200 OK 1.4 kB URL HTTP/1.1 d3pkntwtp2ukl5.cloudfront.net/uba.js
IP
Hash 9bc7a2a273a418c874990b6b630cfd2e
bc0461f4dd2055e8327089d07e4a6b992119cac5
6847eb22e8dde1a5fa897cef3c8b2acc1e7032ebe6c847234467e25da9da2008
GET /uba.js HTTP/1.1
Host: d3pkntwtp2ukl5.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1425
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 00:17:35 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 24 Mar 2023 14:32:18 GMT
ETag: "9bc7a2a273a418c874990b6b630cfd2e"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: en0u6mvekabPrNypKQZ0B64oLumFEQaP8ZxU7RNn70TSgzi2l4LiyA==
Age: 26715
ocsp.digicert.com/
200 OK 471 B IP
Hash e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5548
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:32 GMT
Last-Modified: Fri, 24 Mar 2023 20:25:04 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
cdn.taboola.com/libtrc/unip/1225872/tfa.js
200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1225872/tfa.js
IP
File type ASCII text, with very long lines (59026)
Hash fd3964d6a51f43aee534afc2321d3e1c
809951dd78c35e5865f6065dc5442244ab82dccb
a68e77d37e125962576b756fc30cc6512a07ffbe29a2b3b8053be89e29ffa50b
GET /libtrc/unip/1225872/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mWdj84dthWopcVxFJaA3fP2iKofNuEPVhAqeaykG3DAPta0vM1H1zJ0KZSooXLAFdlL8aRqi3V0=
x-amz-request-id: WYCPE2Z609KNTXVQ
x-amz-replication-status: COMPLETED
last-modified: Sun, 19 Mar 2023 11:22:43 GMT
etag: "16c86ddf8747ff32306ee4f66ab100f0"
x-amz-server-side-encryption: AES256
x-amz-version-id: 0wtSBvfEJLStuDk.EQ5rFOdN6MRhJB8Q
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:32 GMT
via: 1.1 varnish
age: 180
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1679695053.966708,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
access-control-allow-origin: *
content-length: 18173
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (40607), with no line terminators
Hash 04651bf0c51742f9007b1ae2b4486dee
6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd
5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11894
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5D6F93746A4A46668907FF5CFE108335 Ref B: OSL30EDGE0505 Ref C: 2023-03-24T21:57:32Z
date: Fri, 24 Mar 2023 21:57:32 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 88e5b5146933bbf5dfdcd53f3e878a93
89e3f8b909c6d6dad033153617b86b3804739607
17127e8f6b878f363ac444126645af23cddafdb68902355b28056ab928736728
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4114
Cache-Control: max-age=151918
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Etag: "641dbb29-1d7"
Expires: Sun, 26 Mar 2023 16:09:31 GMT
Last-Modified: Fri, 24 Mar 2023 15:00:57 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
200 OK 787 B URL HTTP/2 fonts.ub-assets.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
IP
Hash 11b3b8874ef0f9f9d4c6dbed3af90bbe
c9cd0afbc50846dda77adc311e0ca64f56a40ad9
653191805a9f18dcea71d0c339842bb94e86b227d786fb71aa2b8ed858b9ce53
GET /css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 787
date: Thu, 23 Mar 2023 23:47:15 GMT
x-amzn-requestid: a3117d0f-590a-41eb-8741-74ed8c2b832a
x-xss-protection: 0
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-amz-apigw-id: CQi4hGeiIAMFjSQ=
cache-control: private, max-age=86400
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-641ce503-0dbf9bf0140823645b65a0f5
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gsp_u-f7muC1wS69LnrR3I9nw2Kjxf0UJ5R4W0-RA5ihVW9RUMJ1SQ==
age: 79818
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash bb4b0c0e90dc201fbcd1c7485421eaf8
6c83a1aa45f075f26276edab3e48ba208dea4118
5e5330a72eec824ba4d18d1f6627661ffafec923e20abf9a7ec1e9b2661c2ab2
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100828
Date: Fri, 24 Mar 2023 21:57:33 GMT
Etag: "641cf7bc-1d7"
Expires: Sun, 26 Mar 2023 01:58:01 GMT
Last-Modified: Fri, 24 Mar 2023 01:07:08 GMT
Server: ECAcc (dcb/7312)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hKnwy3DhGu4oGYa0xl7FNOhjifGK8NXhzNSGcl_r-OzfIzaH4dt_Vg==
Age: 3053
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7286
Expires: Fri, 24 Mar 2023 23:58:59 GMT
Date: Fri, 24 Mar 2023 21:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7286
Expires: Fri, 24 Mar 2023 23:58:59 GMT
Date: Fri, 24 Mar 2023 21:57:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
business.newsbreak.com/tracking/pixel.gif?id=ID-1585718645907906561&uid=1-6jk3nnaa-lfn2yqxi&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&rl=&ts=1679695063182&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
200 OK 29 B URL HTTP/2 business.newsbreak.com/tracking/pixel.gif?id=ID-1585718645907906561&uid=1-6jk3nnaa-lfn2yqxi&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&rl=&ts=1679695063182&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 81615daadd11ec9e7834ee9818a0e813
020b643a3610e0280a39cb7afab810b8de62ae5c
7c5dcb5dc3eee6b0cc7513cb38cf0e5226f9300d0cce5f585fe1eba6c7a8bf9d
POST /tracking/pixel.gif?id=ID-1585718645907906561&uid=1-6jk3nnaa-lfn2yqxi&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&rl=&ts=1679695063182&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08= HTTP/1.1
Host: business.newsbreak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: application/json;charset=UTF-8
content-length: 29
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d6ed667dad0c17b3f1697f6ad5f1dd2
9eff2b1900bc9788dfbff11fce69cc7c944b1fc1
ec0f7b928c7efd46d2679477acd9f3bf0b335f31b9739c4e925b23bd5cd16a05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8385
x-amzn-requestid: 70d658a2-706c-428d-b232-d4a343556e55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8IUHv7IAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73ce-4288c6f05be90c543a5adb5a;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:58 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 00pLSzTvmnnvhdLG4rOtVPVM_F2rfQXus98AyXsY129ejW-1Y-UblQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 01:36:32 GMT
age: 73261
etag: "9eff2b1900bc9788dfbff11fce69cc7c944b1fc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vOBDFA2LzOIp_0dMXApotrithfiToWtpM2xMRyx1pWAE86olKT6EpQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 02:36:43 GMT
age: 69650
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 6.4 kB IP
ASN #203220 Yahoo! UK Services Limited
Hash 4f4ead92a536b0dbea8eee0310247400
b4b70402c984af7cd41a8096d5b5ca997a722518
823882995fe841cf8b89913cbca51eb0ff584c41f8661901c3638445bc22c005
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wGFCFO8LvRKvRCOHNOGeWftL06sggLbolvdKLPPjDI2YBakg9VmN0o5vcGqchUIi3ctGx8CkNK4=
x-amz-request-id: MGXEREDKMJT5C4JS
date: Fri, 24 Mar 2023 21:57:23 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 10
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: P7-VLhTNV8ha__Qb_unjyRpnt3eBa3wLV7pWv605A_td6gX2xr3RVQ==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:19 GMT
age: 854
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Tue, 24 Jan 2023 03:40:00 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ND4dJnAljAYqru1KqPzgauC2gv8EnsQ_TBZS4i7--dlYByS2cBXdsw==
age: 5163454
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:00:02 GMT
age: 86251
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.7ba116b9.js
200 OK 17 kB URL HTTP/2 s.pinimg.com/ct/lib/main.7ba116b9.js
IP
File type ASCII text, with very long lines (57623), with no line terminators
Hash 9c6e2e41656c92a4def190e70014e481
bc40c5adbae494009a92c17c4eaf6738ef5fae78
9fbc31b741e5ca4a4c23684e1be0d209028f838fbb2813aa18ccbb1a659acf79
GET /ct/lib/main.7ba116b9.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "9c6e2e41656c92a4def190e70014e481"
x-amz-server-side-encryption: AES256
content-encoding: br
accept-ranges: bytes
content-type: application/javascript
content-length: 17420
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 725b558c5b217b40ec923c072a764dc9
f3a16cf007c5793b3abc4978fe023f60d375315b
543d159b2fe8680fcaebd19ed567ea7725030f8c564784be0c542deed456144d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10649
x-amzn-requestid: e8bfb59a-ccad-4150-9dfa-a9ae7966500b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM7CIHrFoAMFTXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b720d-0ef87c8a6a55d9c77f2faa03;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:24:29 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MZAWLd0V6aOwfS3stOcabNJMrPjvrfMHg8lLXDrdEL6y-8XPZTgydQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 17:04:28 GMT
age: 17585
etag: "f3a16cf007c5793b3abc4978fe023f60d375315b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04db6085e8ec938c1385fb33b32ae036
0f173b8971723ec380a9610b3dda8f64890f6f37
873d5942c34057339f7a9c53a9d4cdc3a0b82f01223f851898da0ebbe0a628bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7482
x-amzn-requestid: 843e4bba-1550-44c4-be10-dd333148f83d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHxFuuIAMFvmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-03f5d2675850409e70748490;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -vjrmAFEFlCpClEnzffZY5N0F26cZzxS2U6qwvFGLLYbRuJ2BxkkDw==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:56:09 GMT
age: 84
etag: "0f173b8971723ec380a9610b3dda8f64890f6f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
200 OK 3.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
IP
File type PNG image data, 92 x 92, 8-bit colormap, non-interlaced\012- data
Hash 3e5b99433b8b72478180f7e404014a0b
dd2dc5346993430fd18898e72b853d4a8571cf54
316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2978
date: Thu, 16 Mar 2023 18:10:07 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "3e5b99433b8b72478180f7e404014a0b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: e9XvX2ZUkx99RLwlRQjFsTT6uv3RpLT5
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V-ovmG512JcSMIrQyye57TjO8q-RcsRPj9k5nbhNypkA_SO3T7HKBA==
age: 704847
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
200 OK 1.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash 9ac72e37f90441dec8054ca9fad4f958
c34ba3dfccc201d169861b88ae8172a8902559ef
6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1035
date: Sun, 19 Mar 2023 07:56:10 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "9ac72e37f90441dec8054ca9fad4f958"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: oWsZIZjwqBRVMwByNSwgg7ZM7dy3cEi_
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2FkStYVxYei9SvQ0VgA0VPTUPM68uocVsm1ikV560fYU3iEyqFR3mA==
age: 482484
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
200 OK 1.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash c3187d70acad4469f04dd3d18fa9e6c3
7fd04ec574ffdaf4310b21dce8e0e68a1dccce36
282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1275
date: Wed, 15 Mar 2023 20:55:52 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "c3187d70acad4469f04dd3d18fa9e6c3"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: XgNW_wUayVcd5N2aQOsvEF5TMSGgD0G4
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5sHhVm8Kli5ydMYd9kMYO5fCtG2E1nnb54vaC82Vjq7HOmpZqvKOBQ==
age: 781302
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
200 OK 4.9 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
IP
File type JPEG image data, baseline, precision 8, 156x156, components 3\012- data
Hash 86140e94391c453d7e943ecd2c76a385
87165779b2df1e9dc76345b53d6af5df0e7b5160
635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4874
date: Sat, 18 Feb 2023 09:51:31 GMT
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
etag: "86140e94391c453d7e943ecd2c76a385"
cache-control: max-age=31557600
x-amz-version-id: jAiQ1UJX3wNdQ.JEFJt3JzS5Nlzcc4b1
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sLrFNv7ghDLfmLiqQFIHf1Ydo1pNi97q8rfgLxoUOR1MxSmplOmpgA==
age: 2981163
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ab7be666-white-speakericons-02_100x00o000000000000028.png
200 OK 393 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/ab7be666-white-speakericons-02_100x00o000000000000028.png
IP
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 3ff814e5236412c48f322c8898ef45bc
03bb8e101a159000a746aa4c781db1347e90535d
579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/ab7be666-white-speakericons-02_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 393
date: Sat, 18 Feb 2023 09:51:31 GMT
last-modified: Thu, 02 Feb 2023 21:27:13 GMT
etag: "3ff814e5236412c48f322c8898ef45bc"
cache-control: max-age=31557600
x-amz-version-id: fB7hh2GXY4xH776rhFjDB.huUnYxlijz
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E_CiIbHOpjMgye5yh1VRiq2_MCUQouw27O6SYfUe88L_TN6jbyAyDQ==
age: 2981163
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ed6540f091473bdcdbbdf1009ffa9a50
fdb5868177013fd33d7cccc57c1e999cd068350a
4a588410501bffa74d7ecfbc1fb0ecc44698c1269c18183180004fe257086790
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A588410501BFFA74D7ECFBC1FB0ECC44698C1269C18183180004FE257086790"
Last-Modified: Fri, 24 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 25 Mar 2023 03:57:33 GMT
Date: Fri, 24 Mar 2023 21:57:33 GMT
Connection: keep-alive
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
200 OK 3.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
IP
File type PNG image data, 246 x 91, 8-bit colormap, non-interlaced\012- data
Hash b5c5f324193b5e16bbbeba489c9bf2f9
9f6c6b0feb1141dba640af2237d35ae33fc36677
84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3345
date: Fri, 10 Mar 2023 01:01:18 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "b5c5f324193b5e16bbbeba489c9bf2f9"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: nCZ2eXkQCQBBRBOQ08OGXdOA3ALAn4Sq
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S6IdsdRRqWfwHsqYu9-9YyxNo4A8RQ4tLhDB9wMaSiIRHdx_ml10ww==
age: 1284976
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ed6540f091473bdcdbbdf1009ffa9a50
fdb5868177013fd33d7cccc57c1e999cd068350a
4a588410501bffa74d7ecfbc1fb0ecc44698c1269c18183180004fe257086790
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A588410501BFFA74D7ECFBC1FB0ECC44698C1269C18183180004FE257086790"
Last-Modified: Fri, 24 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Sat, 25 Mar 2023 03:57:29 GMT
Date: Fri, 24 Mar 2023 21:57:33 GMT
Connection: keep-alive
bat.bing.com/action/0?ti=27015508&Ver=2&mid=ff8b595c-7d1d-45c8-8991-a74eedbaa317&sid=7cb86930ca8e11ed90463514453ac659&vid=7cb885d0ca8e11ed8472ebc25f80b804&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&r=<=2742&evt=pageLoad&sv=1&rn=50269
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27015508&Ver=2&mid=ff8b595c-7d1d-45c8-8991-a74eedbaa317&sid=7cb86930ca8e11ed90463514453ac659&vid=7cb885d0ca8e11ed8472ebc25f80b804&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&r=<=2742&evt=pageLoad&sv=1&rn=50269
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27015508&Ver=2&mid=ff8b595c-7d1d-45c8-8991-a74eedbaa317&sid=7cb86930ca8e11ed90463514453ac659&vid=7cb885d0ca8e11ed8472ebc25f80b804&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&r=<=2742&evt=pageLoad&sv=1&rn=50269 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=112347112F906104377D55CF2E65601F; domain=.bing.com; expires=Wed, 17-Apr-2024 21:57:33 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8630BCC9A41F4089A193309759053897 Ref B: OSL30EDGE0505 Ref C: 2023-03-24T21:57:33Z
date: Fri, 24 Mar 2023 21:57:33 GMT
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/aa65686b-white-speakericons-01_100x00o000000000000028.png
200 OK 404 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/aa65686b-white-speakericons-01_100x00o000000000000028.png
IP
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 6d0abbec035ce0c4075e7e7b8ee68550
2ecf92d54541667646b2364ce347baa45a57f77b
9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/aa65686b-white-speakericons-01_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 404
date: Thu, 16 Mar 2023 18:10:07 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "6d0abbec035ce0c4075e7e7b8ee68550"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: 2tLrAPF.Ts43gwRCMnii7N3UnO9TYZV1
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ucx4W30OxMwOonjMWkspa4fL0uDVkBHtu2wV30Fo7FRNPWny2gv42g==
age: 704847
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
200 OK 742 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash b02c898ea0b0b138b4c46168d31ebc9b
d9ac970e50ee53c042ad38a2c706d3e0d5662f99
f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 742
date: Sat, 18 Mar 2023 14:20:14 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "b02c898ea0b0b138b4c46168d31ebc9b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: NU4uHkNamaBg4.0PZm5nD5Ot2As74m7M
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TU5vzKZ43KQiK3vmBxPvReosecscNCSieig55k088_zBUidvMtfvFw==
age: 545840
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
200 OK 9.6 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
IP
File type JPEG image data, baseline, precision 8, 252x252, components 3\012- data
Hash 6ca7442dfba9d9e783f10f04dfcaa249
224afddf15c4f93481f56a2a997d752f09b38962
17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59
GET /pages.upwellness.com/uc-grplus-vsl01-aff-2/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9585
date: Sat, 18 Mar 2023 21:51:36 GMT
last-modified: Fri, 24 Feb 2023 11:49:01 GMT
etag: "6ca7442dfba9d9e783f10f04dfcaa249"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: EeAuev5BR.L0J.zPMfzcfFtHep67RUi.
