pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=102d7397ab25cd77d3e1d5beb1d8ef&n=tune&AFFID=477232&subid=1_ARAD04
200 OK 17 kB URL HTTP/1.1 pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=102d7397ab25cd77d3e1d5beb1d8ef&n=tune&AFFID=477232&subid=1_ARAD04
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14847), with CRLF, LF line terminators
Hash 95dc66bd209df2f2201fb9b79dc13bd0
c7804f065d5cf7535a1f3bcb80c5c673ac3dbc13
1f753ec8f9b61e7171725af2b9cfeb962073b980d036b0531eed70b28112f40e
GET /uc-grplus-vsl01-aff/?offer=2&session_id=102d7397ab25cd77d3e1d5beb1d8ef&n=tune&AFFID=477232&subid=1_ARAD04 HTTP/1.1
Host: pages.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 14:55:53 GMT
content-type: text/html; charset=utf-8
content-length: 17377
set-cookie: ubvs=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b; Max-Age=259200; Domain=upwellness.com; Path=/; SameSite=Lax
ubpv=ak%2C65d0fec8-b023-4c4b-ac8b-d609707436f9; Max-Age=15897600; Path=/uc-grplus-vsl01-aff/; SameSite=Lax
content-location: http://pages.upwellness.com/uc-grplus-vsl01-aff/
etag: "ak:98aaf2fec207450e9e1b20e6cbba5d1b"
link: <http://pages.upwellness.com/uc-grplus-vsl01-aff/>; rel="canonical"
x-unbounce-pageid: 65d0fec8-b023-4c4b-ac8b-d609707436f9
x-unbounce-variant: ak
x-unbounce-visitorid: 98aaf2fe-c207-450e-9e1b-20e6cbba5d1b
content-encoding: gzip
x-proxy-backend: page-server
connection: close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4627
Expires: Thu, 24 Nov 2022 16:13:00 GMT
Date: Thu, 24 Nov 2022 14:55:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 366bca8f21d647216d9f46abd7749d88
0e598391e02ff4f47c3198876b9f014512868702
1a948d47bb1f6ff135d1dd685e65cd625135e45414066055524880ed2a019e5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A948D47BB1F6FF135D1DD685E65CD625135E45414066055524880ED2A019E5F"
Last-Modified: Wed, 23 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5036
Expires: Thu, 24 Nov 2022 16:19:49 GMT
Date: Thu, 24 Nov 2022 14:55:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10942
Expires: Thu, 24 Nov 2022 17:58:15 GMT
Date: Thu, 24 Nov 2022 14:55:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X2+08zuzIJ644L683/US8yT8oqDDf8a3PNFpJ3Ph3RqkXplc9MvZu/Z3NWGydGvjEiuQU/HI/Ow=
x-amz-request-id: BPN174B2R62X82XS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 14:40:26 GMT
age: 927
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash fc31c24814829d76aa487e872b4679ae
ed79a33e57a8dc8421dc1e8a09f9c5acc42a1b38
5fa949be4a999c9bb91beb7cfc0bbc57b54fecb68067d2ddddc55b149db6b358
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: KeKfjfqLKajYH94pb5kePiYqLVDP2gR3RzdgOVkODHluFGKCDlzNLQ==
content-encoding: gzip
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 14:53:23 GMT
age: 429
content-type: application/json
content-length: 42056
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-css/main-7b78720.z.css
200 OK 2.9 kB URL HTTP/1.1 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP
File type ASCII text, with very long lines (15017)
Hash 4458a4d76a70cb207bcc34d6bc6f872f
f484b0b1737f7de59ca699e6cc3169d234e8f6a8
0825f8972704bc1b84e30170cd77f5ecde2d6a7dbf9e43be96c6809c2c5228d7
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2902
Connection: keep-alive
Date: Tue, 30 Aug 2022 02:28:13 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:32 GMT
ETag: "4458a4d76a70cb207bcc34d6bc6f872f"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gOKHRwM7hDmyb9-fvMhdvCA2dg9n9m6S1_kX5acZ-ChAJnW9kENG_w==
Age: 7475261
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 14:55:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
200 OK 12 kB URL HTTP/1.1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
IP
File type ASCII text, with very long lines (11879), with no line terminators
Hash b08aad2ef1dfef1576d4cbddd3ddd8fd
25e799f9b661b4cb2bd3c8c70455d1c928caa2d7
af8e0cdb45f6d957d59370dd3bbc96e2b3808be1c264569338784e4010d3ae10
GET / HTTP/1.1
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: application/json
x-amz-apigw-id: cG16NEhXDoEFgdQ=
X-Amz-Cf-Pop: ARN56-P2
X-Backend-Region: eu_west_1
Date: Thu, 24 Nov 2022 14:55:53 GMT
Age: 7199
X-Cache: Miss from cloudfront, HIT
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, must-revalidate
Vary: Accept-Encoding, Referer
ETag: c1a25e1d6816d6d62e7914c952b1818c-v0.179.2
transfer-encoding: chunked
ocsp.digicert.com/
200 OK 278 B IP
Hash d54e2cd8e1ceab1370f3eca6d1f3f793
6337f404b41c2a8fff1dadb3bf009f971fad469f
367ae1618327ffdfdadb398d5088a44494034c3b6741bb27d2cdba9c9263d8d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4446
Cache-Control: max-age=116004
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:53 GMT
Etag: "637e96bf-116"
Expires: Fri, 25 Nov 2022 23:09:17 GMT
Last-Modified: Wed, 23 Nov 2022 21:55:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
200 OK 498 kB URL HTTP/2 cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
IP
File type Unicode text, UTF-8 text, with very long lines (60034), with no line terminators
Size 498 kB (497733 bytes)
Hash 0426397a9b31146729ac86c5be8595d3
953342b7defc23d1c552eba63f42bb915aae90f3
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
GET /proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1 HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:53 GMT
content-type: application/javascript
content-length: 497733
x-amz-id-2: XfamGhBMjZBo/sWrg3mxYdwUMUL0rpYArqF2RUd2t+2nxyqUognVNx+1xnHz8Eg7hGncdCbH6WA=
x-amz-request-id: RVX6E6XRK17ASENB
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "0426397a9b31146729ac86c5be8595d3"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
age: 50148552
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1UrFCDr6%2BOxKVbdTesKU%2BylpKrl%2F%2BabUsi9U4k74rPafJfSHFUDD57MzMXbWdIDst13G7zPSHY9IlmbZrqleq81fM8bqWWUASe832Osj8XZB4OgKtnJrmSClYW6HfnOWhua"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2fcf9bf38b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-624541243
200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-624541243
IP
File type ASCII text, with very long lines (1921)
Hash 083d662db7712c7dbcac0eacb41cf270
10d0113345c25349ea0cdddfbad55787f1098308
1d0a069f292de316a44d01cfd2bbcff56ae58ebd36ca9f4ade0fc78cf5672b85
GET /gtag/js?id=AW-624541243 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 14:55:53 GMT
expires: Thu, 24 Nov 2022 14:55:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-862759327
200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-862759327
IP
File type ASCII text, with very long lines (5236)
Hash 863ee57ad27e6b7994d13762d71c13fe
a7dc1d55cd93c964ec88ebcc89c204f2f3ccd11b
d729c4fecca71d5d64f37d584e5e7099ac38ee40179f5627422d5f67bb00897a
GET /gtag/js?id=AW-862759327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 14:55:53 GMT
expires: Thu, 24 Nov 2022 14:55:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116637 bytes)
Hash daf6f411893d0a2adeebb8a9878f54dc
7359be87a83e4bf392c7465d0619f8d1a456be7b
311032200014a4c8f4650c783ebddec6f839112f53916a25b45afbbe7b318c50
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1c79d"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:53 GMT
age: 1183
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 16, 88
x-timer: S1669301754.966575,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116637
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-458254939
200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-458254939
IP
File type ASCII text, with very long lines (7857)
Hash b2d1f38233c2fe51660d1fc2d6ca11c7
cde7c4fa54bf30d9f47ecb8d289e8c9a0d1adfb6
3eef5dacf368f22befbca39ddce7bd7003ec7b4062af4c3457805c58b72c03b4
GET /gtag/js?id=AW-458254939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 14:55:53 GMT
expires: Thu, 24 Nov 2022 14:55:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
IP
File type ASCII text, with very long lines (5766)
Hash c5713c4b237be6138bceb953db47ad81
9e7704658f28e648a97f7ec0ad9957107249f74d
7ef1b4f74d2af92a1833e47530775352dc62042b077cc81d4c1cdee72578c4ed
GET /embed/medias/aeu9oe7qwy.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"a99b6fdfffab770aaa24048dedbd8cfb"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 5fb538a0f83ff822512d28247e3e8098
x-runtime: 0.048921
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:53 GMT
age: 83226
x-served-by: cache-iad-kiad7000112-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 189, 1
x-timer: S1669301754.974427,VS0,VE3
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1828
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 50e18bc3c320590115d0a70f1cfd914d
9b177aa986e68e2a24f3381976b75cbbd1b80724
f79a562cb32fa803f6f4635b25d9232213b59bf432cdfabbe4fda914cc04eb51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F79A562CB32FA803F6F4635B25D9232213B59BF432CDFABBE4FDA914CC04EB51"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11395
Expires: Thu, 24 Nov 2022 18:05:48 GMT
Date: Thu, 24 Nov 2022 14:55:53 GMT
Connection: keep-alive
fast.wistia.com/embed/medias/tmmqdtznyg/swatch
200 OK 4.3 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg/swatch
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash fb5a783f53d0a1085ac33c2afda39271
ba3edaca28fc953f25c45261c637e8d880d1e357
b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b
GET /embed/medias/tmmqdtznyg/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31445204
content-disposition: inline
content-type: image/jpeg
last-modified: Tue, 13 Apr 2021 18:37:38 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:53 GMT
age: 83245
x-served-by: cache-iad-kiad7000078-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 147, 1
x-timer: S1669301754.988464,VS0,VE2
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4324
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:53 GMT
Last-Modified: Thu, 24 Nov 2022 13:29:07 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 50e18bc3c320590115d0a70f1cfd914d
9b177aa986e68e2a24f3381976b75cbbd1b80724
f79a562cb32fa803f6f4635b25d9232213b59bf432cdfabbe4fda914cc04eb51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F79A562CB32FA803F6F4635B25D9232213B59BF432CDFABBE4FDA914CC04EB51"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11394
Expires: Thu, 24 Nov 2022 18:05:48 GMT
Date: Thu, 24 Nov 2022 14:55:54 GMT
Connection: keep-alive
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP
File type ASCII text, with very long lines (5704)
Hash 4b18b8ac1feee46cee549e20f5777d5d
a0237519b3a71c1e032ae979c73927279eccd97f
0c4feae762fbfb6dd4ae31b74afc8604c28a437a728d8a56c67e28291915203f
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"bf071dd4d7070d67cab791a52e40e7f3"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: a549093dd23e501d17d0921787c30bb5
x-runtime: 0.049328
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:53 GMT
age: 83245
x-served-by: cache-iad-kcgs7200078-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 140, 1
x-timer: S1669301754.990452,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1817
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
200 OK 4.0 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash bedc068a9cc6964d07e1673050cbb3ec
ba9a082014112801aa5b12602be54b52792d0a2d
0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa
GET /embed/medias/aeu9oe7qwy/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31450552
content-disposition: inline
content-type: image/jpeg
last-modified: Wed, 23 Mar 2022 20:25:50 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:54 GMT
age: 83226
x-served-by: cache-iad-kiad7000125-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 200, 1
x-timer: S1669301754.092756,VS0,VE2
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4021
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 14:17:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2316
alt-svc: clear
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"bf071dd4d7070d67cab791a52e40e7f3"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 24 Nov 2022 14:55:54 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"bf071dd4d7070d67cab791a52e40e7f3"
age: 83245
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669301754.108353,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8635d5eafa19971429ef44ab7bce748c
2a484a8d986970cde94cceb82c047dc60070d740
6a8f2579710defb58d178518ef7d738096ea33a1f9bef423b3b69eea8296fb97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8F2579710DEFB58D178518EF7D738096EA33A1F9BEF423B3B69EEA8296FB97"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Thu, 24 Nov 2022 20:55:44 GMT
Date: Thu, 24 Nov 2022 14:55:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ef440a88e8e4104788e359d4e927ed3b
f5a99548c90ddf0bf4f6d466d5306de96eab13e4
d7374ea480bd8c39e1cd345e512e3284cbbafca26894f951b008c50086260358
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7374EA480BD8C39E1CD345E512E3284CBBAFCA26894F951B008C50086260358"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14395
