r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19493
Expires: Sun, 06 Nov 2022 18:58:02 GMT
Date: Sun, 06 Nov 2022 13:33:09 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=167211
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:09 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:00:00 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
soft.studystatisticssoftware.com/ga/click/2-387122867-1807-14931-29156-27053-1238c4eefe-va5a0d62a2
302 Found 124 B URL HTTP/1.1 soft.studystatisticssoftware.com/ga/click/2-387122867-1807-14931-29156-27053-1238c4eefe-va5a0d62a2
IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash a4af17f01e9b91a5b5aa0508ea474316
c87c32359e7322ffc781f7f938eb5bc6a05f3ec1
e3d82951a94b617c5a0659a75e2c38060716af80e0cc5d58b739b950806d4c17
GET /ga/click/2-387122867-1807-14931-29156-27053-1238c4eefe-va5a0d62a2 HTTP/1.1
Host: soft.studystatisticssoftware.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 06 Nov 2022 13:32:38 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: cf64efd079ba00343b952a89296cd01f
Location: https://mwebnice.com/6755/314/2/?subid=reviversglodersmixc
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.017530
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12119
Expires: Sun, 06 Nov 2022 16:55:08 GMT
Date: Sun, 06 Nov 2022 13:33:09 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=167211
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:09 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:00:00 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TQ3hUlY3POEmtJmOKn7o6aYp7WQY6DrQxFJiAC1oPfegwvcvkNSEb9VJpLqhXq9LCXzFz2ITASs=
x-amz-request-id: 78D6DG8XQXEFH8AQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 12:47:38 GMT
age: 2731
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 13:33:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3632
Cache-Control: max-age=160453
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:10 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:07:23 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oJM/LY6e4E3dFDzIEp7IJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HdXGiV0oWe+E7JMIDVCS+4WfRk4=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 74b94c6c3a67f9e5a603ceef68b9c9a4
43fdee4bb9f33c86d3dc08c2e690078085ae8949
3a084814e7dcc36595ab15cd8d0023b0806cf3e1fed5712b689491d5b0f71855
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152879
Date: Sun, 06 Nov 2022 13:33:10 GMT
Etag: "636769c5-1d7"
Expires: Tue, 08 Nov 2022 08:01:09 GMT
Last-Modified: Sun, 06 Nov 2022 08:01:09 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R7CtemHA2MI8F5qd0PVRD27y7NLl--3a8r_4_Gpgd3PVLQ_D5i9WyA==
go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221106133318603&aff_sub=314
302 Found 332 B URL HTTP/1.1 go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221106133318603&aff_sub=314
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 917dbac0c2b48482cd21280a653286b6
6735b27affc854a44ab26cac8fea5caeb468cbbe
7fd9b65aa599d3334723f84a36911389c41d6af77f33d61aa97d0e01e535fd18
GET /aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221106133318603&aff_sub=314 HTTP/1.1
Host: go.welldaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 06 Nov 2022 13:33:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 332
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=10275cce51cfdb823659ba9c31765f&n=tune&AFFID=477232&subid=55_314
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_2=ENC03f8aac9605a8b1c38881d04b92b8c9dc90baef177a23931b3919fad9ab1ca539f531be964fe54c2a2d9ad400f3926e3a0e975c26d382d78e62a2398055508a820d3a39a4dc852c162d98e76c1b57253775bf2f68505ab9fc52808253355e66ac68abf43d6a5ea045372f48fc44f300199ef0b77cce1931a26a81246f07fb5fdb71761d44c; expires=Sun, 13 Nov 2022 13:33:10 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Wed, 01 Oct 2025 00:13:10 GMT; path=/; SameSite=None; Secure