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gr6hJWWDREavFTtanN0Zjg2YRH1Y5IBCd9PX0QqklKa0yo3b4wBj1A==
age: 518758
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/index.html
200 OK 325 B URL HTTP/2 cdn.useproof.com/proxy/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash f92252b1f21fd30ac52b59395971ecdb
ecb588481454091dcfea3c925c83577425497626
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
GET /proxy/index.html HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: text/html
content-length: 325
x-amz-id-2: P0ByiOFvN0qy6j76AovFFYCkVre4EDF3I9WF31pTs0q51S+vufKaI6TUlVQgj3aGDBOzDFaZnQw=
x-amz-request-id: E3QEWEAA4GQVH672
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsVvs2Nqr013Sxv1jN72NXCpj%2BfM2TnYR5nuhxPNAMb2w4rZZs1RJK1wpJcqMVbv1C8m9PtSb9X2ZOYNPeWBgWzPsQ60mUo8sKzh%2BhWIphVus2Y1yD3qzh7UCdbh1N%2BfXimV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22ba0ef1cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/p/action/27015508.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27015508.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27015508.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6581E374E5048F8925E9FE9FC1F0394 Ref B: OSL30EDGE0505 Ref C: 2023-03-24T21:57:33Z
date: Fri, 24 Mar 2023 21:57:33 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.936575bc1767492884db.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.936575bc1767492884db.js
IP
File type Unicode text, UTF-8 text, with very long lines (50842)
Hash d6165b54ac1bedfdf423823cc05855ac
c59efe41c8303c4954af5b4fda66b06c54ca30f3
4008352d5fd357e2dc85ca061c490b16707e690bf74489ccb0cb72d2a792c701
GET /modules.936575bc1767492884db.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69056
date: Fri, 24 Mar 2023 15:40:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "d6165b54ac1bedfdf423823cc05855ac"
last-modified: Fri, 24 Mar 2023 15:39:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ItbHi0GzanddxclxmXXoosRcTaJ399JDdVbHg3NL98rqhpkKxllR6Q==
age: 22646
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f0f306ea49f1bd3f358f7579513e7377
c2845c696f6685a211bc040895d28ebf23fa1bc0
cda7588d5040ef3c8e83955838618a0ed0a6ee242d24abf5af697b2289fc8bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
200 OK 8.6 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
IP
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b5dc3661602dcf8810766c01556df41b
a84687898568cf8ae0ba6c4b35886b3ee4dfbd17
91e84a8da7499abc9388eed1192e8363c8dfe07e28e6300c69ee25be1a4eb994
GET /wp-content/uploads/2016/08/apple-touch-icon-144x144.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true; UltraCartShoppingCartID=15B930C42150D9018715A07F431F8B00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: image/png
content-length: 8622
server: Pagely-ARES/1.10.28
x-gateway-request-id: 8a7cdaa0bf244a72a1dce13f0e2a6302
last-modified: Fri, 23 Sep 2022 23:01:07 GMT
etag: "21ae-5e960272eb24c"
expires: Tue, 11 Apr 2023 09:43:55 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10175858.json
200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10175858.json
IP
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ad716787c5ee7f50ab6806a8dfac76d
31d18a36b7472a44913f9871c1ea0d3530f17060
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
GET /wi/config/10175858.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3VD+fkRFl3x+SKgpvzF9IHPXixq4VOwn3wf3tAwpv8nwiEfL/d0e3FqWkQId5mPPuIwAVMmSERE=
x-amz-request-id: AFF7SYGF1ZSQB2ED
date: Fri, 24 Mar 2023 04:57:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 19 Feb 2023 18:55:23 GMT
x-amz-expiration: expiry-date="Tue, 26 Mar 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: a1p9k2x2CfLow7aa._kiTa1S348t_r0P
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
age: 61219
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
200 OK 18 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
IP
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash d094840fd6b5b489b25f18a22a493822
29a59e8c0250e81421609d5c7c25f20776fdaa4a
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
GET /wp-content/uploads/2015/10/favicon-152.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true; UltraCartShoppingCartID=15B930C42150D9018715A07F431F8B00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: image/png
content-length: 18176
server: Pagely-ARES/1.10.28
x-gateway-request-id: 4003b069bc4d64427218cb3eff220cf2
last-modified: Fri, 23 Sep 2022 23:00:59 GMT
etag: "4700-5e96026c123c4"
expires: Thu, 20 Apr 2023 08:05:07 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10056129.json
200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10056129.json
IP
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash fc5f6676b4f2531b36b8c7120da6ecca
e7ddbe9b016bc7594e9d5f3a7bf960b56226d5de
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
GET /wi/config/10056129.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pup/Qn5VtK2oXoBmrdGtrverQcZz8vmXF3D34SL3wbYpN6vzvz5O3olEh6bRYmPPfuevU7LIlI4=
x-amz-request-id: BZMAQBCJ92YBP2NK
date: Thu, 23 Mar 2023 22:14:59 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 85355
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
200 OK 19 kB URL HTTP/2 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
IP
File type ASCII text, with very long lines (11879), with no line terminators
Hash d87807aac7607224695afd320d2991fd
2e81b1a626b438facc81a351b055a313fd670c2a
fcb7dee92bdb274ede47fd9b0154ab430ed6ceffdd89f2265038f4b654832f9c
GET / HTTP/1.1
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
x-amz-apigw-id: CThD1EbWjoEFWdg=
x-amz-cf-pop: ARN54-C1
x-backend-region: eu_west_1
date: Fri, 24 Mar 2023 21:57:31 GMT
age: 1920
x-cache: Miss from cloudfront, HIT
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
vary: Accept-Encoding, Referer
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.180.0
content-encoding: br
accept-ranges: none
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9b762efe5751eb25cd26ca67ad6dcf22
661f1247ecc842236957d05747967ec4f20835a2
c51c54e54ffc33cc7643bb0a64da2265f93efaf38838351ec0f2a2fe102efa2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9b762efe5751eb25cd26ca67ad6dcf22
661f1247ecc842236957d05747967ec4f20835a2
c51c54e54ffc33cc7643bb0a64da2265f93efaf38838351ec0f2a2fe102efa2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619
302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:32 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 6341398
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/proxy.js
200 OK 114 kB URL HTTP/2 cdn.useproof.com/proxy/proxy.js
IP
File type Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size 114 kB (114404 bytes)
Hash 9f4d60f4f2b143cadacb2b8b3a901401
8c25b07f5122f9875920498c20ede6045320f479
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
GET /proxy/proxy.js HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/proxy/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: application/javascript
content-length: 114404
x-amz-id-2: 89mGSaucB7OjHm3FRQBiBQcmKC+V2ktI5u74MTINKNwc2u5ySYZfJ6GF9YgVHZfpcwZCu7ZC4WU=
x-amz-request-id: QJTP31T166PXBTC4
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
age: 1230242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu4F7UvLgYsu%2BdLzVZC%2B%2Fo%2Fg9pehs%2FwdLm7zyRZPA%2F3iMb8wEKsOswRH5hjgzwmoFcSrvfaxNuhOhb7qfIuudy%2FaQiKhz9WCGefWdBaOSzOG3Wj6CqyB4SmOqCq3nIJEWruS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad22ba5dd32b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
200 OK 10 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 10104
date: Fri, 17 Mar 2023 12:44:28 GMT
x-amzn-requestid: 0fc337e3-5fbd-49fe-868d-9e4a322a2719
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 10104
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: B7QK7GW4IAMFmxA=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-641460ac-5775d43a25fdeaf11ee9bb3e
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ruhjby6iEx2Gj2n1TrV1585Mk5rxCUxzbJsISZV3lMBsQ7aITIms9w==
age: 637985
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 23580
date: Thu, 24 Nov 2022 07:26:11 GMT
x-amzn-requestid: 229c539e-f578-4cbe-ad90-4700e38173bb
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 23580
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: cGFm_F5joAMFxkg=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-637f1c92-22753e44241a7b6d6802460c
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _qACaiLit4gX_TjoTFh095vRcs6vL8ocjqIOI5iSfZjNXvU3ScTaLA==
age: 10420282
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 15860
date: Thu, 24 Nov 2022 06:00:34 GMT
x-amzn-requestid: df61c0d2-f819-4ae2-b585-22e911861252
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 15860
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: cF5EaHbQoAMFbNw=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-637f0882-35167641258e121b2c80c00f
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CygTYJipcSnQtOecyclj0FZyhEorUjNfauJvXfJrgl7MeNcl1CTG2g==
age: 10425419
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 15744
date: Thu, 09 Feb 2023 21:22:28 GMT
x-amzn-requestid: 8925fb09-f12c-41c4-b894-90863074e52d
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 15744
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: AFyTLFb-oAMF_og=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-63e56414-21d7d0aa0baae5446cdbee01
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 49leI4zJiU1Yv0Jse6GA6t7L6OYns2YsTEBj0T-9QGy_6w-ZoKOblg==
age: 3717305
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/wistia-mux.js
200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP
File type ASCII text, with very long lines (65468)
Hash fa03c21a6e8952e171cdcd98dcfa7b3c
e24d08b3ba411a5f3d4f6b0fd94010a24a7173b4
6d4c76da123aaa59aef4ff4c5b28c086570f2fb8c606bcfe497d9de352f18151
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "fa03c21a6e8952e171cdcd98dcfa7b3c"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:33 GMT
age: 842
x-served-by: cache-iad-kjyo7100156-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 20
x-timer: S1679695054.790605,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 31306
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 3f29dd1ba201c3d578f18e0685ee97bc
f576e67dba40256caf0fd28ecf8a4c0d7d8054f6
b831ea594d5932196c2031b367b40d2daadf9af8afce9d45a3272b5b1866ea56
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1336
Cache-Control: max-age=167885
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:33 GMT
Etag: "641e0462-1d7"
Expires: Sun, 26 Mar 2023 20:35:38 GMT
Last-Modified: Fri, 24 Mar 2023 20:13:22 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%227ba116b9%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1679695064912
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%227ba116b9%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1679695064912
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%227ba116b9%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1679695064912 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1817797653440931
date: Fri, 24 Mar 2023 21:57:33 GMT
akamai-grn: 0.540a655f.1679695053.16b6cb9
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw%22%7D&cb=1679695064910&dep=2%2CPAGE_LOAD
200 OK 372 B URL HTTP/2 ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw%22%7D&cb=1679695064910&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043
GET /user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw%22%7D&cb=1679695064910&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1HSTRPRGsxT1dRdE1qSm1PQzAwWlRaa0xXRTJOak10TkRBMllXSTJZamcyWm1Zdw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://pages.upwellness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 8
referrer-policy: origin
x-pinterest-rid: 1604513107482753
date: Fri, 24 Mar 2023 21:57:33 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1679695053.16b6cb8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 15740
date: Thu, 24 Nov 2022 09:03:12 GMT
x-amzn-requestid: eb32f326-3950-41dd-8488-d844929cbbba
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 15740
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: cGT0qFNKIAMFvMQ=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-637f3350-2d35c3414d8fb1bf5440d7b8
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zU69xByUXZmIkiZjkyNx3ZoWMzAy35j2NI-iveILLBDSTjGEjsTM9A==
age: 10414460
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.9267301259933722&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386