Expires: Thu, 24 Nov 2022 18:55:49 GMT
Date: Thu, 24 Nov 2022 14:55:54 GMT
Connection: keep-alive
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
200 OK 744 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
IP
File type ASCII text, with CRLF line terminators
Hash 3110f39a7f2fe9edef25454e9b7a57c2
273c540727af9f5f57cf7f0164d8eb43c56c1b71
b6591997ffdba5b81c1af7fa96a8f6cf26597eb4046d64f91301eb1000a54853
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 744
set-cookie: AWSALB=bEBatiQbx1N9PY43Ld1T0XQ8C1mDLiW/hP1heFD7VjCUYeXNNkhtZLDtLoGsx4U4WkvVzgnBIh1ugcprHcjvKpnu6XiS9TrsE9p6zU8Qv7Cq0RCi7vJvtuOANooq; Expires=Thu, 01 Dec 2022 14:55:54 GMT; Path=/
AWSALBCORS=bEBatiQbx1N9PY43Ld1T0XQ8C1mDLiW/hP1heFD7VjCUYeXNNkhtZLDtLoGsx4U4WkvVzgnBIh1ugcprHcjvKpnu6XiS9TrsE9p6zU8Qv7Cq0RCi7vJvtuOANooq; Expires=Thu, 01 Dec 2022 14:55:54 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
200 OK 251 B URL HTTP/2 store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
IP
File type ASCII text, with CRLF line terminators
Hash e6735c6f608ee64c784286185e5ec194
fc90f684a019712ed8bba84418bd7aee5e691bb9
5a74dbf85d18206e84e65be38b869a0a2cc8bc71ac8adeb26321ccc5ef1411e2
GET /cgi-bin/UCInvisibleLink?merchantId=UPWEL HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 251
set-cookie: AWSALB=DWJp+euRO1AVNCuqF6Alk85Tnk8+GJV9EisjKCMKq25RnJcMmti/0shaB7ZtHYN/NBcpCstP0pA/cJ8hBAxmBjnFGhVzzBdz9A3k7cwYeBa180oIcSK1TMNiI+mj; Expires=Thu, 01 Dec 2022 14:55:54 GMT; Path=/
AWSALBCORS=DWJp+euRO1AVNCuqF6Alk85Tnk8+GJV9EisjKCMKq25RnJcMmti/0shaB7ZtHYN/NBcpCstP0pA/cJ8hBAxmBjnFGhVzzBdz9A3k7cwYeBa180oIcSK1TMNiI+mj; Expires=Thu, 01 Dec 2022 14:55:54 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
200 OK 49 B URL HTTP/1.1 h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1467ad668080ed4ab50a1408a712cdcc
e0e5faa2d11a93edc33ee27f07885e0dd48110b4
7d7d1c1b75be5d8b716b9c137e025932f6f2e8391c978f08620b6ad892775096
GET /v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking HTTP/1.1
Host: h.upwellnessfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 24 Nov 2022 14:55:54 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 49
Connection: keep-alive
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Front-End-Https: off
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 05c4af622be1226c15bb6bb6f6f431d6
d23c989df550993820675156521b59cf2c20e9ed
b69240f438f7b8cd110c7b60a29b4a2cd9dc00199262c398b68198f7a4c1fb52
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121688
Date: Thu, 24 Nov 2022 14:55:54 GMT
Etag: "637ea784-1d7"
Expires: Sat, 26 Nov 2022 00:44:02 GMT
Last-Modified: Wed, 23 Nov 2022 23:06:44 GMT
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YwVgZOKkAdCPWVK-i1EkyYO20LjarWFqfbVXjIrA7siMuUhX2qh1CA==
Age: 5838
cdn1.decide.dev/tracking/rainmakeradventures_lander.js
200 OK 464 B URL HTTP/2 cdn1.decide.dev/tracking/rainmakeradventures_lander.js
IP
Hash 7054723b6a6eed17ac7847d1b707d066
a4598de53373b261894b303fab9af8eab13a0733
cbc08b75c10d1e09b20f40487007a2c0e97b72f3e47ca6f32078151feb5f54d1
GET /tracking/rainmakeradventures_lander.js HTTP/1.1
Host: cdn1.decide.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:54 GMT
cache-control: max-age=3600
content-encoding: gzip
content-length: 464
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 21:01:54 GMT
accept-ranges: bytes
etag: "ab885b5f44f7974dc5f7edafa552231e"
x-hw: 1669301753.cds248.sk1.hn,1669301753.cds238.sk1.sc,1669301754.cds238.sk1.pr
timing-allow-origin: https://decide.dev
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 14:08:53 GMT
cache-control: public,max-age=3600
age: 2821
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5831
Cache-Control: max-age=157686
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:54 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:44:00 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
fast.wistia.com/assets/external/wistia-mux.js
200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP
File type ASCII text, with very long lines (65468)
Hash 8ca4953da62f6c8a05b7f2d7333a83f7
c68e554587e7e3dc6da836b6501e926ae543f933
9d7adbd9c2243a23cf7cb8ab534ce188da6f2b78d75e52ab79fb6af490dc6279
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-7a30"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:54 GMT
age: 1183
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 55
x-timer: S1669301755.659396,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31280
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
200 OK 27 kB URL HTTP/2 fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a686c0bdd166da361e392970ebc6a3c4
36ecf480d71b173712b94c10e1b1cea3a89ba910
be3589dd82bc15545e29628e62b7e6ea6269a58bb86f4b97ca25507fcdb54f9e
GET /assets/external/thumbnailTextOverlay-v2.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-683f"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:54 GMT
age: 1161
x-served-by: cache-iad-kiad7000094-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 39, 1
x-timer: S1669301755.715898,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 26687
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/videoThumbnail.js
200 OK 20 kB URL HTTP/2 fast.wistia.com/assets/external/videoThumbnail.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 95ea5c70b7b57e5d27aeae638c293447
f9d4577aa7199d3de1f3aa97f59550e56e6a5680
394f3bde7c52645c87752a164402c4aa0936cf21c3f469f4ea81cd5d5a19a73e
GET /assets/external/videoThumbnail.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-4e13"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:54 GMT
age: 1181
x-served-by: cache-iad-kiad7000063-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 48, 4
x-timer: S1669301755.716708,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 19987
X-Firefox-Spdy: h2
store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=http%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
200 OK 139 B URL HTTP/1.1 store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=http%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
IP
File type ASCII text, with CRLF, LF line terminators
Hash d3a43a5ddd40cf1386b20c9364848b5b
cb45adb531bda1e64f08994992cf4b6d1927e837
889bf40efbe130ebd0b5ba5d12aafcf0a08c4f8a00306a850d88530e8e1c32d3
GET /affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=http%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Cookie: ubvt=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b; _gcl_au=1.1.393777633.1669301754
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:54 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 139
Connection: keep-alive
Set-Cookie: AWSALB=muy53rMrmL16qv7A9d6swF8hfD2qMxS7J1KMWVT7usNKj9SRjfh1LOaTrFgTgUhQe9M4ZGAfB6utUtkdb6Fbd1vaMeCrV1BTPD9/+9TeooDNIzoMzbZEL3ZId3LN; Expires=Thu, 01 Dec 2022 14:55:54 GMT; Path=/
AWSALBCORS=muy53rMrmL16qv7A9d6swF8hfD2qMxS7J1KMWVT7usNKj9SRjfh1LOaTrFgTgUhQe9M4ZGAfB6utUtkdb6Fbd1vaMeCrV1BTPD9/+9TeooDNIzoMzbZEL3ZId3LN; Expires=Thu, 01 Dec 2022 14:55:54 GMT; Path=/; SameSite=None
UltraCartShoppingCartID=27B3E363474F740184AA235B271FB500;Version=0;Path=/;Domain=.upwellness.com
ucacid=1172148557.698293;Version=0;Path=/;Domain=.upwellness.com;Max-Age=315360000
ucacid=1172148557.698293;Version=0;Path=/;Domain=store.upwellness.com;Max-Age=315360000
JSESSIONID=abcbAQZPs_mM8dhmmDub6; path=/; HttpOnly
LBJSESSIONID=abcbAQZPs_mM8dhmmDub6.n223; path=/; HttpOnly
Server: Apache
X-Content-Type-Options: nosniff
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary: Accept-Encoding
Content-Encoding: gzip
ads.nextdoor.com/public/pixel/ndp.js
200 OK 3.0 kB URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP
File type ASCII text, with very long lines (6599), with no line terminators
Hash cc3a8659ba0266e3e19b267e0cdce4af
8b01e885d287725b897c1a67b99dedd2a343a5e5
399dd664ee5f3f88bed9f16f07cbbfc214f58f86c4e327957a8f155d8e08a1bd
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:54 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Mon, 21 Nov 2022 21:46:16 GMT
vary: Accept-Encoding
etag: W/"637bf1a8-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FAPMb+uCFbjekJw6E18K2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pTP1Ghr0GX4FZatsb/l6ePISTHY=
builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
200 OK 34 kB URL HTTP/1.1 builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1825a0c47b2e38b6cf30a4072987bce1
1710545a9d62ae8aaf4b1dd415ffd910df671839
0b4478d998fd8dc7dd45411ac1d80c70e89194ec993a6ef4c53676ba92ab1282
GET /published-js/main.bundle-384ff03.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 33495
Connection: keep-alive
Date: Tue, 30 Aug 2022 01:41:30 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:26 GMT
ETag: "1825a0c47b2e38b6cf30a4072987bce1"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N6C-LhzDRtesiH-w-Pgx0y1JMr2DLANWeerH6XX16eo9hNPjzu5n_w==
Age: 7478065
b-code.liadm.com/a-057g.min.js
200 OK 11 kB URL HTTP/1.1 b-code.liadm.com/a-057g.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (30660)
Hash 649973a951d4a0b63b7a9504dd502b33
44029549df4e673add495cd965049dd3b1c2ca11
18c3fa47e2de6bc61ccaba3dd6a9836c0246856473bbe3e73739ac38cb6ea54e
GET /a-057g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 24 Nov 2022 06:49:16 GMT
Cache-Control: "public, max-age=86400"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ozuS7F99lf_MTuSnq83tN9p6YMob8KZdyOx-fF93QqXd33NA3cfJiw==
Age: 29198
amplify.outbrain.com/cp/obtp.js
200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 24 Nov 2022 15:15:54 GMT
Date: Thu, 24 Nov 2022 14:55:54 GMT
Content-Length: 5276
Connection: keep-alive
d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
IP
Hash f6420c864830b5860bfaadd47a2bb21b
935d2ed35f43eb0f1aea9b0642df0d7f4770def7
6f36d2d4b4b9df950fd0dd0d57e0eacb7c4217e8086b4ef940cbd6e526930462
GET /ub.js?1618514269 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1856
date: Mon, 29 Aug 2022 01:57:45 GMT
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
etag: "f6420c864830b5860bfaadd47a2bb21b"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mi8wfgTiJtYoGBkj_4Z-hAGgsFa26DkZ7i2BaSeZBpuIAN_6hHqKtg==
age: 7563490
X-Firefox-Spdy: h2
d3pkntwtp2ukl5.cloudfront.net/uba.js
200 OK 2.6 kB URL HTTP/1.1 d3pkntwtp2ukl5.cloudfront.net/uba.js
IP
Hash 0cb14d8485b6f6b47cfcc358cffdb6c1
3e052d8a13ea9277107483eb15ab56cf48c30ca7
ebe392be31434870228d4ee67cf35874bee9cbe5c24b59c99cdd7e0901845023
GET /uba.js HTTP/1.1
Host: d3pkntwtp2ukl5.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2649
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2017 22:50:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 23 Nov 2022 19:15:32 GMT
ETag: "0cb14d8485b6f6b47cfcc358cffdb6c1"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lTyjtbVQrgUrHdm65-9Jd0xS7Zs_xKdzcwCKiCQX2EnPq5jcXa6IrA==
Age: 70895
bat.bing.com/bat.js
200 OK 11 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11421
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 21:23:50 GMT
Accept-Ranges: bytes
ETag: "077538f81f4d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=3473BA34AD3260843020A852AC656104; domain=.bing.com; expires=Tue, 19-Dec-2023 14:55:55 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 39F49088CE2447EA8D9B398C72FD7412 Ref B: OSL30EDGE0406 Ref C: 2022-11-24T14:55:54Z
Date: Thu, 24 Nov 2022 14:55:55 GMT
cdn.js.customerlabs.co/cl4975ot4arrr6.js
200 OK 191 kB URL HTTP/1.1 cdn.js.customerlabs.co/cl4975ot4arrr6.js
IP
File type ASCII text, with very long lines (33540)
Size 191 kB (191202 bytes)
Hash 9bc0790bc835c816132d6d632d1fe678
d7ff94e3db5e659963e7a828053c2472af6d751d
989a353c87693ae8700e24dacf7d12637287b303896573ac84fa0211244f4615
GET /cl4975ot4arrr6.js HTTP/1.1
Host: cdn.js.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 191202
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Access-Control-Expose-Headers: ETag, x-amz-meta-custom-header
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 21 Nov 2022 21:23:13 GMT
x-amz-version-id: C1DASnfA0sWthFzaWaR0QLMU9MXInfPn
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: max-age=60
ETag: "9bc0790bc835c816132d6d632d1fe678"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Cache: RefreshHit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: 2JWcKyuyn5GCEY3ti8DSa-aOs3q_EyobNNmDhczYNHOEh3qBaEMIyA==
s.yimg.com/wi/ytc.js
200 OK 5.9 kB IP
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TQC3qYEfpqks1fFREmkwcNet7k7s7x7EZ2uYjuh0PgSfPfQg7FqU91SxUs0IAQ4qG4KZotydQTI=
x-amz-request-id: T2T9SX80CXZMMG8A
date: Thu, 24 Nov 2022 14:40:16 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 940
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 14:41:08 GMT
expires: Thu, 24 Nov 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 887
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
200 OK 1.1 kB IP
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3741