Tracking_id: 10275cce51cfdb823659ba9c31765f
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 7e932f7e5d167df2bfab997767cda7c3
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d0212dcebbfd1ea0060c0855b98e6205
c567440b7e0df736dbe7e8b8d81d2b582a23c392
d047f7fd5320de739fdfe761f7e2adb144b5c2759844ea16c45564442eba4648
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D047F7FD5320DE739FDFE761F7E2ADB144B5C2759844EA16C45564442EBA4648"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21516
Expires: Sun, 06 Nov 2022 19:31:47 GMT
Date: Sun, 06 Nov 2022 13:33:11 GMT
Connection: keep-alive
pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=10275cce51cfdb823659ba9c31765f&n=tune&AFFID=477232&subid=55_314
200 OK 17 kB URL HTTP/1.1 pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=10275cce51cfdb823659ba9c31765f&n=tune&AFFID=477232&subid=55_314
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14847), with CRLF, LF line terminators
Hash 8f18c351d5e4706c402bd06b0e17e521
639000e1de3a3b04756b2b6970d6fc15487c83d7
83a33eaf87671e1ff1307cd97c28e063530311f973ed1f44e25aae28a615d771
GET /uc-grplus-vsl01-aff/?offer=2&session_id=10275cce51cfdb823659ba9c31765f&n=tune&AFFID=477232&subid=55_314 HTTP/1.1
Host: pages.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Sun, 06 Nov 2022 13:33:11 GMT
content-type: text/html; charset=utf-8
content-length: 16887
set-cookie: ubvs=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705; Max-Age=259200; Domain=upwellness.com; Path=/; SameSite=Lax
ubpv=ak%2C65d0fec8-b023-4c4b-ac8b-d609707436f9; Max-Age=15897600; Path=/uc-grplus-vsl01-aff/; SameSite=Lax
content-location: https://pages.upwellness.com/uc-grplus-vsl01-aff/
etag: "ak:8f1645a51d374d9d8a9b1dac9f70c705"
link: <https://pages.upwellness.com/uc-grplus-vsl01-aff/>; rel="canonical"
x-unbounce-pageid: 65d0fec8-b023-4c4b-ac8b-d609707436f9
x-unbounce-variant: ak
x-unbounce-visitorid: 8f1645a5-1d37-4d9d-8a9b-1dac9f70c705
content-encoding: gzip
x-proxy-backend: page-server
connection: close
builder-assets.unbounce.com/published-css/main-7b78720.z.css
200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP
File type ASCII text, with very long lines (15017)
Hash 4458a4d76a70cb207bcc34d6bc6f872f
f484b0b1737f7de59ca699e6cc3169d234e8f6a8
0825f8972704bc1b84e30170cd77f5ecde2d6a7dbf9e43be96c6809c2c5228d7
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Tue, 30 Aug 2022 02:28:13 GMT
last-modified: Mon, 04 Jul 2022 16:47:32 GMT
etag: "4458a4d76a70cb207bcc34d6bc6f872f"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W1hIlUsrbdP9AW3LYuCYG03__UterVAat721XtEI9HrTpTYTDDk8aw==
age: 5915099
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash d589b3e8ab43847673545ea2986e3274
3028b92ddf22a175fa99fd9fb048da0e1d5dbd7a
e685402351137a5cfd5b8a8b79f431ec747ff6ca4bb5c7a6aa1e25e5d5dab007
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2865
Cache-Control: max-age=115781
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Etag: "6366cdab-117"
Expires: Mon, 07 Nov 2022 21:42:52 GMT
Last-Modified: Sat, 05 Nov 2022 20:55:07 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10838597190
200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10838597190
IP
File type ASCII text, with very long lines (1921)
Hash 00be7e393db8c429e2c48de669f4f4e7
0b4ac2d498af342d3af2a49b64231131c2c5f9d4
5484855a7724e14ef5b31801f301fbcc5c0d0d05942bf3902f3d9e5c77d5c9d9
GET /gtag/js?id=AW-10838597190 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 13:33:11 GMT
expires: Sun, 06 Nov 2022 13:33:11 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
200 OK 498 kB URL HTTP/2 cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
IP
File type Unicode text, UTF-8 text, with very long lines (60034), with no line terminators
Size 498 kB (497733 bytes)
Hash 0426397a9b31146729ac86c5be8595d3
953342b7defc23d1c552eba63f42bb915aae90f3
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