200 OK 0 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.9267301259933722&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.9267301259933722&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; AWSALB=6jH1tCp1qfCCTQBsr/qHMi5XLB0JeiaMjEZvdpOs/Qu8aFkWzf0yfIhDMOjZd2H4Cjgu8MoFGYLOChgr6tBJsWxxW0sErVThsrgk6kiS8hIoqCShbMLXxLyPpPnP; AWSALBCORS=6jH1tCp1qfCCTQBsr/qHMi5XLB0JeiaMjEZvdpOs/Qu8aFkWzf0yfIhDMOjZd2H4Cjgu8MoFGYLOChgr6tBJsWxxW0sErVThsrgk6kiS8hIoqCShbMLXxLyPpPnP; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; UPWEL-ANP=6141; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-cb36f2de-451e-42cf-bbb9; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjp0cnVlfQ==; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true; UltraCartShoppingCartID=15B930C42150D9018715A07F431F8B00; JSESSIONID=abc4zD9WxTHCzLS2KPpsg; LBJSESSIONID=abc4zD9WxTHCzLS2KPpsg.n246; _li_dcdm_c=.upwellness.com; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; cl4975ot4arrr6_source=Direct; cl4975ot4arrr6_session_starts=1679695064899; cl4975ot4arrr6_session_ends=1679696864899; cl4975ot4arrr6_utmParams=%7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D; _dc_gtm_UA-28307243-3=1; _hjIncludedInSessionSample_795540=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-length: 0
set-cookie: AWSALB=xSNDds51OXQ695FM82uCaqU2RVSHv+slDWyP5a9JW/0atBB/rMhTCO6bfGUmT6JckbobE4XnTaItCWfZSOWs8JzvV0GPF9WMA/41eXs82T8rZuYNiki2rRt+aDkd; Expires=Fri, 31 Mar 2023 21:57:33 GMT; Path=/
AWSALBCORS=xSNDds51OXQ695FM82uCaqU2RVSHv+slDWyP5a9JW/0atBB/rMhTCO6bfGUmT6JckbobE4XnTaItCWfZSOWs8JzvV0GPF9WMA/41eXs82T8rZuYNiki2rRt+aDkd; Expires=Fri, 31 Mar 2023 21:57:33 GMT; Path=/; SameSite=None; Secure
server: Apache
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
200 OK 27 kB URL HTTP/2 fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a4b9fd88284c1462788d3775167325c6
0824d56e2755f3fac8b48fa74c3aff5d9dd785d2
caf8760a301749a0c6c441ffe452fab2f5d08765065732547107d79840e947e2
GET /assets/external/thumbnailTextOverlay-v2.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "a4b9fd88284c1462788d3775167325c6"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:33 GMT
age: 842
x-served-by: cache-iad-kcgs7200111-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 29, 2
x-timer: S1679695054.884656,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 26691
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/videoThumbnail.js
200 OK 20 kB URL HTTP/2 fast.wistia.com/assets/external/videoThumbnail.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d1ab30cd4b4232f568f99773b47cc302
a6b85cead283bcc59f9275a41c185fa27d06d2be
aad8505dd60ced5fbbc6bbb74b5d1e90a2065420a788de1e6fe2ad66d9490093
GET /assets/external/videoThumbnail.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "d1ab30cd4b4232f568f99773b47cc302"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:33 GMT
age: 843
x-served-by: cache-iad-kjyo7100091-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 3
x-timer: S1679695054.887637,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 19996
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?optOut=false&bust=07590761718564462&referrer=&marketerId=00ecfc580bbba23ea48e25b4bb418ef655%2C00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&g=1&obApiVersion=1.1&obtpVersion=2.0.5
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?optOut=false&bust=07590761718564462&referrer=&marketerId=00ecfc580bbba23ea48e25b4bb418ef655%2C00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&g=1&obApiVersion=1.1&obtpVersion=2.0.5
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?optOut=false&bust=07590761718564462&referrer=&marketerId=00ecfc580bbba23ea48e25b4bb418ef655%2C00e83052a71a1dff3bc62d5d40765808fc&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&g=1&obApiVersion=1.1&obtpVersion=2.0.5 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 21:57:33 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 8a335b23919d94f65ad9b2ec59ae6863
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 92411fe2d81141fc1bc08bdb6b366334
a9a5582489c515fa7be0f10d486cb671d69059cd
908b3136c0e50026cb3ee356fa0aafd91493d8c02dcac07215d49da76943efa1
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112584
Date: Fri, 24 Mar 2023 21:57:33 GMT
Etag: "641d2baa-1d7"
Expires: Sun, 26 Mar 2023 05:13:57 GMT
Last-Modified: Fri, 24 Mar 2023 04:48:42 GMT
Server: ECAcc (nya/78E9)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yNaHyI9L5Q3OHR_xqyQHgPxeGHWddW08dvdaSbIippbQNTMPhw4Qsg==
Age: 1516
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 92411fe2d81141fc1bc08bdb6b366334
a9a5582489c515fa7be0f10d486cb671d69059cd
908b3136c0e50026cb3ee356fa0aafd91493d8c02dcac07215d49da76943efa1
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114008
Date: Fri, 24 Mar 2023 21:57:33 GMT
Etag: "641d2baa-1d7"
Expires: Sun, 26 Mar 2023 05:37:41 GMT
Last-Modified: Fri, 24 Mar 2023 04:48:42 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XnJtOZ_btFxmhJa2YJyWyZTCtdLtW5fMVnre9fIeC93WJjoJ-q4svw==
Age: 2939
ocsp.digicert.com/
200 OK 471 B IP
Hash 1bd931d1709def47ca088cc42ce2e643
dba91f1108ee0ae8c35a2495b8f2196f5a1f662a
7c576b751256ee1a587f98d1bd3ab7ce4dedaacbeb96cb998bbeee998139eb39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3806
Cache-Control: max-age=159870
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:34 GMT
Etag: "641ddb6e-1d7"
Expires: Sun, 26 Mar 2023 18:22:04 GMT
Last-Modified: Fri, 24 Mar 2023 17:18:38 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
events.ub-analytics.com/i?stm=1679695064946&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=fe6fc023-86fc-4619-a7ee-72d2e28936d7&dtm=1679695064944&vp=1280x939&ds=1268x1251&vid=1&sid=8c3b0941-324c-4c90-ac24-2a41a26f264e&duid=cbbbdaed-a65f-442d-a591-db9d9b13ea55&uid=d4d83f37-37e9-4ce4-aa90-573ababdc90a&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJzaW5nbGUifX1dfQ
200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1679695064946&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=fe6fc023-86fc-4619-a7ee-72d2e28936d7&dtm=1679695064944&vp=1280x939&ds=1268x1251&vid=1&sid=8c3b0941-324c-4c90-ac24-2a41a26f264e&duid=cbbbdaed-a65f-442d-a591-db9d9b13ea55&uid=d4d83f37-37e9-4ce4-aa90-573ababdc90a&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJzaW5nbGUifX1dfQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1679695064946&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=fe6fc023-86fc-4619-a7ee-72d2e28936d7&dtm=1679695064944&vp=1280x939&ds=1268x1251&vid=1&sid=8c3b0941-324c-4c90-ac24-2a41a26f264e&duid=cbbbdaed-a65f-442d-a591-db9d9b13ea55&uid=d4d83f37-37e9-4ce4-aa90-573ababdc90a&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZmJlOTE4OTItNTA3MC00NjVlLTkxNGEtZDUzYmFiOTVmMTk5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJzaW5nbGUifX1dfQ HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.2.9
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1679695064940&e=se&se_ca=external-conversion&se_ac=conversion&tv=js-2.14.0&tna=sp-ub-ext&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=602b71a7-1ea1-4d37-8526-d800e65b7704&dtm=1679695064932&vp=1280x939&ds=1268x1251&vid=1&sid=8c3b0941-324c-4c90-ac24-2a41a26f264e&duid=cbbbdaed-a65f-442d-a591-db9d9b13ea55&uid=d4d83f37-37e9-4ce4-aa90-573ababdc90a&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U4ZTBmM2EtOWMyMy00OWZjLWE4ZTktYTBjMmIyODg3MDlmIiwidmFyaWFudElkIjoidSIsImV2ZW50VHlwZSI6ImV4dGVybmFsX2NvbnZlcnNpb24iLCJldmVudE1ldGFkYXRhIjpbImNvbnZlcnNpb24iXSwicm91dGluZ1N0cmF0ZWd5Ijoid2VpZ2h0ZWQifX1dfQ
200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1679695064940&e=se&se_ca=external-conversion&se_ac=conversion&tv=js-2.14.0&tna=sp-ub-ext&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=602b71a7-1ea1-4d37-8526-d800e65b7704&dtm=1679695064932&vp=1280x939&ds=1268x1251&vid=1&sid=8c3b0941-324c-4c90-ac24-2a41a26f264e&duid=cbbbdaed-a65f-442d-a591-db9d9b13ea55&uid=d4d83f37-37e9-4ce4-aa90-573ababdc90a&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U4ZTBmM2EtOWMyMy00OWZjLWE4ZTktYTBjMmIyODg3MDlmIiwidmFyaWFudElkIjoidSIsImV2ZW50VHlwZSI6ImV4dGVybmFsX2NvbnZlcnNpb24iLCJldmVudE1ldGFkYXRhIjpbImNvbnZlcnNpb24iXSwicm91dGluZ1N0cmF0ZWd5Ijoid2VpZ2h0ZWQifX1dfQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1679695064940&e=se&se_ca=external-conversion&se_ac=conversion&tv=js-2.14.0&tna=sp-ub-ext&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=602b71a7-1ea1-4d37-8526-d800e65b7704&dtm=1679695064932&vp=1280x939&ds=1268x1251&vid=1&sid=8c3b0941-324c-4c90-ac24-2a41a26f264e&duid=cbbbdaed-a65f-442d-a591-db9d9b13ea55&uid=d4d83f37-37e9-4ce4-aa90-573ababdc90a&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U4ZTBmM2EtOWMyMy00OWZjLWE4ZTktYTBjMmIyODg3MDlmIiwidmFyaWFudElkIjoidSIsImV2ZW50VHlwZSI6ImV4dGVybmFsX2NvbnZlcnNpb24iLCJldmVudE1ldGFkYXRhIjpbImNvbnZlcnNpb24iXSwicm91dGluZ1N0cmF0ZWd5Ijoid2VpZ2h0ZWQifX1dfQ HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.2.9
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 59f0f4acdc27a83e3230430b81ef5e41
6d934d3465e9928aa751ced935545a3b9721da08
23b9412469d04ddad10b5ae6a2d8b035b6dac5ae8a0e96065b80df85040ca39f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5719
Cache-Control: max-age=121099
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:34 GMT
Etag: "641d3c82-139"
Expires: Sun, 26 Mar 2023 07:35:53 GMT
Last-Modified: Fri, 24 Mar 2023 06:00:34 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 59f0f4acdc27a83e3230430b81ef5e41
6d934d3465e9928aa751ced935545a3b9721da08
23b9412469d04ddad10b5ae6a2d8b035b6dac5ae8a0e96065b80df85040ca39f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5719
Cache-Control: max-age=121099
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:34 GMT
Etag: "641d3c82-139"
Expires: Sun, 26 Mar 2023 07:35:53 GMT
Last-Modified: Fri, 24 Mar 2023 06:00:34 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 313
a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd
302 Found 313 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd
IP
Hash 9e6519d96b8e29123560b7b3aa9f76c0
907ea9e12e01ffb9de50eee6c5d52fe8ac2d34a3
5cd0eaa1202fdc5e233590bb0bb7c46bfde08b04d856b40a799af996b1bbb315
GET /px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&c=24a3d6f0fe7dd9c
x-frontend: cc-nginx-5cbb6f69b-5fxmf:cc-nginx-5cbb6f69b-5fxmf
x-requestid: 8fe3a94c-f45c-480b-aae1-f433fa3e9a26
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxCcA7I6ugBcxFv19iwCfsCmEH28jXj4li7GDR8GPVLap6K6es7OMLWJHTrtf6acLSmgvEpbDJCGfTzLnpTLn1RJxmzm8%2Flb9tJM5jZFLq%2FJTssb7wQm7PjBbYXnp3QqPw3R%2BLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22ba8dfcdb4ff-OSL
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 114 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
Size 114 kB (114534 bytes)
Hash 28da34ac5750ab8f73362db6509fbba7
549e78f7c260f7985ddc534012446e36a949b169
0e657d9617f34f33d93e04b29775908fa5eabd29bef6fa90fb7a1359d5bbdaea
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 68528
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash d222fcd066633affec3c4c068c954caf
5a42d659a0166a6b3f5357bdabb1b6d36e0e362e
2385744279e0bffdf6c9467315ac30c0be4a1e5c08f093aba54f07424e29825c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143664
Date: Fri, 24 Mar 2023 21:57:34 GMT
Etag: "641d9ad1-1d7"
Expires: Sun, 26 Mar 2023 13:51:58 GMT
Last-Modified: Fri, 24 Mar 2023 12:42:57 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bGO4evgmiFL4UVnqDjUDtLDVWSePIqsx2JT0IzU1mreJNIP0TGgLyg==
Age: 4141
rp.liadm.com/j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4 HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:34 GMT
content-length: 0
trace-id: 9febc120cc859faa
vary: Origin
location: /j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
set-cookie: lidid=400df780-297e-4705-b386-6f2ba3556a4c; Max-Age=63072000; Expires=Sun, 23 Mar 2025 21:57:34 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619
200 OK 4.7 kB URL HTTP/2 widget.us.criteo.com/event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619
IP
Hash 6f259db9452dc75880c9958b83923073
61ff6c526f6f01cbe75f2e2540e49865cb411f54
f880f7d38eeade00769f542e18d354202338a8a0ff6d793dea8e99771324a94a
GET /event?a=102531&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&tld=upwellness.com&dy=1&fu=https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff-2%252F%253Foffer%253D2%2526session_id%253D102ac81d925f5afd9639ce6e3d8235%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_2386&dtycbr=15619 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 12029015
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
200 OK 935 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP
Hash 54e04e57e88d74a60196669ecbaf5132
8fd9863557e8f0b48f7819134cbbb763aa3738bc
52ca1b622d74aa26eaee290a0cf208c22402b4657592cfdb53306e48ae3afc38
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"52ca1b622d74aa26eaee290a0cf208c2"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 93f5e9c557d79f470df37af0b0fb530c
x-runtime: 0.034506
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:34 GMT
age: 0
x-served-by: cache-iad-kcgs7200134-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 1
x-timer: S1679695055.643762,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 935
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&id=cl4975ot4arrr6&uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd
200 OK 561 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&id=cl4975ot4arrr6&uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd
IP
File type JSON data\012- , ASCII text, with very long lines (561), with no line terminators
Hash 4b960827ff31152049d94dcc6edab3e9
47abe46f1d310dab0c055786ccb2e20e7733d780
088dab1437246e087641e331e119e91a5f2d86f005d557b6ffff005f83cd5acb