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Last-Modified: Thu, 24 Nov 2022 13:53:35 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669301754191&cv=11&fst=1669301754191&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 954 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669301754191&cv=11&fst=1669301754191&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2037), with no line terminators
Hash a9850b5bda38b8595a5f959dc0979eae
e90befd607d5a98347661e0ba798723508ccaf4d
8bd3322961a201f49a6114b6d4c8f08cce0171e24b8ef2a0e562a1a2a7b7e062
GET /pagead/viewthroughconversion/862759327/?random=1669301754191&cv=11&fst=1669301754191&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:10:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1669301754291&cv=11&fst=1669301754291&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 954 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1669301754291&cv=11&fst=1669301754291&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2037), with no line terminators
Hash 62ce27a3554cde649223858fe7b2b36e
5e22357ece988e63a46e6f92fb387beb75462382
0f4fc72b2b6cc112104d655d4841cfd6fb02670ddf5c6fdecad6eee6a8aaeb2f
GET /pagead/viewthroughconversion/458254939/?random=1669301754291&cv=11&fst=1669301754291&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:10:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1669301754427&cv=11&fst=1669301754427&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 955 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1669301754427&cv=11&fst=1669301754427&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2037), with no line terminators
Hash 4967e69145e6d79c59d8496866187bce
150502b83bba99f7cb84b88c595b3861ed7bf2da
c66491fe9256d76f8e778771d128f998ac719ab6548e15fc04333f55d925bcbc
GET /pagead/viewthroughconversion/675938688/?random=1669301754427&cv=11&fst=1669301754427&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 955
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:10:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669301754202&cv=11&fst=1669301754202&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 954 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669301754202&cv=11&fst=1669301754202&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2037), with no line terminators
Hash 4520e7a0252ef4e0f0ef0f2dd6f9a080
2b8f8b30410e95f76bcdfc9e8aead2679421bdf0
1d18673e67f5417d33915c1e100bc79978e63b68d489670003cf37c8fa763053
GET /pagead/viewthroughconversion/862759327/?random=1669301754202&cv=11&fst=1669301754202&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:10:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1669301754121&cv=11&fst=1669301754121&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1669301754121&cv=11&fst=1669301754121&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2037), with no line terminators
Hash b347c7b92b753f77cb4f6758017dc34d
ae2912b57778417de6c9927f99bc964260e3fa8b
30d7ffe5cccac2155b9ee675925ccd28d8860a2eabb13036521309cda25fdf47
GET /pagead/viewthroughconversion/624541243/?random=1669301754121&cv=11&fst=1669301754121&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:10:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1225872/tfa.js
200 OK 18 kB URL HTTP/1.1 cdn.taboola.com/libtrc/unip/1225872/tfa.js
IP
File type ASCII text, with very long lines (58488)
Hash cba749de2564af41c25142b52b1a9254
e089b2dc346c754fa6e5e0e50a0345ea18451ba9
e6e99427e313b68c6d3f27864a13a23169f5fbee3f59d2f78bd097df5982864c
GET /libtrc/unip/1225872/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17946
x-amz-id-2: qpT2YeNsswasDSXp4oIEw2V6wynzthrbYTOC8bhFiL4qCH6hg/qqHSFkKTZ/Zrxf7zlOUwqUpsU=
x-amz-request-id: 33PYZ55ZGB9SHA15
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 20 Nov 2022 11:20:49 GMT
ETag: "529c36a298268cdab3b94c05d8d39bfc"
x-amz-version-id: 1ISsJshg78FFwoPyGORj_DGaRAfZZEpP
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 24 Nov 2022 14:55:55 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1660-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1669301755.996149,VS0,VE194
Cache-Control: private,max-age=14401
Vary: Accept-Encoding
abp: 12
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1669301754150&cv=11&fst=1669301754150&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 958 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1669301754150&cv=11&fst=1669301754150&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2041), with no line terminators
Hash 8e86b1e53687289e9321f80763b613ec
70708d5b617dd3329b1d06d8f68c4e8b44c1af46
d754f559017ae669657a2b258af183cfb03171d71905878b6fae3b81c424e9fb
GET /pagead/viewthroughconversion/10838597190/?random=1669301754150&cv=11&fst=1669301754150&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&auid=393777633.1669301754&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 958
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 15:10:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Wed, 31 Aug 2022 03:46:21 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SHpd_Uy4m6B2t6IAzmS4KBbA84esLesuXlIJ87ntDTMwtx68XFa6YA==
age: 7384174
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: kpkr8MwvJNhYTemi6jrRpFG7DxjApHV8MbgF3Du8L0nKAYR37sb1ei3jjqczxoimSVY78yk//qTN1q8zj0R0+w==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 14:55:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
200 OK 1.0 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash 9ac72e37f90441dec8054ca9fad4f958
c34ba3dfccc201d169861b88ae8172a8902559ef
6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918
GET /pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1035
Connection: keep-alive
Date: Tue, 08 Nov 2022 16:15:49 GMT
Last-Modified: Thu, 03 Nov 2022 17:16:32 GMT
ETag: "9ac72e37f90441dec8054ca9fad4f958"
Cache-Control: max-age=31557600
x-amz-version-id: WXrDW6vydO9DbnAmhapDbd2YU_qodpyj
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0Q7_ZXSAxGTJw_jIhr9Q62wF9Y_UKjrmRtIyxX4gtccCBN9I05nRvw==
Age: 1377607
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
200 OK 742 B URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash b02c898ea0b0b138b4c46168d31ebc9b
d9ac970e50ee53c042ad38a2c706d3e0d5662f99
f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab
GET /pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 742
Connection: keep-alive
Date: Sat, 29 Oct 2022 01:33:07 GMT
Last-Modified: Wed, 26 Oct 2022 17:19:47 GMT
ETag: "b02c898ea0b0b138b4c46168d31ebc9b"
Cache-Control: max-age=31557600
x-amz-version-id: kIEilbCNatkb7a84cv8uul2EsrboYjdG
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: COerw7GtUu4x1TFB-h3-NtlkpTHLCKcBd4BueZbxBJ6EKVy_I-mIvQ==
Age: 2294569
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
200 OK 3.3 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
IP
File type PNG image data, 246 x 91, 8-bit colormap, non-interlaced\012- data
Hash b5c5f324193b5e16bbbeba489c9bf2f9
9f6c6b0feb1141dba640af2237d35ae33fc36677
84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153
GET /pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3345
Connection: keep-alive
Date: Fri, 11 Nov 2022 01:40:50 GMT
Last-Modified: Thu, 03 Nov 2022 17:16:32 GMT
ETag: "b5c5f324193b5e16bbbeba489c9bf2f9"
Cache-Control: max-age=31557600
x-amz-version-id: qAtlv8qMpnezwJzGk_sJtgf18GBQNVLi
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kCCjx83Sl8rXbn5Pv90ME7YcHn1UyOGV5X5g6xDtu7n3DsqsU3pl1g==
Age: 1170906
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png
200 OK 393 B URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png
IP
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 3ff814e5236412c48f322c8898ef45bc
03bb8e101a159000a746aa4c781db1347e90535d
579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba
GET /pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 393
Connection: keep-alive
Date: Sun, 18 Sep 2022 07:59:09 GMT
Last-Modified: Fri, 02 Sep 2022 15:02:02 GMT
ETag: "3ff814e5236412c48f322c8898ef45bc"
Cache-Control: max-age=31557600
x-amz-version-id: xTEJkOHzfKHlADvFh7BSrD5ltmxEgYDT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l5QX292A9KY7b49vE4boIEYpge2VOpzfZ72nMSSGRbOIDfeq3Cl21g==
Age: 5813807
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png
200 OK 404 B URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png
IP
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 6d0abbec035ce0c4075e7e7b8ee68550
2ecf92d54541667646b2364ce347baa45a57f77b
9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306
GET /pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 404
Connection: keep-alive
Date: Wed, 24 Aug 2022 03:44:00 GMT
Last-Modified: Fri, 19 Aug 2022 13:11:08 GMT
ETag: "6d0abbec035ce0c4075e7e7b8ee68550"
Cache-Control: max-age=31557600
x-amz-version-id: kmb8cUpvzx1e0W5zrYgEVmUNy2_n_cDY
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iIYgk0yA7GvgrbABfiWeLSw3vwVTxWuYwXJy0W5ITimAbhZ3fAlR9A==
Age: 7989116
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
200 OK 9.6 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
IP
File type JPEG image data, baseline, precision 8, 252x252, components 3\012- data
Hash 6ca7442dfba9d9e783f10f04dfcaa249
224afddf15c4f93481f56a2a997d752f09b38962
17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59
GET /pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 9585
Connection: keep-alive
Date: Sat, 03 Sep 2022 04:46:02 GMT
Last-Modified: Fri, 02 Sep 2022 15:02:02 GMT
ETag: "6ca7442dfba9d9e783f10f04dfcaa249"
Cache-Control: max-age=31557600
x-amz-version-id: NAExZ8YNpNiGKXHp074OCSOuQTslKLnz
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nMbSUiMHBSaM5aMHfNl6mkIizvYBwepaa2wVHOmzgMqH2x31F37drw==
Age: 7121394
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
200 OK 3.0 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
IP
File type PNG image data, 92 x 92, 8-bit colormap, non-interlaced\012- data
Hash 3e5b99433b8b72478180f7e404014a0b
dd2dc5346993430fd18898e72b853d4a8571cf54
316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3
GET /pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2978
Connection: keep-alive
Date: Wed, 16 Nov 2022 00:57:24 GMT
Last-Modified: Thu, 03 Nov 2022 17:16:32 GMT
ETag: "3e5b99433b8b72478180f7e404014a0b"
Cache-Control: max-age=31557600
x-amz-version-id: w4jMdFtzcllpfRvLDKyyyOIXg8rKQ2CP
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DRKAjT8UGheB-tAd5Faphl0SecAWM7p8ZMQPN6FBxQcbJO5A8_bNww==
Age: 741512
ocsp.digicert.com/
200 OK 471 B IP
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3741
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Last-Modified: Thu, 24 Nov 2022 13:53:35 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
200 OK 4.9 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
IP
File type JPEG image data, baseline, precision 8, 156x156, components 3\012- data
Hash 86140e94391c453d7e943ecd2c76a385
87165779b2df1e9dc76345b53d6af5df0e7b5160
635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da
GET /pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 4874
Connection: keep-alive
Date: Tue, 15 Nov 2022 03:35:00 GMT
Last-Modified: Thu, 03 Nov 2022 17:16:32 GMT
ETag: "86140e94391c453d7e943ecd2c76a385"
Cache-Control: max-age=31557600
x-amz-version-id: AMabXqYDu7m_QZ2hbRjrLSrKe1h4lxGX
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 19GUHab4MXGbKxI3cmpf0rbY86KE2HugNjym-UZcsgNuQ7p7tIyFzg==
Age: 818456
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
200 OK 1.3 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash c3187d70acad4469f04dd3d18fa9e6c3
7fd04ec574ffdaf4310b21dce8e0e68a1dccce36
282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9
GET /pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1275
Connection: keep-alive
Date: Sat, 12 Nov 2022 00:36:46 GMT
Last-Modified: Thu, 03 Nov 2022 17:16:32 GMT
ETag: "c3187d70acad4469f04dd3d18fa9e6c3"
Cache-Control: max-age=31557600
x-amz-version-id: T_0nxU6loFzRDd9fqV_6RgHnlX2uGNyi
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ag-conBrJRK1PFIeZ3qTzWSsOXKA-vzj3-fdqidfQcCm-YALRkj9sA==
Age: 1088349
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 34bb0e5fa5833e8a7b4d0a69564e6257
44df77bd8988136e44abd3cbead7404417a1d9e2
397ee078a4d76a1274959075c6f875a6f9ee61cce732327dddc0140816ee676d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "397EE078A4D76A1274959075C6F875A6F9EE61CCE732327DDDC0140816EE676D"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14388
Expires: Thu, 24 Nov 2022 18:55:43 GMT
Date: Thu, 24 Nov 2022 14:55:55 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
200 OK 784 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
IP
Hash cbd8d6021b3b57ceba34c8107fab02db
888dd89bd018c7922e6c3c1b6c4248acc4f93c8e
e7a64a25052aefff0baf6fabebb096725a9c9de624dea609b3ac360ada496b99
GET /css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 14:55:55 GMT