GET /proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1 HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:11 GMT
content-type: application/javascript
content-length: 497733
x-amz-id-2: XfamGhBMjZBo/sWrg3mxYdwUMUL0rpYArqF2RUd2t+2nxyqUognVNx+1xnHz8Eg7hGncdCbH6WA=
x-amz-request-id: RVX6E6XRK17ASENB
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "0426397a9b31146729ac86c5be8595d3"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
age: 48588390
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0r%2FNf9ZWo%2BJ4iuQQM%2FYsEa72z8zlN4L6i00%2F5yghAevi3VRKv4%2BpvZ4tyblq3X%2FPWwCUqlvMjspQlmdnQHBS52ZkSzVXcFOFkj7w6I7bDVzq3sNAGbOcbCCLdXrEt0H9Aae2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765e33130ff70b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-862759327
200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-862759327
IP
File type ASCII text, with very long lines (2917)
Hash b7a5f4a1578ea6c279130c8b107d3e16
bff504b8d7f014d9472955e7919809c7b85705f1
eb97a576765c3c2176b99c3cfeebbdb971a375044ab8b1fd72e2e8de5a263771
GET /gtag/js?id=AW-862759327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 13:33:11 GMT
expires: Sun, 06 Nov 2022 13:33:11 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-458254939
200 OK 71 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-458254939
IP
File type ASCII text, with very long lines (7857)
Hash 758088ac44313096ad64b6dd32ca7d70
8804864a387735329085747baafc7034c9dc121c
141f4eb2daf2fa43b217bafc1f70dd11ef10735d6fa0d35591894ef378add91a
GET /gtag/js?id=AW-458254939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 13:33:11 GMT
expires: Sun, 06 Nov 2022 13:33:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71302
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b60bd9eaf5f0247ec328c1ec00ef1bcb
21910ddd43a1a98c82ffbcb84932f89c5c40d879
1cd8cd06c59694dedce7d224bc0179fb3fae732fb8218ebdcc7088f5a5bc8202
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156003
Date: Sun, 06 Nov 2022 13:33:11 GMT
Etag: "63676b38-1d7"
Expires: Tue, 08 Nov 2022 08:53:14 GMT
Last-Modified: Sun, 06 Nov 2022 08:07:20 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O3qRpCN0x97UyrvQlikhxY3VMPnCctemAkMg0fM0oI2cEw-23MHXGQ==
Age: 2754
fast.wistia.net/assets/external/E-v1.js
200 OK 117 kB URL HTTP/2 fast.wistia.net/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116670 bytes)
Hash 90163968b212b6c679f84314d2f9386c
6ab33889483e4b25ba82cfc46d8c4ac92e9f32b4
7c43e501fb765ccbd45af47008567bde63ae2736976f47356a78b2d97e36f8aa
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-1c7be"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 308
x-served-by: cache-iad-kjyo7100167-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 12, 3
x-timer: S1667741592.679305,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116670
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116670 bytes)
Hash 90163968b212b6c679f84314d2f9386c
6ab33889483e4b25ba82cfc46d8c4ac92e9f32b4
7c43e501fb765ccbd45af47008567bde63ae2736976f47356a78b2d97e36f8aa
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-1c7be"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 308
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 23
x-timer: S1667741592.680751,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116670
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sun, 06 Nov 2022 14:13:32 GMT
Date: Sun, 06 Nov 2022 13:33:11 GMT
Connection: keep-alive
fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
200 OK 4.0 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash bedc068a9cc6964d07e1673050cbb3ec
ba9a082014112801aa5b12602be54b52792d0a2d
0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa
GET /embed/medias/aeu9oe7qwy/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31418753
content-disposition: inline
content-type: image/jpeg
last-modified: Wed, 23 Mar 2022 20:25:50 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 77479