GET /externalIds?customerlabs_user_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&id=cl4975ot4arrr6&uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Fri, 24 Mar 2023 21:57:34 GMT
Server: nginx
Content-Length: 561
Connection: keep-alive
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"52ca1b622d74aa26eaee290a0cf208c2"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 24 Mar 2023 21:57:34 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"52ca1b622d74aa26eaee290a0cf208c2"
age: 0
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1679695055.702309,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
200 OK 107 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
IP
Size 107 kB (107228 bytes)
Hash c1f85ab9545d802f52b6130dc073fd18
efa7e669f9f3b5fcf1b0effdd41ba78537ef7422
876de18e83e13739b393e42acd0287e6ec5fcc9d7f589a253026a2f9adb2595a
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 107228
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
surrogate-key: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
accept-ranges: bytes
date: Thu, 23 Mar 2023 11:42:31 GMT
expires: Fri, 22 Mar 2024 11:40:29 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FXv-r3cz4JF9Z6QXBez-b9VqD4tpFUJ0WORbG6YTnI6xQMpo_oFVfw==
age: 123425
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
fast.wistia.com/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "641e1922-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 24 Mar 2023 21:41:54 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:34 GMT
age: 843
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 51, 15
x-timer: S1679695055.726183,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&c=24a3d6f0fe7dd9c
302 Found 107 kB URL HTTP/2 a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&c=24a3d6f0fe7dd9c
IP
Size 107 kB (107380 bytes)
Hash 5debb8c0838077e58286bffa3e6bfae3
72fbd2352ee84508521cb76cb07002e1d1aa9f6b
fc4b442f47c24acd76d1d76eccf17ff37a4147c11ddd78adcdc7f94b42d1f5c8
GET /px/smart/a/?seg=uc-grplus-vsl01-aff-2&partner_id=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd&c=24a3d6f0fe7dd9c HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pages.upwellness.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=1; _ccpx=24d1add2443e239; _ccpx_24d1add2443e239=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:34 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-hnr6k:cc-nginx-5cbb6f69b-hnr6k
x-requestid: 2b6fd504-bc84-4a26-9883-801b360aec62
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmakKgeKHvzz7cTV4jFYtlQvRk3Fly0M6zPcvSDv9cCVnSjzXBMvD%2BM8Y5Bhsr00tmls9p35FC2pC0UWS1aPNj7xeTQ9bu2rhiv8l%2BsU5T4LXNlYjbzTmyGqpa4CzmJg450lqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22ba9d8760b02-OSL
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
200 OK 485 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 485 kB (484664 bytes)
Hash b7735798b762d519cb4886f5f5da5bd0
be1cebaf2a46bef7442b69d48557bd362607ea2d
05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
content-length: 484664
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
surrogate-key: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
accept-ranges: bytes
date: Sat, 18 Mar 2023 15:58:07 GMT
expires: Sun, 17 Mar 2024 15:49:48 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lcdOtQtkPK0v_Q-r_rC_v2tSnqpmX8Lvdx1RpuyGmeqxk6DdVj7pVw==
age: 540466
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 1.6 MB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Size 1.6 MB (1558565 bytes)
Hash adf91a55c4637a4a00c0d423a7b68ad6
68da9e08587eca5a92c405245d48c18632072a10
866c42a677845c21aba49877ceb04231fe348650111bea73f64ad821271544fc
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 70121
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1679695065301&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq&tna=v2.7.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Referer: https://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: application/json
content-length: 13
trace-id: 13a364541c5b4e13
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 06491f1c-7717-41e0-b2ea-b2f7cf3520b5
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 840
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Fri, 24 Mar 2023 21:57:34 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
200 OK 107 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
IP
Size 107 kB (107228 bytes)
Hash 029a0cbfa6666836d0a5523b59abd11c
fd0a44715dd33d79c3da76a9d49d4828d004296e
a25d2674b1e57094f1abce6ba27f63e639fbbf339bb164ed30d107d9d92f71bd
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 107228
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment e8f7486c0e96f7d02b5cd8d92956581d159a943a
accept-ranges: bytes
date: Mon, 20 Mar 2023 12:16:20 GMT
expires: Tue, 19 Mar 2024 11:59:50 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1yyYDtDHdeQdXxOgGweOA2oRit0CozlVI3afr2gbVszXB3hLwE4WKw==
age: 381465
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/interFontFace.js
200 OK 18 kB URL HTTP/2 fast.wistia.com/assets/external/interFontFace.js
IP
File type ASCII text, with very long lines (45349), with no line terminators
Hash 53c97190603845aa22fe260f7ec735c4
a16cfa041fdd5e6652d23cde3ac4c207b8dd5276
091e2d49b6d1c2a135481ce5d39810dcf6debcc9da5879c450ee7d40765237a5
GET /assets/external/interFontFace.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "53c97190603845aa22fe260f7ec735c4"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:35 GMT
age: 844
x-served-by: cache-iad-kiad7000034-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 38, 6
x-timer: S1679695055.001174,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 18150
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
200 OK 217 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 217 kB (216952 bytes)
Hash 4623e44ce676c904300654bcf080dcf0
ad6d26d688448a627c1256cf7443ec0af8cd9e21
1a5ba73a0dc667b06ed9d02518d62a0035d6df2e4f2825455bb47ed19794a3e7
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
content-length: 216952
server: envoy
date: Sat, 18 Mar 2023 12:30:28 GMT
expires: Sun, 17 Mar 2024 12:30:28 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
surrogate-key: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 85
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bq463pTkVGxaz3PMvDzblVLF4ArFF-MvQChMG-OoeuITBXg3QUR_rw==
age: 552427
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 12e0272fd98e87731adaa1c93f187b68
3eec99b210e22bf65f15994605f47d9a54308fc3
8e73383437bc38cb01c367aeb6958411a28486a13797b699912d74d25279d16f
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145749
Date: Fri, 24 Mar 2023 21:57:35 GMT
Etag: "641dae62-1d7"
Expires: Sun, 26 Mar 2023 14:26:44 GMT
Last-Modified: Fri, 24 Mar 2023 14:06:26 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gcHfz6fCQoSzTxkQGJIPShHuSXuMOB1ORKL0kGd2nHSjMh4gY4fzLQ==
Age: 1218
io.v2.customerlabs.co/cl
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 847
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Fri, 24 Mar 2023 21:57:35 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive
tag.trovo-tag.com/193f0456
200 OK 486 B URL HTTP/2 tag.trovo-tag.com/193f0456
IP
File type HTML document, ASCII text
Hash 071c5244c366909d829e5996f3ea111b
b3e7aafb4231cd3df861d3372f24886f6a55cd4f
12ca95a00cbdef287640af248bbf243cabee59d51bdba3669d7491ed2449b3c8
GET /193f0456 HTTP/1.1
Host: tag.trovo-tag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 486
server: CloudFront
date: Fri, 24 Mar 2023 21:57:35 GMT
cache-control: no-cache
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T6VatdV0FYpIANn6RavSFb8IzdSSDFTZzHX89t0OLtY50TV7Rfajwg==
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8
200 OK 106 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8
IP
Size 106 kB (105863 bytes)
Hash 0f515475b905e967311f8336e23936b4
ec34ecc62cf74d5decf3d0c8aae8f0372beb3f2d
bbf10f0e092a435e37ea9d53ef385dfb584b9d7fe64f718d70ab2569c8166bf9
GET /deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 105863
server: envoy
date: Wed, 22 Mar 2023 17:31:04 GMT
expires: Thu, 21 Mar 2024 17:31:04 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 6aa0268895adbc96ea65d5f4821d3277f0b7fae6-hls-segment
surrogate-key: 6aa0268895adbc96ea65d5f4821d3277f0b7fae6-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 183
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l89lufJIadZLoQhbMelpRlff-HH1EHlrl4XYy3DWPPvgPC1QgNq1yQ==
age: 188791
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8/seg-1-v1-a1.ts
200 OK 692 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 692 kB (692216 bytes)
Hash d8c0465ef41f21e2b652b724d437bdbf
cb87397f1408599674756f2a5db25c077f2a27ae
43fab511438c400cab6997c7d93fd13c8d0f0300ad19c57319ab76b10ef1d8e0
GET /deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
content-length: 692216
server: envoy
date: Thu, 23 Mar 2023 06:47:42 GMT
expires: Fri, 22 Mar 2024 06:47:42 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 6aa0268895adbc96ea65d5f4821d3277f0b7fae6-hls-segment
surrogate-key: 6aa0268895adbc96ea65d5f4821d3277f0b7fae6-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 432
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -Tq9_-JniBQo81HaNQGR2eyhNxqeB0apl-rE4t5cW1x4cvDVMMTARQ==
age: 140993
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8/seg-1-v1-a1.ts
200 OK 692 kB URL HTTP/2 embed-cloudfront.wistia.com/deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 692 kB (692216 bytes)
Hash d8c0465ef41f21e2b652b724d437bdbf
cb87397f1408599674756f2a5db25c077f2a27ae
43fab511438c400cab6997c7d93fd13c8d0f0300ad19c57319ab76b10ef1d8e0
GET /deliveries/6aa0268895adbc96ea65d5f4821d3277f0b7fae6.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
content-length: 692216
server: envoy
date: Thu, 23 Mar 2023 06:47:42 GMT
expires: Fri, 22 Mar 2024 06:47:42 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 6aa0268895adbc96ea65d5f4821d3277f0b7fae6-hls-segment
surrogate-key: 6aa0268895adbc96ea65d5f4821d3277f0b7fae6-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 432
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MfgPiEscuenUULfc0ie0t0UIMugM9c4PQ5zQT3MNqZUYjHvjKMV4fQ==
age: 140993
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cb7030061189363dd5c6e19e587c8a1b
9ce9fc57f978a8c0165975d5a59f1fa3fc729d4b
37a438312c407da88d8b2acd40dd7b3100d6dcab998dce212b428c2ce842fd6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:35 GMT
Last-Modified: Fri, 24 Mar 2023 20:38:27 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 781b4af70657e7d99c1e68c20d8b1750
0a816296c760417455aba6f61057b1627394ee1e
f5dce5eb8b83de7fa991b851b3b3c29c23dfd1ced80bd3b73ae846590512feda
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 21:57:35 GMT
Last-Modified: Fri, 24 Mar 2023 20:33:45 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G0-jkVVp6ZXbrxj3KwhpoQOl45Pkxl9ZuwyWtu7TLGZc6W3GSqZOXg==
Age: 5031
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash de0905bbab86d4515e98d6237fcb8bd1
6e4252affc8af2e1ed92fba4cb872545b17d88f2
fc32acf4d139ccac71c7dd935b429b793fff1d61ffeadb4afd9b62ea16a46a19
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120170
Date: Fri, 24 Mar 2023 21:57:35 GMT
Etag: "641d359f-1d7"
Expires: Sun, 26 Mar 2023 07:20:25 GMT
Last-Modified: Fri, 24 Mar 2023 05:31:11 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -K92WH4DBIk_JShFAMMHoBJmXAu-WbUaPaBGtckET-PdWfSlnBcJAg==
Age: 6554
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:35 GMT
expires: Fri, 24 Mar 2023 21:57:35 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBM8cHmQCELM1_U9jgs3zMj3VzQA8WV8FEgEBAQFuH2QoZAAAAAAA_eMAAA&S=AQAAAsHJ5u0khg1BaQdv8p_1TeQ; Expires=Sun, 24 Mar 2024 03:57:35 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2024%20Mar%202023%2021%3A57%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2024%20Mar%202023%2021%3A57%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Fri%2C%2024%20Mar%202023%2021%3A57%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:35 GMT
expires: Fri, 24 Mar 2023 21:57:35 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBM8cHmQCEAGyyZn9lgkGAnbW9Eppj20FEgEBAQFuH2QoZAAAAAAA_eMAAA&S=AQAAAvCPVHiflT8S6TJ52ebIOQU; Expires=Sun, 24 Mar 2024 03:57:35 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.prod.bidr.io/cookie-sync/cience
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/cience
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/cience HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 24 Mar 2023 21:57:35 GMT
location: https://match.prod.bidr.io/cookie-sync/cience?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 24 Mar 2023 22:07:35 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/cience?_bee_ppp=1
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/cience?_bee_ppp=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/cience?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 24 Mar 2023 21:57:35 GMT
location: https://a.usbrowserspeed.com/cs?pid=beeswax&puid=
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
a.clickcertain.com/px/ta/?done=true&ta_id=030b3396-8404-4792-96a2-f45a0ac89ce0