date: Thu, 24 Nov 2022 14:55:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=27015508&Ver=2&mid=81e99097-6e03-488a-9df1-9d0c9e147333&sid=18b1d1406c0811ed89c8f549bc57076a&vid=18b1b8606c0811ed958545668b6a4dac&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&r=<=1886&evt=pageLoad&sv=1&rn=279758
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27015508&Ver=2&mid=81e99097-6e03-488a-9df1-9d0c9e147333&sid=18b1d1406c0811ed89c8f549bc57076a&vid=18b1b8606c0811ed958545668b6a4dac&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&r=<=1886&evt=pageLoad&sv=1&rn=279758
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27015508&Ver=2&mid=81e99097-6e03-488a-9df1-9d0c9e147333&sid=18b1d1406c0811ed89c8f549bc57076a&vid=18b1b8606c0811ed958545668b6a4dac&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&r=<=1886&evt=pageLoad&sv=1&rn=279758 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2CDE36BF263B60DC29F424D927CE61E6; domain=.bing.com; expires=Tue, 19-Dec-2023 14:55:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3856DA7DCCCC4AB5A418E32E4C1E9138 Ref B: OSL30EDGE0106 Ref C: 2022-11-24T14:55:55Z
date: Thu, 24 Nov 2022 14:55:54 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/config/10175858.json
200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10175858.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ad716787c5ee7f50ab6806a8dfac76d
31d18a36b7472a44913f9871c1ea0d3530f17060
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
GET /wi/config/10175858.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8ZSrDjVJsTec9rpUB6vnszDqMF6Po0ulvXOTknYES2B9mRP1RpbNXOulOKNUrY1LljBjjTkiSOM=
x-amz-request-id: RA8ZS8N6377GNP6A
date: Thu, 24 Nov 2022 05:05:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 14 Jan 2022 20:54:46 GMT
x-amz-expiration: expiry-date="Sun, 19 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: fa2aBktS.tlgTipU0DLTD9VeWF6_YTMO
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
age: 35442
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/index.html
200 OK 325 B URL HTTP/2 cdn.useproof.com/proxy/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash f92252b1f21fd30ac52b59395971ecdb
ecb588481454091dcfea3c925c83577425497626
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
GET /proxy/index.html HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:55 GMT
content-type: text/html
content-length: 325
x-amz-id-2: HLTuYPpwkLX0vIBbTzXGK7jBTw/itAEu/wMy+5F+eKQr5YT/UeZPANj8Iq30Gu7aXaTcSBMqHoU=
x-amz-request-id: QM43JGM1007DZ5AK
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kBjrKehqNtXvXtUtDxhb2OIb5PaBopY81owhJHPMo%2BjlEVSCn7z1hdHSS%2BdJ4ViA95rY5xdv6ZtPFDgc6MlqeUEHQDHFG6iCYeN1QvfzZ3JNvzimpM9crk59TAdLTrRIryj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd005817b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/config/10056129.json
200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10056129.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash fc5f6676b4f2531b36b8c7120da6ecca
e7ddbe9b016bc7594e9d5f3a7bf960b56226d5de
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
GET /wi/config/10056129.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T1EIW3PR4N+PsmCrbe4YeaDdjYgdKUW61JyUxU0iBq+dmNTGKOW8JFc+HumFXj8aXI1hEzLpqz8=
x-amz-request-id: RA8JCJ8B3F2XYXXW
date: Thu, 24 Nov 2022 05:05:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
age: 35442
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
200 OK 8.6 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
IP
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b5dc3661602dcf8810766c01556df41b
a84687898568cf8ae0ba6c4b35886b3ee4dfbd17
91e84a8da7499abc9388eed1192e8363c8dfe07e28e6300c69ee25be1a4eb994
GET /wp-content/uploads/2016/08/apple-touch-icon-144x144.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:55 GMT
content-type: image/png
content-length: 8622
server: Pagely-ARES/1.10.15
x-gateway-request-id: 1d7d1ef2c86dfb7f009329932b4ebd82
last-modified: Fri, 23 Sep 2022 23:01:07 GMT
etag: "21ae-5e960272eb24c"
expires: Wed, 21 Dec 2022 08:04:16 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/624541243/?random=1669301754121&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3472488615&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/624541243/?random=1669301754121&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3472488615&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1669301754121&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3472488615&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/862759327/?random=1669301754202&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540440357&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/862759327/?random=1669301754202&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540440357&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1669301754202&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540440357&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/27015508.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27015508.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27015508.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1F5E8B6A500C64DC1CA2990C51F965A0; domain=.bing.com; expires=Tue, 19-Dec-2023 14:55:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5AF408B7F7004E1BA2EE312B3AF2E96B Ref B: OSL30EDGE0106 Ref C: 2022-11-24T14:55:55Z
date: Thu, 24 Nov 2022 14:55:55 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/675938688/?random=1669301754427&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3632417194&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/675938688/?random=1669301754427&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3632417194&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1669301754427&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3632417194&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/458254939/?random=1669301754291&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3057333486&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/458254939/?random=1669301754291&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3057333486&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1669301754291&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3057333486&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10838597190/?random=1669301754150&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2456330634&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10838597190/?random=1669301754150&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2456330634&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1669301754150&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2456330634&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 34bb0e5fa5833e8a7b4d0a69564e6257
44df77bd8988136e44abd3cbead7404417a1d9e2
397ee078a4d76a1274959075c6f875a6f9ee61cce732327dddc0140816ee676d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "397EE078A4D76A1274959075C6F875A6F9EE61CCE732327DDDC0140816EE676D"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14388
Expires: Thu, 24 Nov 2022 18:55:43 GMT
Date: Thu, 24 Nov 2022 14:55:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.outbrain.com/cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc
200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc
IP
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:55 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: a7fe23cc8f5da5eee3422e2daaa00ca5
content-encoding: gzip
cdn.useproof.com/proxy/proxy.js
200 OK 114 kB URL HTTP/2 cdn.useproof.com/proxy/proxy.js
IP
File type Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size 114 kB (114404 bytes)
Hash 9f4d60f4f2b143cadacb2b8b3a901401
8c25b07f5122f9875920498c20ede6045320f479
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
GET /proxy/proxy.js HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/proxy/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:55 GMT
content-type: application/javascript
content-length: 114404
cache-control: public, max-age=315360000, no-transform
cf-bgj: minify
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
x-amz-id-2: yoAjzcyRlZUSIcodHaLndl6c776jIrkHPBSIgiDtxS12xvdyq2MKSDzEETmCnivt0ELZRmo4dWc=
x-amz-request-id: YH3Z1CT1HCFY0HSJ
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
age: 48948053
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQ1xnGw1NE4HHvRGHRKCIH6ByRoJ7MUre%2BfNobLRK5r%2BHMxSeZYuBrXAkQt8kkhnMXhlQkm3HzRNBp%2BYrbuGnQY4e8ib%2FUdFLPkEYRapVRxwxUFlMp9X8LFqHzol%2BedfM9TB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f2fd039cedb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1160504245.1669301755&jid=1261887132&gjid=978496636&_gid=683203575.1669301755&_u=YGBAiEABBAAAAEAAI~&z=566575070
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1160504245.1669301755&jid=1261887132&gjid=978496636&_gid=683203575.1669301755&_u=YGBAiEABBAAAAEAAI~&z=566575070
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1160504245.1669301755&jid=1261887132&gjid=978496636&_gid=683203575.1669301755&_u=YGBAiEABBAAAAEAAI~&z=566575070 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://pages.upwellness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-795540.js?sv=6
200 OK 3.0 kB URL HTTP/2 static.hotjar.com/c/hotjar-795540.js?sv=6
IP
File type ASCII text, with very long lines (5908)
Hash cf81bfcaf124b427aa98ad5aede0c3b7
1db418a9667ee0cb71ce6650a57db36892ad353a
9b6c976a591c5ee9272d70a8ea2e309b897b5573b72c956df70fe2e61419ee1e
GET /c/hotjar-795540.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 24 Nov 2022 14:55:45 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/62cdb697209f96822b3042b4160f38e7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dffq-qKwe6T3BGNmg1g94DWRjqaQ32GCmIC_GhtIQdWQjrVLW394sw==
age: 10
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&optOut=false&bust=045986766834653436&referrer=
200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&optOut=false&bust=045986766834653436&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&optOut=false&bust=045986766834653436&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:55 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: aa306e039b1e189ade294644a1883c65
content-encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 69707
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/675938688/?random=1669301754427&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3632417194&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/675938688/?random=1669301754427&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3632417194&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1669301754427&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3632417194&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 72126
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:49:28 GMT
expires: Thu, 23 Nov 2023 21:49:28 GMT
cache-control: public, max-age=31536000
age: 61587
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/862759327/?random=1669301754202&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540440357&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1669301754202&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540440357&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1669301754202&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3540440357&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/624541243/?random=1669301754121&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3472488615&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/624541243/?random=1669301754121&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3472488615&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1669301754121&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3472488615&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/458254939/?random=1669301754291&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3057333486&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/458254939/?random=1669301754291&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3057333486&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1669301754291&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3057333486&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10838597190/?random=1669301754150&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2456330634&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10838597190/?random=1669301754150&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2456330634&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1669301754150&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2456330634&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/862759327/?random=1669301754191&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1855967344&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1669301754191&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1855967344&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1669301754191&cv=11&fst=1669298400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1855967344&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 14:55:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/4.5.0/firebase.js