x-served-by: cache-iad-kiad7000125-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 237, 1
x-timer: S1667741592.680692,VS0,VE1
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4021
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
IP
File type ASCII text, with very long lines (5765)
Hash daa41c74774b39cfea897580f9ca4378
eb8ff0ec0d4a3892a71e5984588ffb5480d9071a
950e953a98c2b817eebbd5dd2e366e90312adb110f86f5e93ad935337ebebc13
GET /embed/medias/aeu9oe7qwy.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"aaee648121f014198dfab019d3264942"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: c4a727566b295efd90db9ae106b651be
x-runtime: 0.045546
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 74271
x-served-by: cache-iad-kiad7000112-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 184, 1
x-timer: S1667741592.680958,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1829
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP
File type ASCII text, with very long lines (5702)
Hash c8249929f6ebf16a0b48f364bc54c178
7ed0528b65f0879999a54c2aa754a93ddfa3323b
1a808c262f2e1b890f8807cc5b585a98dbc36a48d505b8e8564ae6b888ff306f
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"538bdcfd764fc205d89ecd31963b743a"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f5b369dd2a467950b0ac13fd40a051de
x-runtime: 0.060865
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 77478
x-served-by: cache-iad-kcgs7200078-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 171, 1
x-timer: S1667741592.680941,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1816
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg/swatch
200 OK 4.3 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg/swatch
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash fb5a783f53d0a1085ac33c2afda39271
ba3edaca28fc953f25c45261c637e8d880d1e357
b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b
GET /embed/medias/tmmqdtznyg/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31315667
content-disposition: inline
content-type: image/jpeg
last-modified: Tue, 13 Apr 2021 18:37:38 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 29995
x-served-by: cache-iad-kcgs7200153-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 81, 1
x-timer: S1667741592.695988,VS0,VE2
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4324
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sun, 06 Nov 2022 14:13:32 GMT
Date: Sun, 06 Nov 2022 13:33:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 25512
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 56661
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"538bdcfd764fc205d89ecd31963b743a"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 06 Nov 2022 13:33:11 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"538bdcfd764fc205d89ecd31963b743a"
age: 77478
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1667741592.789876,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 55233
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 20d484fee92bc7fb6320ec2e090c2fa6
7e75aa73b9ab0cf560c135083484230086de045e
14452b3086fafd7de6a81cb5ed79658412a7a8c6975c037bd9dcd7f3e9c195f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14452B3086FAFD7DE6A81CB5ED79658412A7A8C6975C037BD9DCD7F3E9C195F1"
Last-Modified: Sun, 06 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12552
Expires: Sun, 06 Nov 2022 17:02:23 GMT
Date: Sun, 06 Nov 2022 13:33:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 20d484fee92bc7fb6320ec2e090c2fa6
7e75aa73b9ab0cf560c135083484230086de045e
14452b3086fafd7de6a81cb5ed79658412a7a8c6975c037bd9dcd7f3e9c195f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14452B3086FAFD7DE6A81CB5ED79658412A7A8C6975C037BD9DCD7F3E9C195F1"
Last-Modified: Sun, 06 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12552
Expires: Sun, 06 Nov 2022 17:02:23 GMT