204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=030b3396-8404-4792-96a2-f45a0ac89ce0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=030b3396-8404-4792-96a2-f45a0ac89ce0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24a3d6f0fe7dd9c; _ccpx_24d1add2443e239=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:35 GMT
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:35 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-dclrs:cc-nginx-5cbb6f69b-dclrs
x-requestid: 8c186c48-3426-4bfb-a488-04c15e9bd17f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGnjtK5TpVpz4e7g7hmWQl8UycjRuC9%2F91XZ2NTTLUVGhabP2HKuh%2Ff6kAMJREAUXXy47ixX8tb9TYBJ56fo7ggWU%2FPus2K6RipJTvOiJ93nNWvQV%2B8ZmKEyehir42sn0z6qlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb1a8730b02-OSL
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash e0b179531e400596053df781e12b6d2a
a22d806b17b0d531c317a86aec92a66d60019aaa
9fea7bbeab5cc67a0bdedc967ab21488a12ebb8dd85fa8d77b0c2b25b6fd448d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171463
Date: Fri, 24 Mar 2023 21:57:35 GMT
Etag: "641e02d3-1d7"
Expires: Sun, 26 Mar 2023 21:35:18 GMT
Last-Modified: Fri, 24 Mar 2023 20:06:43 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CFhffw__bRt5TNGZYTVFtGUro2ugGwGP2txMot3jJ5ChyXfCmDWeig==
Age: 5315
a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
204 No Content 0 B URL HTTP/2 a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/ HTTP/1.1
Host: a.usbrowserspeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag.trovo-tag.com/
Cookie: tuid=b1818a3f-45ec-44cf-93fe-e56405e41a5e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: awselb/2.0
date: Fri, 24 Mar 2023 21:57:35 GMT
set-cookie: tuid=b1818a3f-45ec-44cf-93fe-e56405e41a5e; Path=/; Domain=a.usbrowserspeed.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
a.usbrowserspeed.com/cs?puid=c2dbfe85-9f9d-5fe5-a273-f9ed79488080&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d
302 Found 119 B URL HTTP/2 a.usbrowserspeed.com/cs?puid=c2dbfe85-9f9d-5fe5-a273-f9ed79488080&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d
IP
File type HTML document, ASCII text
Hash 6c414d839bb02bfca6c2a8f10fca721a
291b1fe96437d41e13676bf66ffd9ba897af40ab
9158d9f3c376fd95cc3727163626a789ba1ea3d57c05f26d4ed8521c5d807de7
GET /cs?puid=c2dbfe85-9f9d-5fe5-a273-f9ed79488080&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP/1.1
Host: a.usbrowserspeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Cookie: tuid=b1818a3f-45ec-44cf-93fe-e56405e41a5e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
date: Fri, 24 Mar 2023 21:57:35 GMT
content-type: text/html; charset=utf-8
content-length: 119
location: https://a.clickcertain.com/px/t/?done=true&uid=b1818a3f-45ec-44cf-93fe-e56405e41a5e&hem=
set-cookie: tuid=b1818a3f-45ec-44cf-93fe-e56405e41a5e; Path=/; Domain=a.usbrowserspeed.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&ccid=159038c0-9598-4a7d-bff9-895a7db75229&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID
303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&ccid=159038c0-9598-4a7d-bff9-895a7db75229&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&ccid=159038c0-9598-4a7d-bff9-895a7db75229&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 24 Mar 2023 21:57:35 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&_li_chk=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&previous_uuid=7acb3034fe6f4734ad2b35af4bc015c7
Set-Cookie: lidid=7acb3034-fe6f-4734-ad2b-35af4bc015c7; Max-Age=63072000; Expires=Sun, 23 Mar 2025 21:57:35 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/aeu9oe7qwy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"f5fdb0e547028256fdb5662c9e84afcf"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 24 Mar 2023 21:57:35 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"f5fdb0e547028256fdb5662c9e84afcf"
age: 1
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1679695056.910330,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
a.clickcertain.com/px/t/?done=true&uid=b1818a3f-45ec-44cf-93fe-e56405e41a5e&hem=
204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/t/?done=true&uid=b1818a3f-45ec-44cf-93fe-e56405e41a5e&hem=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/t/?done=true&uid=b1818a3f-45ec-44cf-93fe-e56405e41a5e&hem= HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24d1add2443e239; _ccpx_24d1add2443e239=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:36 GMT
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:35 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-5fxmf:cc-nginx-5cbb6f69b-5fxmf
x-requestid: 684f964d-8cb7-4e06-bf9a-6446f7b86abf
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s7AWh5jOtaSCUqqkxINrxYPF6QxszW2zuIiydfXQPFX05ApaYgyUEdXPdZXloqle4xI2cQ9TYF7WnA2bZSsXPVips3WlrJ1beBn7MGcrVBAp1vhrFqR6gknb%2FsCtfFIgzoR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb35a6a0b02-OSL
X-Firefox-Spdy: h2
a.usbrowserspeed.com/cs?pid=beeswax&puid=
204 No Content 0 B URL HTTP/2 a.usbrowserspeed.com/cs?pid=beeswax&puid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs?pid=beeswax&puid= HTTP/1.1
Host: a.usbrowserspeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: tuid=b1818a3f-45ec-44cf-93fe-e56405e41a5e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: awselb/2.0
date: Fri, 24 Mar 2023 21:57:35 GMT
set-cookie: tuid=b1818a3f-45ec-44cf-93fe-e56405e41a5e; Path=/; Domain=a.usbrowserspeed.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&_li_chk=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&previous_uuid=7acb3034fe6f4734ad2b35af4bc015c7
303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&_li_chk=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&previous_uuid=7acb3034fe6f4734ad2b35af4bc015c7
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&_li_chk=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&previous_uuid=7acb3034fe6f4734ad2b35af4bc015c7 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 24 Mar 2023 21:57:36 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d159038c0%252d9598%252d4a7d%252dbff9%252d895a7db75229%2526anx_uId%253d%2524UID&ccid=159038c0-9598-4a7d-bff9-895a7db75229
Set-Cookie: _li_ss=CgA; Max-Age=2592000; Expires=Sun, 23 Apr 2023 21:57:36 GMT; SameSite=None; Path=/s; Secure
lidid=dd17ef29-4756-416e-9da8-29d68e103098; Max-Age=63072000; Expires=Sun, 23 Mar 2025 21:57:36 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 2
Strict-Transport-Security: max-age=31536000; includeSubDomains
api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386
200 OK 437 B URL HTTP/2 api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 95a027e496291f439599dfb5b5277796
d3fe448e873564e431b4e146cfc8ff149b51e09e
4bc6d523eaf3abb95084db3b8e0892e1d8d6a37f85883d155eecee9cc3293329
GET /pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386 HTTP/1.1
Host: api.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:35 GMT
content-type: application/json; charset=utf-8
x-amzn-requestid: 4387a169-fd17-4487-a9bc-bf8fa6d9e274
access-control-allow-origin: *
surrogate-control: no-store
x-amzn-remapped-content-length: 178
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: CTlwgGKBoAMFTGQ=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
pragma: no-cache
x-amzn-remapped-date: Fri, 24 Mar 2023 21:57:35 GMT
x-cache: Miss from cloudfront
via: 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: EGuzjWFSO3BDWytdKKtiggF85ar_Ry613YkhVj93cBedXQWBQhRd1g==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AHOy8fHCoW7QWVKhV1J94PViyJgZHQZe8gR25fV0iho7lWoYGye4M84FL9MHdFpHDO54seFWfGR3CTtsL4aDZXv9NvbzBhvj4ky9ZzRTUaBAMKGS75TVlUSN8kxu7o7ZIC8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb0fe910b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed-cloudfront.wistia.com/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
200 OK 248 B URL HTTP/2 embed-cloudfront.wistia.com/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash cdc24448e1a75a4d03ec10a103fc3406
91600f2afdff90b12c1cdd64c10cffc5da4e908f
9a0b56469547d3ff9a1a3402761365b1f599deb1811dd588d7bd3c6f6fe9b79b
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
content-length: 1558520
server: envoy
date: Wed, 22 Mar 2023 16:58:02 GMT
expires: Thu, 21 Mar 2024 16:58:02 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 396
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: at4PNZiPjRxlefWH6wdVNyYAEzJAszSWU00OU5JQ67y5FXge-lc7Qg==
age: 190772
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?google_error=3
204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?google_error=3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/g/?google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tag.trovo-tag.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24d1add2443e239; _ccpx_24d1add2443e239=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:36 GMT
x-frontend: cc-nginx-5cbb6f69b-hnr6k:cc-nginx-5cbb6f69b-hnr6k
x-requestid: c7562cbb-72d4-4093-998e-2c642049f780
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFQMbQxsoFmMea4XC54JBvMvZ%2BGBnxH2i%2BMAlLwWzcPv2a9Yk%2F3dndz5x4%2FEZfbIwVtBp%2BnC4i2j2qYZ1wdMsdjKupdZKRD5%2BZrmMLHe4pKLYoSWdTgyErf2TOfwAO%2F0%2FD%2Bmbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb58c980b02-OSL
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 2c604a0d02cb15075381f562e5ae0dbc
c442c8bdd9a154e8e82b450e0f958ec0da505a51
5569b5c5906305462898089a381c93d026cec95761173842eb42eaa218e14d82
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 21:57:36 GMT
Last-Modified: Fri, 24 Mar 2023 20:11:11 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zjbuO1DN4YRzKhx9BLNgnsAvY-XGQYMpXlo-PBlsvL9beDr2co7fWA==
Age: 6385
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 2c604a0d02cb15075381f562e5ae0dbc
c442c8bdd9a154e8e82b450e0f958ec0da505a51
5569b5c5906305462898089a381c93d026cec95761173842eb42eaa218e14d82
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124913
Date: Fri, 24 Mar 2023 21:57:36 GMT
Etag: "641d4d59-1d7"
Expires: Sun, 26 Mar 2023 08:39:29 GMT
Last-Modified: Fri, 24 Mar 2023 07:12:25 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TBiPaSIguSc7frwJ9iXpI6Rklx1tAovXnVRsSLw50DZZmiapp2kbTw==
Age: 5224
live-visitor-counts.herokuapp.com/lvc/register
204 No Content 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cdn.useproof.com/
Origin: https://cdn.useproof.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Cowboy
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Date: Fri, 24 Mar 2023 21:57:36 GMT
Via: 1.1 vegur
a.clickcertain.com/px/img/g/?start_cm=1
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?start_cm=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/g/?start_cm=1 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tag.trovo-tag.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24d1add2443e239; _ccpx_24d1add2443e239=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:36 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
x-frontend: cc-nginx-5cbb6f69b-pq94b:cc-nginx-5cbb6f69b-pq94b
x-requestid: da0ac16d-0bfc-4d28-92d1-187a9ddeeac9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2w5zS6Mb4fPHpqP8dIdl%2ByAiPlURxkQ3Z4Ci3FoM9Y1aJJzv6Fm8VWqe89hsiVVM3vFQMJVuIJzWhOymqmublKqvrV1WOpyijGR3fWZNj2N0uXOCF1gsnOxrNaYDNBCZK%2FjLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb3cae60b02-OSL
X-Firefox-Spdy: h2
live-visitor-counts.herokuapp.com/lvc/register
200 OK 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 196
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://cdn.useproof.com
Vary: Origin
Date: Fri, 24 Mar 2023 21:57:36 GMT
Content-Length: 0
Via: 1.1 vegur
secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D159038c0-9598-4a7d-bff9-895a7db75229%26anx_uId%3D%24UID
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D159038c0-9598-4a7d-bff9-895a7db75229%26anx_uId%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D159038c0-9598-4a7d-bff9-895a7db75229%26anx_uId%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 24 Mar 2023 21:57:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&anx_uId=0
AN-X-Request-Uuid: 5f3b7a14-4802-4abf-ae86-b0cf9f98924d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
200 OK 471 B IP
Hash cd9971843edec2fca6ec018b4cec5146
90c94c5db696d151dcdbfa8fcbc7c43cf7ad6ca3
66315a793e1c73e489aa525a343674f91d3df214ee4a698352931a32a2c8c640
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 21:57:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 13:56:50 GMT
Expires: Tue, 28 Mar 2023 13:56:49 GMT
Etag: "90c94c5db696d151dcdbfa8fcbc7c43cf7ad6ca3"
Cache-Control: max-age=316151,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad22bbadec6b524-OSL
x.bidswitch.net/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:37 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=90c77597-18be-4b58-9fdc-246516a49f04; path=/; expires=Sat, 23-Mar-2024 21:57:37 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679695057; path=/; expires=Sat, 23-Mar-2024 21:57:37 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1679695057; path=/; expires=Sat, 23-Mar-2024 21:57:37 GMT; domain=.bidswitch.net; samesite=none; secure
c=1679695057; path=/; expires=Sat, 23-Mar-2024 21:57:37 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/playPauseLoadingControl.js