200 OK 116 kB URL HTTP/2 www.gstatic.com/firebasejs/4.5.0/firebase.js
IP
File type ASCII text, with very long lines (16738)
Size 116 kB (116073 bytes)
Hash 0ff319bf584fbc1049438249c206242d
2adccf821c87d51efbc577cc3f091d6f254f0a35
2571c05e9c76a275e38235dc4b7256c971cccd9c1a40367b8d2f8fc9a14b4efb
GET /firebasejs/4.5.0/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 116073
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:31:51 GMT
expires: Thu, 23 Nov 2023 08:31:51 GMT
cache-control: public, max-age=31536000
age: 109444
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
200 OK 18 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
IP
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash d094840fd6b5b489b25f18a22a493822
29a59e8c0250e81421609d5c7c25f20776fdaa4a
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
GET /wp-content/uploads/2015/10/favicon-152.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:55 GMT
content-type: image/png
content-length: 18176
server: Pagely-ARES/1.10.15
x-gateway-request-id: ec6ecac988c9d368354535ae9af5f097
last-modified: Fri, 23 Sep 2022 23:00:59 GMT
etag: "4700-5e96026c123c4"
expires: Wed, 21 Dec 2022 08:04:16 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 164734
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
events.ub-analytics.com/i?stm=1669301755043&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=8b29a936-2a7c-49d1-b1ec-e7b5aff7e43e&dtm=1669301755036&vp=1280x939&ds=1268x1251&vid=1&sid=ae8a12bb-778c-459b-8cad-7e4d1e26190f&duid=cd484a53-a211-457d-98ee-d4e42b86ebc9&uid=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
200 OK 43 B URL HTTP/1.1 events.ub-analytics.com/i?stm=1669301755043&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=8b29a936-2a7c-49d1-b1ec-e7b5aff7e43e&dtm=1669301755036&vp=1280x939&ds=1268x1251&vid=1&sid=ae8a12bb-778c-459b-8cad-7e4d1e26190f&duid=cd484a53-a211-457d-98ee-d4e42b86ebc9&uid=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1669301755043&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=8b29a936-2a7c-49d1-b1ec-e7b5aff7e43e&dtm=1669301755036&vp=1280x939&ds=1268x1251&vid=1&sid=ae8a12bb-778c-459b-8cad-7e4d1e26190f&duid=cd484a53-a211-457d-98ee-d4e42b86ebc9&uid=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: akka-http/10.0.9
embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
200 OK 45 kB URL HTTP/2 embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
IP
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d279bae4b54ae66328caa9fa6d84f5d
a09fc7ee495603b85bfd230fa171463f84d337e2
9b2282afb551e1c12679f8d4059e1a8209ea04ae8b3a3bafeef173da16b8be8d
GET /deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: d0a1fb999ec98584973653dd06314b37
last-modified: Wed, 23 Mar 2022 20:25:49 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:55 GMT
age: 1482197
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000145-IAD, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 3083, 1
x-timer: S1669301756.625385,VS0,VE1
content-length: 45025
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669301755096
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669301755096
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669301755096 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1772019003339882
date: Thu, 24 Nov 2022 14:55:55 GMT
akamai-grn: 0.274f2417.1669301755.3bf02a7d
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669301755094&dep=2%2CPAGE_LOAD
200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669301755094&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669301755094&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU9EbGpPRFUyWkdZdE1HRm1aaTAwWXpCaUxXSTNPV1V0TnprNE9EUmxNVFprWmpJdw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: http://pages.upwellness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 5786092998063254
date: Thu, 24 Nov 2022 14:55:55 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669301755.3bf02a9e
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755320&cd[content_name]=replay%2C%20rt&sw=1280&sh=1024&v=2.9.89&r=stable&ec=4&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755320&cd[content_name]=replay%2C%20rt&sw=1280&sh=1024&v=2.9.89&r=stable&ec=4&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit_GRP&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755320&cd[content_name]=replay%2C%20rt&sw=1280&sh=1024&v=2.9.89&r=stable&ec=4&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 14:55:55 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755319&sw=1280&sh=1024&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755319&sw=1280&sh=1024&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755319&sw=1280&sh=1024&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 14:55:55 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755311&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755311&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=PageView&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755311&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 14:55:55 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755316&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755316&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit_GRP&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755316&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 14:55:55 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755315&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755315&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit&dl=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&rl=&if=false&ts=1669301755315&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669301755310.1689080845&it=1669301755020&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 14:55:55 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 69694
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.8345075785016697&r=&u=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
200 OK 0 B URL HTTP/1.1 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.8345075785016697&r=&u=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.8345075785016697&r=&u=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Cookie: ubvt=98aaf2fe-c207-450e-9e1b-20e6cbba5d1b; AWSALB=muy53rMrmL16qv7A9d6swF8hfD2qMxS7J1KMWVT7usNKj9SRjfh1LOaTrFgTgUhQe9M4ZGAfB6utUtkdb6Fbd1vaMeCrV1BTPD9/+9TeooDNIzoMzbZEL3ZId3LN; _gcl_au=1.1.393777633.1669301754; UltraCartShoppingCartID=27B3E363474F740184AA235B271FB500; ucacid=1172148557.698293; ucacid=1172148557.698293; JSESSIONID=abcbAQZPs_mM8dhmmDub6; LBJSESSIONID=abcbAQZPs_mM8dhmmDub6.n223; _li_dcdm_c=.upwellness.com; _lc2_fpi=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h; _uetsid=18b1d1406c0811ed89c8f549bc57076a; _uetvid=18b1b8606c0811ed958545668b6a4dac; cl4975ot4arrr6_source=Direct; cl4975ot4arrr6_session_starts=1669301754895; cl4975ot4arrr6_session_ends=1669303554895; cl4975ot4arrr6_utmParams=%7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D; cl4975ot4arrr6_uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919; cl4975ot4arrr6_sid=CL-9d0241f8-d9ea-4e51-af9f; cl4975ot4arrr6_gid=cl4975ot4arrr6cfbc13e3-62b6-453b-b0bc-3b8b09f259f1; _ga=GA1.2.1160504245.1669301755; _gid=GA1.2.683203575.1669301755; _dc_gtm_UA-28307243-3=1; _fbp=fb.1.1669301755310.1689080845
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=5XcOcYgU+SDDXHYtJjmusSyMs85TqBnlwH6AYIhOxuDPY7moQLboWTbG83EHtMqicq1T06wF3zTuNQgpgR/Dapj7Csmfd2Nlh85cdUIoo3oT32ZAH4ijHelwXsbu; Expires=Thu, 01 Dec 2022 14:55:55 GMT; Path=/
AWSALBCORS=5XcOcYgU+SDDXHYtJjmusSyMs85TqBnlwH6AYIhOxuDPY7moQLboWTbG83EHtMqicq1T06wF3zTuNQgpgR/Dapj7Csmfd2Nlh85cdUIoo3oT32ZAH4ijHelwXsbu; Expires=Thu, 01 Dec 2022 14:55:55 GMT; Path=/; SameSite=None
UPWEL-ANP=6141; domain=store.upwellness.com; path=/; expires=Fri, 24-Nov-2023 14:55:55 GMT; HttpOnly
Server: Apache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
fast.wistia.com/assets/external/playPauseLoadingControl.js
200 OK 16 kB URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
File type ASCII text, with very long lines (60125), with no line terminators
Hash 7264d7b49eb6dc6eef062a9511cfd32e
d6724f77d675d740c895a283e4b8e3dbdd1719d5
6cca15bd7bbece1644b8b31db564da9659fa85f73ea22b814cb831cf0113a4e3
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-3e59"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:55 GMT
age: 1185
x-served-by: cache-iad-kcgs7200113-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 47, 53
x-timer: S1669301756.954524,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 15961
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/engines/hls_video.js
200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP
File type ASCII text, with very long lines (65469)
Size 114 kB (114373 bytes)
Hash ddbf94a47f16fcd8a99d8c45572ac852
fabe447aee7408e90c4fcfc1de127d98987b8ca0
cb2cba64e3b0a0797031ca64b918bed7c1c58b6f3b40d92b4f45f93b3ea55109
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1bec5"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:55 GMT
age: 1185
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 40
x-timer: S1669301756.968935,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114373
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 3356463835064526
date: Thu, 24 Nov 2022 14:55:55 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669301755.3bf032b8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510
301 Moved Permanently 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 14:55:55 GMT
Server: Server
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510
Cache-Control: no-cache
Content-Length: 0
x-amz-rid: 1VY3Q44A69V35BG8HVF7
Vary: Accept-Encoding,User-Agent
fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
200 OK 915 B URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
IP
Hash 48c1b43bc9be7e93632e0efa1882848c
05b4e7d3b3f87ecdc544789f68edeb5f8d7baf69
f1c7edc9dc26c60377b14f9cfe0e19cd642e189e6b27dde4ab088a3a2f0c1823
GET /embed/medias/aeu9oe7qwy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: bdca262385d3089cb8bd8f08dc32ebc9
x-runtime: 0.025493
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 83227
x-served-by: cache-iad-kjyo7100174-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 138, 9
x-timer: S1669301756.220143,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 915
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&id=cl4975ot4arrr6&uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
200 OK 178 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&id=cl4975ot4arrr6&uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 549af9a113e928122de9b8999bf286c3
971a9772957b8ac09956748eeae9c88d3e7d2a14
a594f4bbf8d6da121e3ff9b7e1391c387f2d281b36ab85e3a1aaa15ea232b293
GET /externalIds?customerlabs_user_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&id=cl4975ot4arrr6&uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Thu, 24 Nov 2022 14:55:56 GMT
Server: nginx/1.12.1
Content-Length: 178
Connection: keep-alive
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
200 OK 930 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP
Hash d98f824625558fb8273eb2bc853a1e08
6b9cc5b14072badf20cccc5f8f8ff7dcc7fae4df
f376ddcd25ce45f6ce99a7322ce248468478dc466ea353a8813223ac967f6057
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"f376ddcd25ce45f6ce99a7322ce24846"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f87fdd2021cac1433f57974f6f7dcc56
x-runtime: 0.025974
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 83248
x-served-by: cache-iad-kcgs7200134-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 99, 1
x-timer: S1669301756.243967,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 930
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 119469b2a64de1f027696a209c950cf3
6c886a32268ea68445edf0ccff472cebe307d25a
6c30793fcac70823915393a3fddad79e61f23b88af191e7341680f4281e83e66
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114941
Date: Thu, 24 Nov 2022 14:55:56 GMT
Etag: "637e9c5a-1d7"
Expires: Fri, 25 Nov 2022 22:51:37 GMT
Last-Modified: Wed, 23 Nov 2022 22:19:06 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dZwUxAvVi0LcKlr4Q6BT2dhM_t7bUAxK7KteegfthEoHtMTvHGAA0Q==
Age: 1951
fast.wistia.com/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "637e83f2-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 23 Nov 2022 20:34:58 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 65985
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 44, 1369