Date: Sun, 06 Nov 2022 13:33:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 56918
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 28888
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ef423485cfd4c86582be2f29d2663335
603cac7758299926a2ed22ad2423ba33cb16cc6c
7eea98f38142c015a2f04eb7f849b9763610068e00c37c5818bc484814f2d814
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1663
Cache-Control: max-age=121418
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:11 GMT
Etag: "6366e862-1d7"
Expires: Mon, 07 Nov 2022 23:16:49 GMT
Last-Modified: Sat, 05 Nov 2022 22:49:06 GMT
Server: ECS (amb/6BB4)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 18ee3b3ee57b479e1c3a39ad45784958
60100af79cb43854065b200aa6e9feb0bc9865d9
d589ba8ae8e680afd44fc23cf10494f77940bc7f916e920d3752d8d2ca410ce1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122923
Date: Sun, 06 Nov 2022 13:33:11 GMT
Etag: "6366de70-1d7"
Expires: Mon, 07 Nov 2022 23:41:54 GMT
Last-Modified: Sat, 05 Nov 2022 22:06:40 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3WFrc9kuJKmdy5JlxZKbL461ssnL-hPtFeX_wx76kSt0gLzGP1udaw==
Age: 5714
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
200 OK 744 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
IP
File type ASCII text, with CRLF line terminators
Hash 3110f39a7f2fe9edef25454e9b7a57c2
273c540727af9f5f57cf7f0164d8eb43c56c1b71
b6591997ffdba5b81c1af7fa96a8f6cf26597eb4046d64f91301eb1000a54853
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:11 GMT
content-type: text/javascript; charset=utf-8
content-length: 744
set-cookie: AWSALB=5S/RsA4aV8KXIOlFCS/34s8GUH7p44KV0I8xAWUVRN+l9pWc01mM95vjZCKrTpRMvWS26YCtvOS6GRZLBFpdXy/2v2K2Hr3n4aqyylVmzNnna7gxOnc+Eu9edA2T; Expires=Sun, 13 Nov 2022 13:33:11 GMT; Path=/
AWSALBCORS=5S/RsA4aV8KXIOlFCS/34s8GUH7p44KV0I8xAWUVRN+l9pWc01mM95vjZCKrTpRMvWS26YCtvOS6GRZLBFpdXy/2v2K2Hr3n4aqyylVmzNnna7gxOnc+Eu9edA2T; Expires=Sun, 13 Nov 2022 13:33:11 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
200 OK 251 B URL HTTP/2 store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
IP
File type ASCII text, with CRLF line terminators
Hash e6735c6f608ee64c784286185e5ec194
fc90f684a019712ed8bba84418bd7aee5e691bb9
5a74dbf85d18206e84e65be38b869a0a2cc8bc71ac8adeb26321ccc5ef1411e2
GET /cgi-bin/UCInvisibleLink?merchantId=UPWEL HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:11 GMT
content-type: text/javascript; charset=utf-8
content-length: 251
set-cookie: AWSALB=Z+UByKU8NGRqPWVG3OQ5fgaBKLTQ6mkpJDJhW8gEz6NXpcTM00C+VReYCIhtOknwot0Vovn0ZQ7CTCCnS1dquTetehRdCpk7RdGFs3/WuqgXBMZUxgDHmTqu/fvH; Expires=Sun, 13 Nov 2022 13:33:11 GMT; Path=/
AWSALBCORS=Z+UByKU8NGRqPWVG3OQ5fgaBKLTQ6mkpJDJhW8gEz6NXpcTM00C+VReYCIhtOknwot0Vovn0ZQ7CTCCnS1dquTetehRdCpk7RdGFs3/WuqgXBMZUxgDHmTqu/fvH; Expires=Sun, 13 Nov 2022 13:33:11 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
200 OK 49 B URL HTTP/1.1 h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1467ad668080ed4ab50a1408a712cdcc
e0e5faa2d11a93edc33ee27f07885e0dd48110b4
7d7d1c1b75be5d8b716b9c137e025932f6f2e8391c978f08620b6ad892775096
GET /v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking HTTP/1.1
Host: h.upwellnessfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 06 Nov 2022 13:33:12 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 49
Connection: keep-alive
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Front-End-Https: off
upwellness.com/services/scripts/jquery/jquery.min.js
200 OK 31 kB URL HTTP/1.1 upwellness.com/services/scripts/jquery/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 8662c673de81c12dca4d43967e6ea48d
d51f4e8cbd8a05224bbd685d29adcd3b5d59821f
276b50639b3e8fbe4b4459513ecb68ab82973b84d49b6db67b4688df36ca559c
GET /services/scripts/jquery/jquery.min.js HTTP/1.1
Host: upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 13:33:11 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Nov 2020 19:48:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"5fbd6399-15d84"