200 OK 16 kB URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
File type ASCII text, with very long lines (60297), with no line terminators
Hash b2b44b80faa65cce5d5bb98b9687d152
75d08cab6749fba40af8155d1754afac39e101c2
6c59ce5a293b58600081ec1339632e7da41e70fc8739726fee0f2b8e7204c1c7
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:40 GMT
etag: "b2b44b80faa65cce5d5bb98b9687d152"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:37 GMT
age: 847
x-served-by: cache-iad-kjyo7100120-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 22
x-timer: S1679695057.385743,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 16032
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 1785231645193701
date: Fri, 24 Mar 2023 21:57:37 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1679695057.16b72a8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9e622642fc8a3e1ffc2bf8369d3479cc
129c4dc93736b884986e07c748bdbf037c952483
ff4a2c4be50227dc51dc87a03a9e2e17701d951a6140c5f097d1ad145354daf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF4A2C4BE50227DC51DC87A03A9E2E17701D951A6140C5F097D1AD145354DAF3"
Last-Modified: Wed, 22 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8639
Expires: Sat, 25 Mar 2023 00:21:36 GMT
Date: Fri, 24 Mar 2023 21:57:37 GMT
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 879881e79eba1933a9158b459be3811f
32ebeff533ebc20fa2ad39de7e29813edc70d195
47a304ccfba3e144068b4441aa2b4f776b03c39eb829ddea4f21ccf2176e5c40
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 21:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 20:40:06 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q7Zv6OUToU0xrN112BBSATo81GMYqgJLW-CQjLHkT0SfpGXowv6-8g==
Age: 4651
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864
302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Fri, 24 Mar 2023 21:57:37 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 5Z4TNZ0SAWD45EZQCHYA
Set-Cookie: ad-id=A67ks-s4wkAzkKDWwxe_77Q|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 21:57:37 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1582
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:37 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
a.clickcertain.com/px/r/?ccid=159038c0-9598-4a7d-bff9-895a7db75229
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=159038c0-9598-4a7d-bff9-895a7db75229
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/r/?ccid=159038c0-9598-4a7d-bff9-895a7db75229 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=159038c0-9598-4a7d-bff9-895a7db75229&cn=NO
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24a3d6f0fe7dd9c; _ccpx_24d1add2443e239=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:35 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=159038c0-9598-4a7d-bff9-895a7db75229&ccid=159038c0-9598-4a7d-bff9-895a7db75229&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d159038c0%25252d9598%25252d4a7d%25252dbff9%25252d895a7db75229%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:35 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-cgstl:cc-nginx-5cbb6f69b-cgstl
x-requestid: 59342eef-e853-47e0-9c3d-e78828fd5d72
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAsNyI9LsPmUnBGnAvFD1HlUq14M9ASRdcsdGfFplZIuQxDIwk9c%2BrbdfdI5XPLYvgW49uhFaCFEg%2BI%2BebwmphLZd%2FNA7b3pgK1R%2FnU9u4sf52eabdNoktNB8wT97J34LzDIxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22badbc380b02-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/setuid?entity=52&code=k-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/setuid?entity=52&code=k-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=52&code=k-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 24 Mar 2023 21:57:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw
AN-X-Request-Uuid: 58dd2043-ec30-4449-90f5-07b3dc4f27d4
Set-Cookie: uuid2=7071288258658166501; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Jun-2023 21:57:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x.bidswitch.net/sync?dsp_id=46&user_id=k-xvQ5UV4YXWliScRtiBWCmeQxzxkb8ckVJy-hag&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-xvQ5UV4YXWliScRtiBWCmeQxzxkb8ckVJy-hag&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?dsp_id=46&user_id=k-xvQ5UV4YXWliScRtiBWCmeQxzxkb8ckVJy-hag&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:37 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 796136
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-7uW9aF4YXWliScRtiBWCmeQxzxlJxVi4nlBDDA
200 OK 65 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-7uW9aF4YXWliScRtiBWCmeQxzxlJxVi4nlBDDA
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 9fc4a410879e22eeb224e6c43c95ec52
21aa9fe1c1d54cb7479008698efdb167c8915ca6
e9265c8d1f568b85f487c3cfadb4305e5d7b122a16a9ec9f8a7d116f2fa5fdab
GET /cksync.php?cs=3&type=crt&ovsid=k-7uW9aF4YXWliScRtiBWCmeQxzxlJxVi4nlBDDA HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 65
content-type: image/gif
set-cookie: visitor-id=3226966573580264000V10; Expires=Sat, 23 Mar 2024 21:57:37 GMT; domain=.media.net; Path=/;
data-c-ts=1679695057;Expires=Sun, 23 Apr 2023 21:57:37 GMT;path=/;domain=.media.net;
data-c=k-7uW9aF4YXWliScRtiBWCmeQxzxlJxVi4nlBDDA~~3;Expires=Sun, 23 Apr 2023 21:57:37 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Fri, 24 Mar 2023 21:57:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 21:57:37 GMT
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-FAUISF4YXWliScRtiBWCmeQxzxk8FeBOS65Ixw
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-FAUISF4YXWliScRtiBWCmeQxzxk8FeBOS65Ixw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-FAUISF4YXWliScRtiBWCmeQxzxk8FeBOS65Ixw HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.10
content-length: 23
expires: Fri, 24 Mar 2023 21:57:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 21:57:37 GMT
X-Firefox-Spdy: h2
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864&dcc=t
200 OK 65 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864&dcc=t
IP
File type HTML document, ASCII text
Hash 22fdf49482d8200e8f305bbe262eff14
f254bd4053267c2cf46675613e689016d8b7f775
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=26743208190421864&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Fri, 24 Mar 2023 21:57:37 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: CKD9Q92CN6YABXHJ0K2B
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1652
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:37 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 43c80759b4847362ca58ccdbddc4918a
e05425b0c80f3782a827a0af21a187c6e1e605cd
b8d4fe8b06b977eba85c1ef8eb501d0303acceb721fac00af46124b1fbad466e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5968
Cache-Control: max-age=149781
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:37 GMT
Etag: "641dab96-1d7"
Expires: Sun, 26 Mar 2023 15:33:58 GMT
Last-Modified: Fri, 24 Mar 2023 13:54:30 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 8711285f5833ac349428f293788a9285
11978463dfb072914e14ba290e889eceb168977e
0279031baa8231481eeb9ccc94006811879ba319fdb64f4017d1cf3aa94f9d29
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5120
Cache-Control: max-age=138538
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:37 GMT
Etag: "641d82fb-1d7"
Expires: Sun, 26 Mar 2023 12:26:35 GMT
Last-Modified: Fri, 24 Mar 2023 11:01:15 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
cm.adform.net/pixel?adform_pid=15&adform_pc=k-WUlb5l4YXWliScRtiBWCmeQxzxnZW1QyqpUlyg
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-WUlb5l4YXWliScRtiBWCmeQxzxnZW1QyqpUlyg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-WUlb5l4YXWliScRtiBWCmeQxzxnZW1QyqpUlyg HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 21:57:38 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
etag: "62e27c81-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-n7LkU14YXWliScRtiBWCmeQxzxnZX-lMPPAucw HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 24 Mar 2023 21:57:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 20b6717d-5cac-4c1e-9b01-937432049e91
Set-Cookie: anj=dTM7k!M4/rCxrEQF']wIg2GVKt:vwa!]tbPl@/D!9hy6]/Cr.UlfB58hr4Do7A?uI6R.7T1KUuF59elX.ypI75tio#cu/e/BnA(Y-y0cL*bpRz*qF1`*bd^0-+9N9; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Jun-2023 21:57:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.23.2
Date: Fri, 24 Mar 2023 21:57:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 739decbc-d82f-4ec9-a742-36d7dcaaf3cd
Set-Cookie: uuid2=8191260069033092250; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Jun-2023 21:57:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 17534
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:38 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNIcHmQCEE2WNjUbKC8foOi0hsAQA4oFEgEBAQFuH2QoZAAAAAAA_eMAAA&S=AQAAAoQIsZVWrjoHx9TQfFuwvRE; Expires=Sun, 24 Mar 2024 03:57:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.23.2
Date: Fri, 24 Mar 2023 21:57:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: b884c9e5-604d-4dad-bbef-1dc8cfe5e3e0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-WtUXFl4YXWliScRtiBWCmeQxzxlANEY-WrvbzQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:38 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNIcHmQCEFNWngB8NbxqACdWAjfHXssFEgEBAQFuH2QoZAAAAAAA_eMAAA&S=AQAAAn-FjvvYe5iRs4xp3wq2MZo; Expires=Sun, 24 Mar 2024 03:57:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d29aef92d948f03a9abed564a912b31d
65dc8170221b4f7e7031b7f81009bb0e6b6acc07
6ad6544236f156acdaebc287f7e29f4c6681d1d16cf3069b1ecb9765901cdeaa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2853
Cache-Control: max-age=115025
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641d2ffe-1d7"
Expires: Sun, 26 Mar 2023 05:54:43 GMT
Last-Modified: Fri, 24 Mar 2023 05:07:10 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 314 B IP
Hash 150f446653827686826f3229ee0334c4
8ba75f015726ac958ab64d100537208c3c2b9b7a
48b07aa9a6e51ef662c4d1edad3b6660b6e199e1841844d7c043f337068d2c62
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5855
Cache-Control: max-age=115491
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641d2616-13a"
Expires: Sun, 26 Mar 2023 06:02:29 GMT
Last-Modified: Fri, 24 Mar 2023 04:24:54 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 314
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-XvOWuF4YXWliScRtiBWCmeQxzxlOBO0DOhhcvQ&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-XvOWuF4YXWliScRtiBWCmeQxzxlOBO0DOhhcvQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-XvOWuF4YXWliScRtiBWCmeQxzxlOBO0DOhhcvQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0a4363d34d577b3a614421a713323cea
d6fcbd08f87a7a59752ceee7bc62a2ac2e2ac73d
6c4051c7aae40394cda79d984399229428dbe7bfcbe51fb8aed2fcdbb860de4a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 24 Mar 2023 21:57:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 24 Mar 2023 20:45:07 GMT
Expires: Sat, 25 Mar 2023 20:45:07 GMT
ETag: "d6fcbd08f87a7a59752ceee7bc62a2ac2e2ac73d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 57edbf3a9062656b51babeec7b2b2b07
2fcc7c21bdc726bcda00b0b79a69c2956f591a10
ef4b6f586c525a75e16843dfde1870d4b4202813142ce8e457e1d023c2a2fc70
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112834
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641d2067-1d7"
Expires: Sun, 26 Mar 2023 05:18:12 GMT
Last-Modified: Fri, 24 Mar 2023 04:00:39 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dhDoZPCTL875MkdhzdzLi6V4SONLfs9E50jLpKKIVJ9kfSf2sY0-5w==
Age: 4653
ocsp.digicert.com/
200 OK 471 B IP
Hash d3ab4f1f98525ae09f1c7d0b314b8824
a8a3cda46cadbceddc9809b77e52f035a567d436
8b718fb9618c87fa36e90072404aae9bca80951fcaa6b606cfb1d82b6b34bf4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4783
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 20:37:56 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Det_E14YXWliScRtiBWCmeQxzxmmUg9lZu40GA
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Det_E14YXWliScRtiBWCmeQxzxmmUg9lZu40GA
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-Det_E14YXWliScRtiBWCmeQxzxmmUg9lZu40GA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Fri, 24 Mar 2023 21:57:37 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=6633932827147068847; expires=Wed, 24 Apr 2024 21:57:38 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Wed, 24 Apr 2024 21:57:38 GMT; domain=smartadserver.com; path=/
csync=79:k-Det_E14YXWliScRtiBWCmeQxzxmmUg9lZu40GA; expires=Sun, 24 Mar 2024 21:57:38 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MFNenF4YXWliScRtiBWCmeQxzxnRyyZ41moS0w
302 Found 0 B URL HTTP/1.1 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-MFNenF4YXWliScRtiBWCmeQxzxnRyyZ41moS0w
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-MFNenF4YXWliScRtiBWCmeQxzxnRyyZ41moS0w HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 24 Mar 2023 21:57:38 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=20&external_user_id=k-MFNenF4YXWliScRtiBWCmeQxzxnRyyZ41moS0w&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=ZB4c0pP.Zin5a2n9gpm3KAAA; Path=/; Domain=casalemedia.com; Expires=Sat, 23 Mar 2024 21:57:38 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4435; Path=/; Domain=casalemedia.com; Expires=Thu, 22 Jun 2023 21:57:38 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4435; Path=/; Domain=casalemedia.com; Expires=Thu, 22 Jun 2023 21:57:38 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 1eafb93b43a0c15aa0a5ec304be9a85c