x-timer: S1669301756.261998,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"f376ddcd25ce45f6ce99a7322ce24846"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 24 Nov 2022 14:55:56 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"f376ddcd25ce45f6ce99a7322ce24846"
age: 83248
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669301756.281194,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4 HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:56 GMT
content-length: 0
trace-id: afe7980ec940990a
vary: Origin
location: /j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
set-cookie: lidid=58939d0a-cc8a-44f3-85a1-78d3c77d61bd; Max-Age=63072000; Expires=Sat, 23 Nov 2024 14:55:56 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
200 OK 3.7 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
IP
Hash b2c3ce627cd8f47980d2dcefbca05105
1deffed6db48e30507c8b4b66b7388509e0dce28
1cee6eafba9f65cf32f5a89e8fcd9f2a2ecb7b90c457ded3889ec0f1e7a25df9
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Wed, 08 Nov 2023 06:27:07 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 1412929
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200045-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 304, 1
x-timer: S1669301756.365138,VS0,VE1
vary: Accept-Encoding
content-length: 3722
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
IP
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash 4dbb6a70352514258a764f17379df162
1d07ed4093d8e6fa0bd406c05e527a79d56ae1d4
71c5c0962b4fe28b5bf7ff4396001d27459106809c564c55e379ee28dc4a6a43
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31026266
Expires: Sat, 18 Nov 2023 17:20:22 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:56 GMT
expires: Thu, 24 Nov 2022 14:55:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPyFf2MCEOfDqTChRveyB_TkP4haU2AFEgEBAQHXgGOJYwAAAAAA_eMAAA&S=AQAAAuu76Uw8-rO6k_oG9izJOxI; Expires=Fri, 24 Nov 2023 20:55:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
IP
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash 4dbb6a70352514258a764f17379df162
1d07ed4093d8e6fa0bd406c05e527a79d56ae1d4
71c5c0962b4fe28b5bf7ff4396001d27459106809c564c55e379ee28dc4a6a43
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31026266
Expires: Sat, 18 Nov 2023 17:20:22 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2024%20Nov%202022%2014%3A55%3A55%20GMT&n=0&.yp=10056129&f=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2024%20Nov%202022%2014%3A55%3A55%20GMT&n=0&.yp=10056129&f=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Thu%2C%2024%20Nov%202022%2014%3A55%3A55%20GMT&n=0&.yp=10056129&f=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:56 GMT
expires: Thu, 24 Nov 2022 14:55:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPyFf2MCEMWfNdNpycPICQJWNnSvwAoFEgEBAQHXgGOJYwAAAAAA_eMAAA&S=AQAAAiW3u51S1KwkBHIW1XWWzLM; Expires=Fri, 24 Nov 2023 20:55:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash af76de5ba2f126671181bfd7feb983a4
dfbc96e29c652e94e1a208898da8ef49c13cce16
8a14ae43952cfa26d0f85634564898d46cbf3c7d032a26971a13d6f909bfd3a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4743
Cache-Control: max-age=113776
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:56 GMT
Etag: "637e8ce5-116"
Expires: Fri, 25 Nov 2022 22:32:12 GMT
Last-Modified: Wed, 23 Nov 2022 21:13:09 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14251
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14251
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14251
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14251
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash fcde710e9043bc4502e7505006104d6a
da75e0a33cc84cc814597ac091426d82531ddac1
d71a55b0cf26c9fa1b90aa9dade3bfa0de603947c95d0d81f182e92a60be2242
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3357
Cache-Control: max-age=122100
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:56 GMT
Etag: "637eb2d3-116"
Expires: Sat, 26 Nov 2022 00:50:56 GMT
Last-Modified: Wed, 23 Nov 2022 23:54:59 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 27709
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 27634
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 61730
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
200 OK 1.6 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.6 MB (1558520 bytes)
Hash c99eba935e2a3089e3a768d3646f5b3f
2773babf9ff2e0f3beba2f10403018cf55019e92
0cf3d354eadd8e8aa2fead4090a75c396014486ea74b61219c8cf946d4272a35
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1558520
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31118943
Expires: Sun, 19 Nov 2023 19:04:59 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 61569
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510
302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 24 Nov 2022 14:55:56 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 10R9MY0A7BS7WECWZVW1
Set-Cookie: ad-id=A-EUgE0N0EIYkkHR0a7wYO4|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 14:55:56 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=89445732817290510&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
200 OK 485 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 485 kB (484664 bytes)
Hash b7735798b762d519cb4886f5f5da5bd0
be1cebaf2a46bef7442b69d48557bd362607ea2d
05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Wed, 25 Oct 2023 07:37:22 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 2618314
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 11499, 1
x-timer: S1669301756.499463,VS0,VE1
content-length: 484664
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
200 OK 1.6 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.6 MB (1558520 bytes)
Hash c99eba935e2a3089e3a768d3646f5b3f
2773babf9ff2e0f3beba2f10403018cf55019e92
0cf3d354eadd8e8aa2fead4090a75c396014486ea74b61219c8cf946d4272a35
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1558520
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31118943
Expires: Sun, 19 Nov 2023 19:04:59 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 60722
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 836
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 14:55:56 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 61116
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash fcde710e9043bc4502e7505006104d6a
da75e0a33cc84cc814597ac091426d82531ddac1
d71a55b0cf26c9fa1b90aa9dade3bfa0de603947c95d0d81f182e92a60be2242
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4908
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:56 GMT
Last-Modified: Thu, 24 Nov 2022 13:34:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
IP
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash ab5749148714924c5838aca07a914f1f
8986957e269c8ede3f95a1e04a5578bb85a780a4
d85c34da5529aa87fc3dbd68b383e851e3b44f90004f99e75ade9397a7d92f78
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31111067
Expires: Sun, 19 Nov 2023 16:53:43 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
trc.taboola.com/1225872/trc/3/json?tim=1669301754996&data=%7B%22id%22%3A649%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669301754981%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669301754995%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A75%2C%22supv%22%3Atrue%7D%7D&pubit=i
200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1225872/trc/3/json?tim=1669301754996&data=%7B%22id%22%3A649%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669301754981%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669301754995%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A75%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
Hash fe631277033baab3583e5a7fca065904
65d6282eb63a1a25480dd9026f4b463f730b7b29
ec6f444048e9df0c2bf1192c5d57f6d63ea031eede3484fc3ada10c9b9d8a7a7
GET /1225872/trc/3/json?tim=1669301754996&data=%7B%22id%22%3A649%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669301754981%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669301754995%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A75%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1628-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669301755.472078,VS0,VE96
vary: Accept-Encoding
x-vcl-time-ms: 96
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ac4a14fdb8a8ac0bb56636c74d06965f
326a1fd45c01f55e54c1be6b7a971e2ea3660e60
1d7137634292f05911421b7f0abfe291dbafee2795720e6ecab8d1c0ef130cde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134221
Date: Thu, 24 Nov 2022 14:55:56 GMT
Etag: "637edfdf-1d7"
Expires: Sat, 26 Nov 2022 04:12:57 GMT
Last-Modified: Thu, 24 Nov 2022 03:07:11 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qI7BAdTRjRjLSBX-QtRMo8m0A_CcC9E_nyybu0XQ-vegwf5IetL46Q==
Age: 3946
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ac4a14fdb8a8ac0bb56636c74d06965f
326a1fd45c01f55e54c1be6b7a971e2ea3660e60
1d7137634292f05911421b7f0abfe291dbafee2795720e6ecab8d1c0ef130cde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135517
Date: Thu, 24 Nov 2022 14:55:56 GMT
Etag: "637edfdf-1d7"
Expires: Sat, 26 Nov 2022 04:34:33 GMT
Last-Modified: Thu, 24 Nov 2022 03:07:11 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UxhxSuslMMJYt2xDFySBHpmKHOJu3TY9IJ_KWEX4LsxK66vTAWam2w==
Age: 5242
fast.wistia.com/assets/external/interFontFace.js
200 OK 18 kB URL HTTP/2 fast.wistia.com/assets/external/interFontFace.js
IP
File type ASCII text, with very long lines (45349), with no line terminators
Hash 53c97190603845aa22fe260f7ec735c4
a16cfa041fdd5e6652d23cde3ac4c207b8dd5276
091e2d49b6d1c2a135481ce5d39810dcf6debcc9da5879c450ee7d40765237a5
GET /assets/external/interFontFace.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-46e6"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 1185
x-served-by: cache-iad-kcgs7200123-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 19
x-timer: S1669301757.826764,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 18150
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl/firstVisit
200 OK 0 B URL HTTP/1.1 io.v2.customerlabs.co/cl/firstVisit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl/firstVisit HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 488
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 14:55:56 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
200 OK 452 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 452 kB (451576 bytes)
Hash 67501a36beb525a095955cf7549a54e8
fab51b09bb81d0ea8f8671e0545ce29d11c97a85
576624d97d2cf55136788b5f9201affb7ad1016f856685473acd8b1bdc8ae870
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 451576
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31111969
Expires: Sun, 19 Nov 2023 17:08:45 GMT
Date: Thu, 24 Nov 2022 14:55:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
live-visitor-counts.herokuapp.com/lvc/register
204 No Content 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cdn.useproof.com/
Origin: https://cdn.useproof.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Cowboy
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Date: Thu, 24 Nov 2022 14:55:56 GMT
Via: 1.1 vegur
embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
200 OK 3.7 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
IP
Hash ad213983ab337bf180cb7bd17f3641e5
b326ce5f18fe0100810062a573be21a7d03af258
5203ca710a081e640b4d1f8ccb231da0edbd624da8698b8498acf75be0279714
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Tue, 17 Oct 2023 12:57:56 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 3290281
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100027-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 10504, 1
x-timer: S1669301757.905846,VS0,VE9
vary: Accept-Encoding
content-length: 3731
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 741
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 14:55:56 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
io.v2.customerlabs.co/cl
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 832
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 14:55:56 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
200 OK 1.5 kB URL HTTP/2 a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
IP
File type ASCII text, with very long lines (2807)
Hash 97572121cdd617f7eb7caa8f4248149f
51ce0255f90cec27098aa6a917580e25608f245b
ce769cd758f2b71f0c24430c497fb6f3050afebd4d9e29fd8acc77e018a4f39d
GET /px/?c=24a3d6f0fe7dd9c HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:56 GMT
content-type: text/javascript
set-cookie: _ccpx=24a3d6f0fe7dd9c; Expires=Fri, 24 Nov 2023 14:55:56 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:56 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_24a3d6f0fe7dd9c=1; Expires=Fri, 24 Nov 2023 14:55:56 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-kz6ln:cc-nginx-c76b96594-kz6ln
x-requestid: c5b3c51b-77a6-4529-b6a6-c2b73888f377