Expires: Sun, 13 Nov 2022 13:33:11 GMT
Pragma: public
Cache-Control: max-age=604800, public
Content-Encoding: gzip
store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314
200 OK 137 B URL HTTP/2 store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314
IP
File type ASCII text, with CRLF, LF line terminators
Hash 8b903ff94eedd975776710443e1a48fb
477fbffafc8fd506ec8a87665dd59152dab28ac9
c72f25025d250be1895080a6c0491be5746e8092367e638afe80f25c81b2f7ec
GET /affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705; AWSALB=Z+UByKU8NGRqPWVG3OQ5fgaBKLTQ6mkpJDJhW8gEz6NXpcTM00C+VReYCIhtOknwot0Vovn0ZQ7CTCCnS1dquTetehRdCpk7RdGFs3/WuqgXBMZUxgDHmTqu/fvH; AWSALBCORS=Z+UByKU8NGRqPWVG3OQ5fgaBKLTQ6mkpJDJhW8gEz6NXpcTM00C+VReYCIhtOknwot0Vovn0ZQ7CTCCnS1dquTetehRdCpk7RdGFs3/WuqgXBMZUxgDHmTqu/fvH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 137
set-cookie: AWSALB=UJNV2ibhUjPuEvdiQW/WvFV/iQMa0Lrs+vJJB4+7AHFGn7G4R/Q1qhSQNnsBIjKAVKPuMts+QibOO05qJKw63aptSQxPDk4XJl8dNk+CmMinyUSVDtRX/NRONRtf; Expires=Sun, 13 Nov 2022 13:33:12 GMT; Path=/
AWSALBCORS=UJNV2ibhUjPuEvdiQW/WvFV/iQMa0Lrs+vJJB4+7AHFGn7G4R/Q1qhSQNnsBIjKAVKPuMts+QibOO05qJKw63aptSQxPDk4XJl8dNk+CmMinyUSVDtRX/NRONRtf; Expires=Sun, 13 Nov 2022 13:33:12 GMT; Path=/; SameSite=None; Secure
UltraCartShoppingCartID=158D4263C5C6C501844D252AD92DBE00;Version=0;Path=/;Domain=.upwellness.com
JSESSIONID=abcBAdNVawUrjwmA8xac-; path=/; HttpOnly
LBJSESSIONID=abcBAdNVawUrjwmA8xac-.n215; path=/; HttpOnly
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.nextdoor.com/public/pixel/ndp.js
200 OK 3.0 kB URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP
File type ASCII text, with very long lines (6599), with no line terminators
Hash cc3a8659ba0266e3e19b267e0cdce4af
8b01e885d287725b897c1a67b99dedd2a343a5e5
399dd664ee5f3f88bed9f16f07cbbfc214f58f86c4e327957a8f155d8e08a1bd
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:12 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Fri, 04 Nov 2022 17:31:19 GMT
vary: Accept-Encoding
etag: W/"63654c67-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 2
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 151278b8ac4b479f6df4d07d9def197e
7194fa67319a399c4ffea6b8ce9a893b00d120a3
3b3ad73eb92de30dca22421f2fdd8d67b8d4ed2fbdf5840a11317897144e628d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166202
Date: Sun, 06 Nov 2022 13:33:12 GMT
Etag: "63679dd2-1d7"
Expires: Tue, 08 Nov 2022 11:43:14 GMT
Last-Modified: Sun, 06 Nov 2022 11:43:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JICPQGCqUyXoQcUW1biLuuAXsHBA_8LjKSHzPuTb7ikTdzwdAq4KLw==
builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
200 OK 34 kB URL HTTP/2 builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1825a0c47b2e38b6cf30a4072987bce1
1710545a9d62ae8aaf4b1dd415ffd910df671839
0b4478d998fd8dc7dd45411ac1d80c70e89194ec993a6ef4c53676ba92ab1282
GET /published-js/main.bundle-384ff03.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33495
date: Tue, 30 Aug 2022 01:41:30 GMT
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
etag: "1825a0c47b2e38b6cf30a4072987bce1"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vtdIrUQqDSZztSQjt5I8vZJZsTNX_0Ae-T8m_o77bMe1q_39tyLGmA==
age: 5917903
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
200 OK 27 kB URL HTTP/2 fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4c2dba585f29ecd3710f93f2c805026e
93f3be01654de56a9a932afa65ef9ddbe5913a7f
9f5c98a7ae43d2e102527c94a909740dc119609efc4b3838f4f6d5b10e314677
GET /assets/external/thumbnailTextOverlay-v2.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-6837"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:12 GMT
age: 240
x-served-by: cache-iad-kiad7000094-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 137, 1
x-timer: S1667741593.639083,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 26679
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/videoThumbnail.js