be7e23035630e505954b9a0b907aa0628afc180c
37ccfa43119516e76649a5d67257337ca71aeab9b854fd4fce13e271ae3ac1d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6154
Cache-Control: max-age=118317
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641d2ff5-1d7"
Expires: Sun, 26 Mar 2023 06:49:35 GMT
Last-Modified: Fri, 24 Mar 2023 05:07:01 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 3280cdfc5763472582baf2555ad5d8f4
a1efa46b661bfc386ce3f433eb6859c4ef658fa5
f3d8e0e47f83a44033fae7b1f6b1d2d6b61107a73c2b458d87bc72b5c3167e58
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164877
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641de832-1d7"
Expires: Sun, 26 Mar 2023 19:45:35 GMT
Last-Modified: Fri, 24 Mar 2023 18:13:06 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cJGkrL65RpxJ1g40Wpnb4zp1zKz8xoBhHdl1l6GZlHfAr-AzWeFabg==
Age: 5549
eb2.3lift.com/xuid?mid=2711&xuid=k-SlciRV4YXWliScRtiBWCmeQxzxlgRYy5q0h6Fg&dongle=013b
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-SlciRV4YXWliScRtiBWCmeQxzxlgRYy5q0h6Fg&dongle=013b
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-SlciRV4YXWliScRtiBWCmeQxzxlgRYy5q0h6Fg&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:38 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=8664&ext_id=k-LSNx0l4YXWliScRtiBWCmeQxzxmNbk6iG5Z0Ag
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-LSNx0l4YXWliScRtiBWCmeQxzxmNbk6iG5Z0Ag
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-LSNx0l4YXWliScRtiBWCmeQxzxmNbk6iG5Z0Ag HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-application-context: application
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 23 Mar 2023 21:57:38 GMT
Date: Fri, 24 Mar 2023 21:57:38 GMT
Connection: keep-alive
Set-Cookie: id=9ccbf5df-9d21-4295-85ba-3d3f56ce529d; Path=/; Domain=prod.svc.y6b.de; Expires=Sat, 23-Mar-2024 21:57:38 GMT; Max-Age=31536000; Secure; SameSite=None
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg&KRTB&23144-uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg&KRTB&23286-uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg&KRTB&23287-uid:k-srARZl4YXWliScRtiBWCmeQxzxlXsn23WYPskg; domain=pubmatic.com; secure; expires=Sun, 23-Apr-2023 21:57:37 GMT; path=/
PugT=1679695057; domain=pubmatic.com; secure; expires=Sun, 23-Apr-2023 21:57:37 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 21083ce2edc8c90202080e7fff40a178
f977b131dc69ae54bf79036714759b0126914f93
ccdd740c826f1ca22d8e79a2cbe3c11d83d52e1048715b961f530b948ff98b2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 21:57:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 03:11:56 GMT
Expires: Wed, 29 Mar 2023 03:11:55 GMT
Etag: "f977b131dc69ae54bf79036714759b0126914f93"
Cache-Control: max-age=363856,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad22bc0bd75b524-OSL
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-g4pBRF4YXWliScRtiBWCmeQxzxkC6cYVnJ1cow
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-g4pBRF4YXWliScRtiBWCmeQxzxkC6cYVnJ1cow
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-g4pBRF4YXWliScRtiBWCmeQxzxkC6cYVnJ1cow HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:38 GMT
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v046-0647cef17.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=29751709954319501684411022361574257890; Max-Age=15552000; Expires=Wed, 20 Sep 2023 21:57:38 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Awo5x1XiTHM=
Content-Length: 0
Connection: keep-alive
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-wGaZ_l4YXWliScRtiBWCmeQxzxlNHiw5ixH7fg
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-wGaZ_l4YXWliScRtiBWCmeQxzxlNHiw5ixH7fg
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-wGaZ_l4YXWliScRtiBWCmeQxzxlNHiw5ixH7fg HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=3e30fbc3b8f3d86d42aaec0d27c3498f; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 21:57:37 GMT
content-length: 49
x-envoy-upstream-service-time: 5
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash c0dc302b2406c7b58c5a2bc0c1cc9b0a
868f83a94a46f68ed8cd2459d1d56cfc7c391c78
6c4c29e8044f5b1961237a6da392fd5584a60b6e5f6fbd901341e90ed39a751d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89837
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641cc235-1d7"
Expires: Sat, 25 Mar 2023 22:54:55 GMT
Last-Modified: Thu, 23 Mar 2023 21:18:45 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qgWVaG3yYRra_NwawQ1qS6NYjWQPiM9PFB2XCNEf2IZnYfjFNcjRTg==
Age: 5770
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 933e080083b42c4faf3d2debeccfdf81
21e6e99d2d0ba9957d41d28a5731e052460e1da5
fe90227ada2eb1b5c40579d159b7af5aaafd9e0ee44f1bd01c0336b80e7f6474
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169497
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641df91c-1d7"
Expires: Sun, 26 Mar 2023 21:02:35 GMT
Last-Modified: Fri, 24 Mar 2023 19:25:16 GMT
Server: ECAcc (nya/1C3C)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7GRmQjb__-fzB1GqlVjgJ6Kz4e8eC1prg4jaRWfsuYZqT5Sk5vJ42Q==
Age: 5839
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 86 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash e069def25ebc5c14dc23276e0ad60946
284d91a63a32dbc1ab8cfe70cdcf2f9d256179ed
1f34fb5ba65c9e3bce48a19ac3676c1259e7a42e31d84764b39556c6df0afb32
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 212100
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 383bc5e051db57b08b6f14a1c88e604c
c1e930f408df65ca9b76621f84d38a32b484fcad
e8393df0d0f6e40c116dbb50d33ad87cfb159200e5e1111d6005d911b2501188
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 21:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 20:50:19 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R13ap4FHEn1R-nzlTEybP6zy12I2TszpZXiLiLG9C7T6SxbXTV46VQ==
Age: 4039
sync-criteo.ads.yieldmo.com/sync?id=k-hv1fY14YXWliScRtiBWCmeQxzxm3S_OgCsGVmg&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-hv1fY14YXWliScRtiBWCmeQxzxm3S_OgCsGVmg&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-hv1fY14YXWliScRtiBWCmeQxzxm3S_OgCsGVmg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:38 GMT
content-type: img/gif;charset=utf-8
content-length: 43
set-cookie: yieldmo_id=g7864826841f6807c823%7C1679695058323%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 23-Mar-2024 21:57:38 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-hv1fY14YXWliScRtiBWCmeQxzxm3S_OgCsGVmg; Domain=ads.yieldmo.com; Expires=Sat, 23-Mar-2024 21:57:38 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v046-0a5fb53d3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: UVBQqaPsQGo=
Content-Length: 59
Connection: keep-alive
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:38 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA
set-cookie: tuuid=4f49db48-4278-436e-894b-6bb3daea458f; Expires=Thu, 22 Jun 2023 21:57:38 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1679695058; Expires=Thu, 22 Jun 2023 21:57:38 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-XyrNLl4YXWliScRtiBWCmeQxzxkwlKDrHehloQ&initiator=partner
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-XyrNLl4YXWliScRtiBWCmeQxzxkwlKDrHehloQ&initiator=partner
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-XyrNLl4YXWliScRtiBWCmeQxzxkwlKDrHehloQ&initiator=partner HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 21:57:38 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: cc604c45b4e8fedd25b27fb59e1e629a
fast.wistia.com/assets/external/allIntegrations.js
200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP
File type ASCII text, with very long lines (21637), with no line terminators
Hash 2f9b51729338fa06c0391125beb87b35
1f3a7aadfd6ff3448996b18a11f8359cf78b18a8
bf61f78f0ff8ab95c53a48ce3e9b7d51677c4784f6a84a532200553a85daf7b6
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:39 GMT
etag: "2f9b51729338fa06c0391125beb87b35"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:38 GMT
age: 847
x-served-by: cache-iad-kjyo7100093-IAD, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 69, 9
x-timer: S1679695058.401763,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 5629
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-mcNQyV4YXWliScRtiBWCmeQxzxm17ajfRuPgZA HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:37 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 882189
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 95252a86836c7b291fdc59c86a383fee
5493f9e833c67e9d4d85d4ea130b24533dc92879
c13c58227953c687916f899a86afa6d0d3b7432b751fb29074d58718f8895160
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2542
Cache-Control: max-age=88052
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 21:57:38 GMT
Etag: "641cc7d8-1d7"
Expires: Sat, 25 Mar 2023 22:25:10 GMT
Last-Modified: Thu, 23 Mar 2023 21:42:48 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 21:57:38 GMT
set-cookie: _kuid_=PdFiQJ-H; Expires=Wed, 20-Sep-23 21:57:38 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n007-dub-prod.krxd.net
x-request-time: D=82 t=1679695058
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:37 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 573254
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 21b15bcdf74667219492b470a66d7dd4
01dbc528c25bfbf85e0e3e0e53bbc69af8e56ab9
423293fe69e0e9f7f7738c82aa795a1cb23dcd0cdb6d1ea69c88ae606d9528a1
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "423293FE69E0E9F7F7738C82AA795A1CB23DCD0CDB6D1EA69C88AE606D9528A1"
Last-Modified: Fri, 24 Mar 2023 14:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3205
Expires: Fri, 24 Mar 2023 22:51:03 GMT
Date: Fri, 24 Mar 2023 21:57:38 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:39 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: e4d0cf50-ca8e-11ed-8354-0000ac17005e
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
live.upwellness.com/services/scripts/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 live.upwellness.com/services/scripts/jquery/jquery.min.js
IP
GET /services/scripts/jquery/jquery.min.js HTTP/1.1
Host: live.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=v2%7Cd4d83f37-37e9-4ce4-aa90-573ababdc90a%7Cfbe91892-5070-465e-914a-d53bab95f199%3Aak%3Asingle%7Cce8e0f3a-9c23-49fc-a8e9-a0c2b288709f%3Au%3Aweighted; _gcl_au=1.1.1054804175.1679694883; ucacid=482066621.952307; _tt_enable_cookie=1; _ttp=8frwv3_eomiNgY2EJ5nP7ebzNgI; __nbpix_uid=1-6jk3nnaa-lfn2yqxi; _uetsid=7cb86930ca8e11ed90463514453ac659; _uetvid=7cb885d0ca8e11ed8472ebc25f80b804; _ga=GA1.2.787918828.1679694885; _gid=GA1.2.2063524655.1679694885; _lc2_fpi=f0f26c15fa8f--01gwasvvqtq76vzs0typ81hgbq; cl4975ot4arrr6_uid=cl4975ot4arrr68283b18d-5acf-471a-a89c-da50f71edcfd; cl4975ot4arrr6_sid=CL-a7b92e97-9d37-4915-b399; cl4975ot4arrr6_gid=cl4975ot4arrr618ba06b4-380b-4a8b-a4aa-fe3258c3e31f; _hjSessionUser_795540=eyJpZCI6Ijg2OWY0YTMyLTRjNGQtNTg1NS1iYjczLTRkYWQ2ODdjODliOCIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODQ5OTYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_795540=eyJpZCI6ImM2Nzk3YjkyLWFkODEtNGY0Yi05OTFmLWM4MGY3MDE5YjI4YSIsImNyZWF0ZWQiOjE2Nzk2OTQ4ODUwMDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _fbp=fb.1.1679694885171.1790059248; cto_bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE; cl4975ot4arrr6_eidsTracked=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 21:57:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
vary: Accept-Encoding
etag: W/"63298c50-15d84"
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ads.nextdoor.com/public/pixel/ndp.js
200 OK 0 B URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:32 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Fri, 17 Mar 2023 20:15:00 GMT
vary: Accept-Encoding
etag: W/"6414ca44-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 6
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D159038c0%2D9598%2D4a7d%2Dbff9%2D895a7db75229%26anx_uId%3D%24UID&google_error=3
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D159038c0%2D9598%2D4a7d%2Dbff9%2D895a7db75229%26anx_uId%3D%24UID&google_error=3
IP
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D159038c0%2D9598%2D4a7d%2Dbff9%2D895a7db75229%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24d1add2443e239; _ccpx_24d1add2443e239=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:36 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&anx_uId=$UID
x-frontend: cc-nginx-5cbb6f69b-ndfnn:cc-nginx-5cbb6f69b-ndfnn
x-requestid: 5bb99017-3b5b-4873-9547-5961e22db155
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sl8fBcPxGWuV3Hh0sSwT0E5VQpDZT6rUCAeexLB%2FMXcE1g%2B6E7MMXzHGiwzQc%2BODM2GHPqHHuHRpZMD8M2%2FfJcYauP6sDdg1SaJZ5QAgeSVxNAI4tSeskTn43vIDQV4lkwXR%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb69da30b02-OSL