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ5%2Fl1urn2Zoln7ehzMLU45ZhBW4xdRWnRWebhdYu0q0eXezlg9KWxPgEOqFOF7Wkzr4q4jFXX3C66JNDbcQutKw6k3GHyjaLnaKL6InnH7OW7IgB9AQ6z%2FoQgdd4fN%2F%2Fo8xeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd0bbc15b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/allIntegrations.js
200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP
File type ASCII text, with very long lines (21637), with no line terminators
Hash 98d8f1350f159ef9d630464f2677623c
ee33382759ec18abebe452fb065599627d729114
0bcc59bc6540d08234fceefb99483c915ced9406d7b30173817cb18553c462b3
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-15f7"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 1185
x-served-by: cache-iad-kiad7000146-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 24
x-timer: S1669301757.981702,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 5623
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
200 OK 217 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 217 kB (216952 bytes)
Hash 4623e44ce676c904300654bcf080dcf0
ad6d26d688448a627c1256cf7443ec0af8cd9e21
1a5ba73a0dc667b06ed9d02518d62a0035d6df2e4f2825455bb47ed19794a3e7
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Thu, 28 Sep 2023 09:50:17 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:56 GMT
age: 4943140
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200130-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 4472, 1
x-timer: S1669301757.993045,VS0,VE1
content-length: 216952
X-Firefox-Spdy: h2
live-visitor-counts.herokuapp.com/lvc/register
200 OK 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 194
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://cdn.useproof.com
Vary: Origin
Date: Thu, 24 Nov 2022 14:55:57 GMT
Content-Length: 0
Via: 1.1 vegur
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d00eaf1f7e43489c5718ce3fa5a491e9
eca6d2f9139f3321e20ffe1929755efdc468b981
c8164da57b36002493cdc0983dc9e8a879ef47b2cac532e2ba105142b6b6b09d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155478
Date: Thu, 24 Nov 2022 14:55:57 GMT
Etag: "637f2e7e-1d7"
Expires: Sat, 26 Nov 2022 10:07:15 GMT
Last-Modified: Thu, 24 Nov 2022 08:42:38 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XA3qdTTx80ZKBBVWj9PhkCoSXx2-o9Z7tK4HPg42iMOvRJhfh6QL8w==
Age: 5077
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d00eaf1f7e43489c5718ce3fa5a491e9
eca6d2f9139f3321e20ffe1929755efdc468b981
c8164da57b36002493cdc0983dc9e8a879ef47b2cac532e2ba105142b6b6b09d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:55:57 GMT
Last-Modified: Thu, 24 Nov 2022 14:55:05 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 57d3-g2yexqtnP322sorJK6aB9xf-U6MT4ruk7lNMnjosLQWahV7wg==
Age: 52
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1454
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 14:55:57 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1560
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 14:55:57 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1669301755310.1689080845&customerlabs_user_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&id=cl4975ot4arrr6&uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&t=0&sc=1280%20x%201024
200 OK 561 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1669301755310.1689080845&customerlabs_user_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&id=cl4975ot4arrr6&uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&t=0&sc=1280%20x%201024
IP
File type JSON data\012- , ASCII text, with very long lines (561), with no line terminators
Hash 234bc62c124750080dfe7c4c402118d4
d1630e69ee717fceb09cd2a0251b647aaf889089
871ba0499b6308064073900de010cbc7c29037e5c916d99d3c04cdec569d083a
GET /externalIds?facebook___fbp=fb.1.1669301755310.1689080845&customerlabs_user_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&id=cl4975ot4arrr6&uid=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919&t=0&sc=1280%20x%201024 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Thu, 24 Nov 2022 14:55:57 GMT
Server: nginx/1.12.1
Content-Length: 561
Connection: keep-alive
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1564
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 14:55:57 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1669301755526&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjn26pvpdzhp3vc1xfqt518h&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Referer: http://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:57 GMT
content-type: application/json
content-length: 13
trace-id: 8eec0390a12c266b
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: bb55e032-f9b3-418d-9cff-d0ed10336bcc
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 50a92cbd99c9867edeed064914407764
db7add2c14b06d670f307ac15abe6f4f69c3f50b
23ea01318a6602949849daf314622d87672ee4828d50cc01bc3e73a3e1543894
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6383
Cache-Control: max-age=140229
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:57 GMT
Etag: "637eedd3-1d7"
Expires: Sat, 26 Nov 2022 05:53:06 GMT
Last-Modified: Thu, 24 Nov 2022 04:06:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=2187&scd=75&ssd=1&est=1669301754984&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669301757176&vi=1669301754981&ri=9b227c1795d41326833c32d8d9c2a27c&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=2187&scd=75&ssd=1&est=1669301754984&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669301757176&vi=1669301754981&ri=9b227c1795d41326833c32d8d9c2a27c&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=2187&scd=75&ssd=1&est=1669301754984&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669301757176&vi=1669301754981&ri=9b227c1795d41326833c32d8d9c2a27c&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 24 Nov 2022 14:55:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=b6def716-5116-4993-a86e-cd970985f361&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=b6def716-5116-4993-a86e-cd970985f361&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3318&partner_device_id=b6def716-5116-4993-a86e-cd970985f361&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:57 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669301757895;Expires=Mon, 23 Jan 2023 14:55:57 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=9176dce9-d648-4d9d-a3ee-145943b8564b;Expires=Mon, 23 Jan 2023 14:55:57 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=b6def716-5116-4993-a86e-cd970985f361&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2ab59c25df8b73e8b1aa4a4c8651ba3f
4574a151ee44e9253367f203cfc7fbd7f0377f61
16464a556a3bedc9dbb00688c6840c761601409fd1259874e94ce189ca51ad54
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 14:55:58 GMT
Last-Modified: Thu, 24 Nov 2022 14:01:33 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9hnKivS049gRUB-tIgLjiAjqT2mTrqW9PkNWz3G1952IUJG9pYJCHw==
Age: 3265
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 7e1f10921950e9569eae7e85bd9a1ac6
3b9049609d373b08428e05f6117c368efe721650
bf3d62a2e12d6699abf52a8b08af060d909268901c5518013b99989622a1ca25
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146102
Date: Thu, 24 Nov 2022 14:55:58 GMT
Etag: "637f1988-1d7"
Expires: Sat, 26 Nov 2022 07:31:00 GMT
Last-Modified: Thu, 24 Nov 2022 07:13:12 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y9Xf-k7RotgKTUyzbF1PzZXm9BXtvNU7kegkf4-ZOBMbo_zAH2PB1Q==
Age: 1068
ocsp.digicert.com/
200 OK 471 B IP
Hash 50a92cbd99c9867edeed064914407764
db7add2c14b06d670f307ac15abe6f4f69c3f50b
23ea01318a6602949849daf314622d87672ee4828d50cc01bc3e73a3e1543894
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6384
Cache-Control: max-age=140229
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:55:58 GMT
Etag: "637eedd3-1d7"
Expires: Sat, 26 Nov 2022 05:53:07 GMT
Last-Modified: Thu, 24 Nov 2022 04:06:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 18236
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&ccid=b6def716-5116-4993-a86e-cd970985f361&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID
303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&ccid=b6def716-5116-4993-a86e-cd970985f361&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&ccid=b6def716-5116-4993-a86e-cd970985f361&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 24 Nov 2022 14:55:58 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&_li_chk=true&ccid=b6def716-5116-4993-a86e-cd970985f361&previous_uuid=cedcbe41228b4531a2d6e18efc7262b6
Set-Cookie: lidid=cedcbe41-228b-4531-a2d6-e18efc7262b6; Max-Age=63072000; Expires=Sat, 23 Nov 2024 14:55:58 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 5345
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:55:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
a.browserspeed.support/cs?puid=6be96a20-0143-57ca-bd82-0843584d636e&pid=lc
302 Found 24 B URL HTTP/2 a.browserspeed.support/cs?puid=6be96a20-0143-57ca-bd82-0843584d636e&pid=lc
IP
File type HTML document, ASCII text
Hash cd5fa747861f510d1d45ab9dc80a16a0
90d910869fbe5e0f79b7f7e58f59f5303f46ad78
5bdd19de1ad3c04f1a88334882b16565cef8ac274902e671a72ebebdb35c697c
GET /cs?puid=6be96a20-0143-57ca-bd82-0843584d636e&pid=lc HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
date: Thu, 24 Nov 2022 14:55:58 GMT
content-type: text/html; charset=utf-8
content-length: 24
location: https://a.browserspeed.support/
set-cookie: tuid=d7cd3b48-8250-416b-9ade-98d24aac0526; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&_li_chk=true&ccid=b6def716-5116-4993-a86e-cd970985f361&previous_uuid=cedcbe41228b4531a2d6e18efc7262b6
303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&_li_chk=true&ccid=b6def716-5116-4993-a86e-cd970985f361&previous_uuid=cedcbe41228b4531a2d6e18efc7262b6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&_li_chk=true&ccid=b6def716-5116-4993-a86e-cd970985f361&previous_uuid=cedcbe41228b4531a2d6e18efc7262b6 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 24 Nov 2022 14:55:58 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253db6def716%252d5116%252d4993%252da86e%252dcd970985f361%2526anx_uId%253d%2524UID&ccid=b6def716-5116-4993-a86e-cd970985f361
Set-Cookie: _li_ss=MgYIkgEQ1xM; Max-Age=2592000; Expires=Sat, 24 Dec 2022 14:55:58 GMT; SameSite=None; Path=/s; Secure
lidid=1a5d1fda-f438-4e39-8455-ba05ae7e5a21; Max-Age=63072000; Expires=Sat, 23 Nov 2024 14:55:58 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 2
Strict-Transport-Security: max-age=31536000; includeSubDomains
a.clickcertain.com/px/ta/?done=true&ta_id=b7770511-a27b-40e5-a017-b3962088544a
204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=b7770511-a27b-40e5-a017-b3962088544a
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=b7770511-a27b-40e5-a017-b3962088544a HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 14:55:59 GMT
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:58 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-2brl7:cc-nginx-c76b96594-2brl7
x-requestid: acf5e74e-8a09-40d6-b21d-a782433edf66
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ksqKVNYPXgHc8gWTn59G4Cuqqf49bNN3ivZzBoYn6i08Ji7o3FC7Q2fwR7Vi2yvJTFnxtJscG9xWy1QlAgYX77wmsVxyOj10A9jLx4Z%2FxMgXDfX6Kds%2Bpar3qNyYihOF1QBEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd18ef0ab51b-OSL
X-Firefox-Spdy: h2
a.browserspeed.support/
200 OK 4 B IP
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: tuid=d7cd3b48-8250-416b-9ade-98d24aac0526
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: awselb/2.0
date: Thu, 24 Nov 2022 14:55:59 GMT
content-type: application/json; charset=utf-8
content-length: 4
set-cookie: tuid=d7cd3b48-8250-416b-9ade-98d24aac0526; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253db6def716%252d5116%252d4993%252da86e%252dcd970985f361%2526anx_uId%253d%2524UID&ccid=b6def716-5116-4993-a86e-cd970985f361
302 Found 509 B URL HTTP/2 a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253db6def716%252d5116%252d4993%252da86e%252dcd970985f361%2526anx_uId%253d%2524UID&ccid=b6def716-5116-4993-a86e-cd970985f361
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (332), with CRLF, LF line terminators
Hash 379f7898cd1f4a84eab3a0d12ead541b
515188af9b8a3a2782f3e1564d7c684afd426c66
c7dbc4a07c3bdfffa0c91d71dedd28d7b85efd5ddbf73bcdcdea19bbd55467c1
GET /px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253db6def716%252d5116%252d4993%252da86e%252dcd970985f361%2526anx_uId%253d%2524UID&ccid=b6def716-5116-4993-a86e-cd970985f361 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:59 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3db6def716%2d5116%2d4993%2da86e%2dcd970985f361%26anx_uId%3d%24UID
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:59 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-gb8pk:cc-nginx-c76b96594-gb8pk
x-requestid: 59c4d7d2-85eb-4316-800d-abcbd54b6ffd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4a6baYSm0dAUNuM0BDArDaD63KlMoJ0KTA6MWivYwbDX2ihNF6tDCBWqIQUdYA5Xb6q7LMH5uU9paV7BZyOETSLln0YhKIEkdJGkWXl8rq3F3hOkZlLKIJ9ZIaBYTY23H%2BAEtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd1a795fb51b-OSL