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sngcc14YXWliScRtiBWCmeQxzxlecammOIn2tA&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sngcc14YXWliScRtiBWCmeQxzxlecammOIn2tA&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-sngcc14YXWliScRtiBWCmeQxzxlecammOIn2tA&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 86512
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-P9HE9V4YXWliScRtiBWCmeQxzxnJODcjCHrtPg
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-P9HE9V4YXWliScRtiBWCmeQxzxnJODcjCHrtPg
IP
GET /sync?UICR=k-P9HE9V4YXWliScRtiBWCmeQxzxnJODcjCHrtPg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:38 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
set-cookie: tvid=7f421f73655145d9b8afce1641e1ad1d; Domain=.tremorhub.com; Expires=Sun, 24-Mar-2024 03:45:58 GMT; Path=/; Secure; SameSite=None
tv_UICR=k-P9HE9V4YXWliScRtiBWCmeQxzxnJODcjCHrtPg; Domain=.tremorhub.com; Expires=Sun, 23-Apr-2023 21:57:38 GMT; Path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/E-v1.js
200 OK 0 B URL HTTP/2 fast.wistia.net/assets/external/E-v1.js
IP
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 24 Mar 2023 14:48:39 GMT
etag: "069fe9e390ba04b1e305cf15d8cbaca0"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:31 GMT
age: 840
x-served-by: cache-iad-kcgs7200120-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 17
x-timer: S1679695052.952482,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: 1d1291f7b820d76ce634e6d72f254308143836f0
content-length: 117310
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=jDigPF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czglMkJlOWRwOUdmZ2k5MDVNZDJwYklTa0U1Rmd5R3FleWlZcGdqZ00wZHI0eA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=I8mj8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czglMkJlOWRwOUdmZ2k5MDVNZDJwYklTbWxVJTJGQ3BmT3glMkJtak5CR0NSYTdQWWU; expires=Wed, 17 Apr 2024 21:57:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 300421
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
200 OK 0 B URL HTTP/2 embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
IP
GET /deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
accept-ranges: none
access-control-request-method: *
content-disposition: inline
edge-cache-tag: d0a1fb999ec98584973653dd06314b37
last-modified: Wed, 23 Mar 2022 20:25:49 UTC
surrogate-key: d0a1fb999ec98584973653dd06314b37 thumbnail-delivery
date: Sun, 19 Mar 2023 11:43:19 GMT
cache-control: max-age=31536000
etag: hgII9a8TxDIXXjgTBmwt25baXrs=
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O_taxBtYV9DUe5FtKC_qzNeocF4PcxcDeV4bZZrTzTAbHazd3gT-AA==
age: 548740
x-cdn: cloudfront
vary: Origin
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=FirefoxSyncframe&so=3&topUrl=pages.upwellness.com&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&info=I8mj8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czglMkJlOWRwOUdmZ2k5MDVNZDJwYklTbWxVJTJGQ3BmT3glMkJtak5CR0NSYTdQWWU&idsd=634452214,1171232854&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=upwellness.com&sn=FirefoxSyncframe&so=3&topUrl=pages.upwellness.com&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&info=I8mj8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czglMkJlOWRwOUdmZ2k5MDVNZDJwYklTbWxVJTJGQ3BmT3glMkJtak5CR0NSYTdQWWU&idsd=634452214,1171232854&cw=1&lsw=1
IP
GET /sid/json?origin=onetag&domain=upwellness.com&sn=FirefoxSyncframe&so=3&topUrl=pages.upwellness.com&bundle=A1Rk1F9mcDh6OU9EZlNPJTJCdFhaZDZNelZsMFJueE5qQ0NTdVJsQ3p1Y282NW1UU093cVlpQ3BkSjk2UW5xNVNjOGl6byUyRkJveDgwNHRwSEJ2WTRRNWNMcWElMkJTVUZIMHB4c0tOZXAyWmpxcUR0THVLZ2wxdWc4RlElMkJpcmUxbkp1UExjSTNJWSUyQklocEs4bHNNcUtlNEJTdnJ1N3lBJTNEJTNE&info=I8mj8l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czglMkJlOWRwOUdmZ2k5MDVNZDJwYklTbWxVJTJGQ3BmT3glMkJtak5CR0NSYTdQWWU&idsd=634452214,1171232854&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1269491
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-s_TtC14YXWliScRtiBWCmeQxzxkdpI822NIxcjyqbrRIz4GZ
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-s_TtC14YXWliScRtiBWCmeQxzxkdpI822NIxcjyqbrRIz4GZ
IP
GET /usersync/push?partner=criteo&partnerId=k-s_TtC14YXWliScRtiBWCmeQxzxkdpI822NIxcjyqbrRIz4GZ HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mv_tokens=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; am_tokens=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; am_tokens_eu-v1=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; criteo=%7B%22id%22%3A%22k-s_TtC14YXWliScRtiBWCmeQxzxkdpI822NIxcjyqbrRIz4GZ%22%2C%22version%22%3A%22criteo%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:37 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Apr 2023 21:57:37 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Apr 2023 21:57:37 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Apr 2023 21:57:37 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%227832df00-ca8e-11ed-a331-1bd03dfbf644%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Apr 2023 21:57:37 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-s_TtC14YXWliScRtiBWCmeQxzxkdpI822NIxcjyqbrRIz4GZ%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Fri, 07 Apr 2023 21:57:37 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
trc.taboola.com/1225872/trc/3/json?tim=1679695064731&data=%7B%22id%22%3A303%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1679695064711%2C%22cv%22%3A%2220230319-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1679695064730%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22tos%22%3A5015%2C%22ssd%22%3A2%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
200 OK 0 B URL HTTP/2 trc.taboola.com/1225872/trc/3/json?tim=1679695064731&data=%7B%22id%22%3A303%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1679695064711%2C%22cv%22%3A%2220230319-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1679695064730%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22tos%22%3A5015%2C%22ssd%22%3A2%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
GET /1225872/trc/3/json?tim=1679695064731&data=%7B%22id%22%3A303%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff-2%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1679695064711%2C%22cv%22%3A%2220230319-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1679695064730%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff-2%2F%3Foffer%3D2%26session_id%3D102ac81d925f5afd9639ce6e3d8235%26n%3Dtune%26AFFID%3D477232%26subid%3D55_2386%22%2C%22tos%22%3A5015%2C%22ssd%22%3A2%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 24 Mar 2023 21:57:33 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679695053.364702,VS0,VE113
vary: Accept-Encoding
x-vcl-time-ms: 113
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&anx_uId=0
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&anx_uId=0
IP
GET /px/img/bidswitch/?done=true&ccid=159038c0-9598-4a7d-bff9-895a7db75229&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24d1add2443e239; _ccpx_24d1add2443e239=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:36 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=159038c0-9598-4a7d-bff9-895a7db75229&expires=5&user_group=0
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:36 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-hnr6k:cc-nginx-5cbb6f69b-hnr6k
x-requestid: ea1bbd8e-4b5d-4078-860b-ae52485c3478
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wF9Q7KxouTcZYDtZi7LlK0oN4okBM2iRnRpE2ozSVMwx26uU8sSlOW0sXBOZLWrXc1jC6E3ca%2BNHNQGtyPCW0nFgT6i6qjc0UXcUuEb%2Bc02HRvESqLPuw6Gi3J5X6mnFdTUxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb84f8b0b02-OSL
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123&c=24d1add2443e239
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/smart/a/?type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123&c=24d1add2443e239
IP
GET /px/smart/a/?type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123&c=24d1add2443e239 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tag.trovo-tag.com/
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24a3d6f0fe7dd9c; _ccpx_24d1add2443e239=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:35 GMT
content-type: image/gif
location: https://a.clickcertain.com/px/img/?c=24d1add2443e239
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:35 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-hnr6k:cc-nginx-5cbb6f69b-hnr6k
x-requestid: 31f9fbd6-85e6-453a-98db-0063fb141e7c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e10KO7y6R4weAunQMnjBheVoF%2FJ9hapwcr4DzzNZmr6tvHui5%2FNRB6X%2B7E0yiUsm3%2Fr0FXWXHC8aNzeVeMpjTbbNgTfk1pcjBN4U9b0OfVaO%2FkZzvh%2FqAdEh3ddRoK%2FgpvB4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb13ff20b02-OSL
X-Firefox-Spdy: h2
mwebfantastic.com/6755/2386/2/?&subid=17b-2559857-6820925-176742-2760-99952775
302 Found 0 B URL HTTP/2 mwebfantastic.com/6755/2386/2/?&subid=17b-2559857-6820925-176742-2760-99952775
IP
GET /6755/2386/2/?&subid=17b-2559857-6820925-176742-2760-99952775 HTTP/1.1
Host: mwebfantastic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:30 GMT
content-type: text/html; charset=UTF-8
location: https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20230324215733667&aff_sub=2386
cache-control: max-age=3600, private
pragma: no-cache
expires: Fri, 24 Mar 2023 22:57:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad22b919e15b527-OSL
X-Firefox-Spdy: h2
b-code.liadm.com/a-057g.min.js
200 OK 0 B URL HTTP/2 b-code.liadm.com/a-057g.min.js
IP
GET /a-057g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 24 Mar 2023 02:08:37 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8BfZMDTx3TNo6AUzNdFaFeCg_OV8OWYP3MBMqpLJpQMXcFyTbJnOWA==
age: 71335
X-Firefox-Spdy: h2
static.newsbreak.com/business/tracking/nbpixel.js?t=1679702400000
200 OK 0 B URL HTTP/2 static.newsbreak.com/business/tracking/nbpixel.js?t=1679702400000
IP
GET /business/tracking/nbpixel.js?t=1679702400000 HTTP/1.1
Host: static.newsbreak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, HEAD
access-control-max-age: 86400
last-modified: Thu, 14 Oct 2021 07:49:18 GMT
x-amz-version-id: jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
server: AmazonS3
content-encoding: gzip
date: Fri, 24 Mar 2023 13:52:27 GMT
etag: W/"7d6af9a6683da50918d44e9d35360ff8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vE4YqQuyMBoAw6PYTJRcDdhTG77UA6h8P_L9U4FuuShuzRpciespzQ==
age: 29111
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=pages.upwellness.com&origin=onetag
IP
GET /syncframe?topUrl=pages.upwellness.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:33 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=e70b0b84-8a24-4a5a-8207-0762a277691c; expires=Wed, 17 Apr 2024 21:57:33 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 514214
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=159038c0-9598-4a7d-bff9-895a7db75229&cn=NO
200 OK 0 B URL HTTP/2 a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=159038c0-9598-4a7d-bff9-895a7db75229&cn=NO
IP
GET /px/cont/?c=24a3d6f0fe7dd9c&ccid=159038c0-9598-4a7d-bff9-895a7db75229&cn=NO HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; _ccpx_24a3d6f0fe7dd9c=2; _ccpx=24a3d6f0fe7dd9c; _ccpx_24d1add2443e239=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 21:57:34 GMT
content-type: text/html
etag: W/"MTU5MDM4YzBnOTU5OGc0YTdkZ2JmZjlnODk1YTdkYjc1MjI5LXow"
set-cookie: _ccpx_u=159038c0%2d9598%2d4a7d%2dbff9%2d895a7db75229; Expires=Sat, 23 Mar 2024 21:57:34 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-5cbb6f69b-dclrs:cc-nginx-5cbb6f69b-dclrs
x-requestid: 10f803e9-3044-4646-a7f1-01973b02ec9c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIsuhDRBoaYwmpRMlYpIL3UVLkk1r4WKY4mHVYNhkZXtc9MuvJndhtLFT4mekR4hxDiQ6vBeYx7nPHbAIKXTBL8ipeyK90ceJz095vImBlV4w7z995MOdFVti8T49581MV37gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bac4ad50b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123
302 Found 0 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123
IP
GET /px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123 HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag.trovo-tag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 21:57:35 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?type=img&partner_id=193f0456&partner_rid=e26e0b71-ca8e-11ed-8e8e-05fdf6122123&c=24d1add2443e239
x-frontend: cc-nginx-5cbb6f69b-5fxmf:cc-nginx-5cbb6f69b-5fxmf
x-requestid: 6136281e-c928-43ce-917b-4aea2676bda8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ3x7m%2F3El5zObYbjLqPymZM98%2BjBBGXfQ%2FnFvUJ4YYfAkzW3BzMVOrEjp1DnqqK61fbr7pXOpCrVBJDl8IZ7KsFMl1sd8f%2FOSlE0TDX2nGcAgDT8u0Hg5DRIEjIK7yZVv%2FzarY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad22bb069dfb4ff-OSL
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-qpQIbF4YXWliScRtiBWCmeQxzxk6JdgWead4_A
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-qpQIbF4YXWliScRtiBWCmeQxzxk6JdgWead4_A
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-qpQIbF4YXWliScRtiBWCmeQxzxk6JdgWead4_A HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 21:57:38 GMT
x-fastly-to-nlb-rtt: 25153
access-control-allow-credentials: true
X-Firefox-Spdy: h2
206.196.98.136
87.248.119.251
185.235.87.92
52.28.153.165
188.114.96.1
104.18.32.68
52.30.44.143
2.18.172.195
185.80.36.245
23.43.133.70
141.226.228.48
37.157.2.234