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_tc=
302 Found 455 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a8b216415c13dbb7e132f8eb9ebef58c
ea4ebcc8a073927512680181010901607e95a1a5
45c2fb1caa8ed6f205af2e283dd66e691338c46779262669943bae9def778f6d
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_error=3
date: Thu, 24 Nov 2022 14:55:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=$UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 14:55:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716-5116-4993-a86e-cd970985f361%26anx_uId%3D%24UID
AN-X-Request-Uuid: b9e73469-53fa-45f9-93d1-efe0cd6713d7
Set-Cookie: uuid2=1700450101484877596; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 22-Feb-2023 14:55:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716-5116-4993-a86e-cd970985f361%26anx_uId%3D%24UID
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716-5116-4993-a86e-cd970985f361%26anx_uId%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716-5116-4993-a86e-cd970985f361%26anx_uId%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 14:55:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=0
AN-X-Request-Uuid: f9985ec5-c848-4e1f-916e-e5a76b08b80d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
200 OK 471 B IP
Hash 86776344fc6dd826ff48ca2f315dec8a
23054ddd051e653c90cc3232bbe1ecb88820b29a
7a6a778b4a383d8385e3843a7fd1ad88a5e7182d5627740511dd2c83a6f264c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:56:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:56:48 GMT
Expires: Tue, 29 Nov 2022 13:56:47 GMT
Etag: "23054ddd051e653c90cc3232bbe1ecb88820b29a"
Cache-Control: max-age=427846,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f2fd20ae7d0b41-OSL
x.bidswitch.net/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:56:00 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1e291953-4bd2-4261-a2a6-a732e52b5899; path=/; expires=Fri, 24-Nov-2023 14:56:00 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669301760; path=/; expires=Fri, 24-Nov-2023 14:56:00 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1669301760; path=/; expires=Fri, 24-Nov-2023 14:56:00 GMT; domain=.bidswitch.net; samesite=none; secure
c=1669301760; path=/; expires=Fri, 24-Nov-2023 14:56:00 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:56:00 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=5208&scd=75&ssd=1&est=1669301754984&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669301760196&vi=1669301754981&ri=9b227c1795d41326833c32d8d9c2a27c&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=5208&scd=75&ssd=1&est=1669301754984&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669301760196&vi=1669301754981&ri=9b227c1795d41326833c32d8d9c2a27c&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=5208&scd=75&ssd=1&est=1669301754984&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669301760196&vi=1669301754981&ri=9b227c1795d41326833c32d8d9c2a27c&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 24 Nov 2022 14:56:00 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
200 OK 0 B URL HTTP/2 api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04
IP
GET /pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D102d7397ab25cd77d3e1d5beb1d8ef%26n%3Dtune%26AFFID%3D477232%26subid%3D1_ARAD04 HTTP/1.1
Host: api.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:56 GMT
content-type: application/json; charset=utf-8
x-amzn-requestid: 05bf643d-f249-43c5-acba-da439f8f9423
access-control-allow-origin: *
surrogate-control: no-store
x-amzn-remapped-content-length: 178
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: cHHfbFd9IAMF4Qg=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
pragma: no-cache
x-amzn-remapped-date: Thu, 24 Nov 2022 14:55:56 GMT
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7un3Bys9gbaGKkbjKxFfn3WkJh_S4LKUhwUtRwrPLM5BPIz7PmnVkw==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RowuA26uakdcIYCyv9HMqgr8SzkgcJ7VZuH5CpNfIQieUG696OermrCp%2BKCbgh%2BCntBfIZxzQkBFBjqoOo7U%2BWyvq4Ltes3wkWXMfWrxkAkP8yPpNzNzJpD32USKWy%2F8rrUN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd064f1ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
IP
GET /px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:56 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:56 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-jbbqw:cc-nginx-c76b96594-jbbqw
x-requestid: c07d2a35-4e27-478f-9e0c-a10bab2e91b9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3N%2BPrkBwmBdlDato%2BKeg%2F%2BNkzVeyY%2FhstSkbcEmkMTdOeL3FxYch2KApCmwtNpH%2F8uZfTyb3afwWrW0P2sLJXfUd9n6%2Bjt%2FnUHx5ldMjmYimdOfRkED92rCe6x%2BYrMotP%2B%2Fa5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd0a09f2b51b-OSL
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?ccid=b6def716-5116-4993-a86e-cd970985f361
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/ta/?ccid=b6def716-5116-4993-a86e-cd970985f361
IP
GET /px/ta/?ccid=b6def716-5116-4993-a86e-cd970985f361 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6def716-5116-4993-a86e-cd970985f361&cn=NO
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:57 GMT
content-type: text/html
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=b6def716-5116-4993-a86e-cd970985f361&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:57 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-2brl7:cc-nginx-c76b96594-2brl7
x-requestid: be5971bd-29a0-42fd-8e6e-1d32caf2f38e
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeEvicP14QeJvjub%2FnvpJRbW1Rqwka%2FGm%2FKBJPMeGcEYsMlJ2w4WMXvRrNB155fj4tUwTIiPlNn33Ux1%2BcR5JKiGqr3ApsijZKshuyFKSn2N9sT8E2HzB6pxb9JTOsOQABN8zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd0f1920b51b-OSL
X-Firefox-Spdy: h2
live.upwellness.com/services/scripts/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 live.upwellness.com/services/scripts/jquery/jquery.min.js
IP
GET /services/scripts/jquery/jquery.min.js HTTP/1.1
Host: live.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 14:55:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
vary: Accept-Encoding
etag: W/"63298c50-15d84"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6def716-5116-4993-a86e-cd970985f361&cn=NO
200 OK 0 B URL HTTP/2 a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6def716-5116-4993-a86e-cd970985f361&cn=NO
IP
GET /px/cont/?c=24a3d6f0fe7dd9c&ccid=b6def716-5116-4993-a86e-cd970985f361&cn=NO HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:57 GMT
content-type: text/html
etag: W/"YjZkZWY3MTZnNTExNmc0OTkzZ2E4NmVnY2Q5NzA5ODVmMzYxLXow"
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:57 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-89fqp:cc-nginx-c76b96594-89fqp
x-requestid: f649cf3a-fed9-4247-886f-b79f0f1d74f0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFpu9jcgnhUFIDIMztcIiFWKJdcLGSMuLooiHqxd9km7aSKP8bab%2B7TJPh6Rs0wdhpqTyfzn5D7qnG9p4HckojZUsogbtzFULOlsnSC%2FpAED4c6RSc%2BHPRO42rQDbTEqokwvkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd0d1dffb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
302 Found 0 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
IP
GET /px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919 HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:56 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6f111b216-672a-42ff-be48-8c758c83d919
x-frontend: cc-nginx-c76b96594-xms6f:cc-nginx-c76b96594-xms6f
x-requestid: de1167f5-28cf-4151-96b1-cc4581feb6c9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05wyB8S4jpbq1CHVJB1Nsj807XuihwD6WK9hC5Ezjuc4VcFfEWBSAN8fiuxBRYzJKnOhhi5Zb4XfE0bItIg4AYrwT8qzKOhbJADpxydiMugtk2JQaYuwWL3lq%2FKdJPqqtamC4ig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd074cd1fac4-OSL
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_error=3
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_error=3
IP
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Db6def716%2D5116%2D4993%2Da86e%2Dcd970985f361%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:59 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=$UID
x-frontend: cc-nginx-c76b96594-9zh96:cc-nginx-c76b96594-9zh96
x-requestid: 5284c054-c51c-4f12-bde4-199b25b9ce2a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3WPp2WPuoxbHCtzxs%2BRbwoZZ11NOA93kMbZ%2Bij1VijMH7dga6s717mJABVNhskRiTF6Dp%2BcGaraqTTl1Os9Qc6AefoaqaE1ouZTS1r6OMTZ%2Fc7KVO2PYQT6iD0pbrE3oHmkoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd1c2c60b51b-OSL
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=0
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=0
IP
GET /px/img/bidswitch/?done=true&ccid=b6def716-5116-4993-a86e-cd970985f361&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:56:00 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=b6def716-5116-4993-a86e-cd970985f361&expires=5&user_group=0
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:59 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-2brl7:cc-nginx-c76b96594-2brl7
x-requestid: be5178f1-8e4f-4c00-a3c5-d682236a025d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DixX5cZEVHowigRWm%2F4GqwRob9dtKEB2tUMKUWJISkRYlRc6M2T15C3r3BhIlrYjj2qubbGS%2F5PD1OfNORVpiKgW%2BcyhNPXdhPp59rwGf2qWKhi8SJYkPN8FVYuXfznYRI7sfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd1f0846b51b-OSL
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/E-v1.js
200 OK 0 B URL HTTP/2 fast.wistia.net/assets/external/E-v1.js
IP
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1c79d"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 24 Nov 2022 14:55:53 GMT
age: 1182
x-served-by: cache-iad-kjyo7100167-IAD, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 44
x-timer: S1669301754.966464,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116637
X-Firefox-Spdy: h2
analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25225b4e9649-6ac5-4d8b-a147-2846334fa6f9%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D102d7397ab25cd77d3e1d5beb1d8ef%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_ARAD04%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D102d7397ab25cd77d3e1d5beb1d8ef%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_ARAD04%2522%257D
200 OK 0 B URL HTTP/2 analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25225b4e9649-6ac5-4d8b-a147-2846334fa6f9%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D102d7397ab25cd77d3e1d5beb1d8ef%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_ARAD04%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D102d7397ab25cd77d3e1d5beb1d8ef%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_ARAD04%2522%257D
IP
GET /track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25225b4e9649-6ac5-4d8b-a147-2846334fa6f9%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D102d7397ab25cd77d3e1d5beb1d8ef%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_ARAD04%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D102d7397ab25cd77d3e1d5beb1d8ef%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D1_ARAD04%2522%257D HTTP/1.1
Host: analytics.proofapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 14:55:56 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
etag: W/"3f-TFOK98LGgnQeiopUpTzpYY2dVPo"
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYsrjBYIaTrlfl%2FnIWRt6DjMxvHzsFBuIhW4XTRzBz7K%2BP6ZDB24XwDfCiS21e%2BeLRFvBVzdwz4JYQ%2Fxe4Sim72HinuuZ2WaEl2jFhwG60Pcbf48myI3oLg8%2BZr9%2Bu1CItLse6tU6CEE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd0a492ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.clickcertain.com/px/r/?ccid=b6def716-5116-4993-a86e-cd970985f361
302 Found 0 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=b6def716-5116-4993-a86e-cd970985f361
IP
GET /px/r/?ccid=b6def716-5116-4993-a86e-cd970985f361 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=b6def716-5116-4993-a86e-cd970985f361&cn=NO
Cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 14:55:57 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=b6def716-5116-4993-a86e-cd970985f361&ccid=b6def716-5116-4993-a86e-cd970985f361&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253db6def716%25252d5116%25252d4993%25252da86e%25252dcd970985f361%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=b6def716%2d5116%2d4993%2da86e%2dcd970985f361; Expires=Fri, 24 Nov 2023 14:55:57 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-9zh96:cc-nginx-c76b96594-9zh96
x-requestid: 16304b5c-23a6-4962-a55c-943c32f76718
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajuwoeWybOe3NqccsHBzb2tz%2FtZZAgtKUigQHUhAcsRAv1LuyROoRkPrZarna4iVQRhzEt6NRftyCgVMeeWvytu5%2BgGomjPmyoDCDT6%2BbUPKy8idy3KsZSEngAGIgyfDUaHyog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2fd0f1925b51b-OSL
X-Firefox-Spdy: h2
3.126.202.50
54.230.245.99
141.226.228.48
151.101.86.110
23.38.200.197
157.240.200.35
104.21.47.12
212.82.100.181
93.184.220.29