200 OK 20 kB URL HTTP/2 fast.wistia.com/assets/external/videoThumbnail.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4dde36207501f1490fde9760ee77dc63
8ea9016659ee029d94c0fb72ded5bc94c71ca83a
94c0a00a2a06af402d5a12111e912e3017514de1d034460d4ebf11651ad39a43
GET /assets/external/videoThumbnail.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-4e0b"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:12 GMT
age: 300
x-served-by: cache-iad-kiad7000063-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 85, 1
x-timer: S1667741593.639731,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 19979
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
IP
Hash f6420c864830b5860bfaadd47a2bb21b
935d2ed35f43eb0f1aea9b0642df0d7f4770def7
6f36d2d4b4b9df950fd0dd0d57e0eacb7c4217e8086b4ef940cbd6e526930462
GET /ub.js?1618514269 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1856
date: Mon, 29 Aug 2022 01:57:45 GMT
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
etag: "f6420c864830b5860bfaadd47a2bb21b"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7bp0RlviQd5D2mcENGI0YvXFRaRdbxY0F-fNRrt9CBfFKKs9oyyWeA==
age: 6003328
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 3.5 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (8656), with no line terminators
Hash 6cff2cb49ee772adf066904fd18efd9a
8b876016198b0fc9862d2b6e29a80251c5422e72
85d26923c638ce50f36f7b69f9f50d2a6d6863abed574af143e24a14a343f9d2
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Last-Modified: Sun, 09 Oct 2022 07:50:08 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 06 Nov 2022 13:53:12 GMT
Date: Sun, 06 Nov 2022 13:33:12 GMT
Content-Length: 3471
Connection: keep-alive
s.yimg.com/wi/ytc.js
200 OK 5.9 kB IP
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZxJf5CNheFlNnf+xDNVj5t5zNZE73I9vKYX9oTJuvJ9irw6yKm5rcxIJcJynVptpkrWIxvJpQ9WTt1NS+G+jgA==
x-amz-request-id: J5AYJR7724S4NTA8
date: Sun, 06 Nov 2022 13:27:06 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 367
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5231
Cache-Control: max-age=141518
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 04:51:50 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/core.js
200 OK 1.1 kB IP
File type ASCII text, with very long lines (1146), with no line terminators
Hash f9c79b23daa8ae207e3bc134a0eae5da
d76970cf0e9f4d0719cecd7b73b1239cf54369ae
4b379cdc7c6862ed1a6dbd90416cf073517c8fdd936691b90ceb077c57605eaf
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "f9c79b23daa8ae207e3bc134a0eae5da"
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
date: Sun, 06 Nov 2022 13:33:12 GMT
content-length: 1146
X-Firefox-Spdy: h2
cdn1.decide.dev/tracking/rainmakeradventures_lander.js
200 OK 3.1 kB URL HTTP/2 cdn1.decide.dev/tracking/rainmakeradventures_lander.js
IP
Hash c9c5d302d74dcad77d44c1cd6417b237
b409158043da3c75d2c442426e1b4d31cd5fac86
9f44511ee08ff8b8eb7f638776687360bb96db922d3dd32f3b09022ebe5f818c
GET /tracking/rainmakeradventures_lander.js HTTP/1.1
Host: cdn1.decide.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 21:01:54 GMT
x-amz-version-id: pL0FXuWHNQ0OsQuEmXLofjnmRONnAPPJ
server: AmazonS3
content-encoding: gzip
date: Sun, 06 Nov 2022 13:33:11 GMT
etag: W/"ab885b5f44f7974dc5f7edafa552231e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wbIGpT4DPn81OUJOCOH6s9rLcz4ru3Jxfx6m1DfZsaQV50tZqUQlrQ==
age: 38611
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1225872/tfa.js
200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1225872/tfa.js
IP
File type ASCII text, with very long lines (58525)
Hash fed2cc530e60f453f7f21119596496ad
3dea4cc28f174d2d0cab2960a714b22601a5858c
4ad4faff7b764345c24c5070efe269223128ae34776580dda6025da54de72ed1
GET /libtrc/unip/1225872/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iMrvoodkahf4R5FYkWJtV8Pj0LvcKI5fMXkqmQqy/GXuOlnIHPqG+vMqdQ99FQXZNpeY32J04t+xiA+YGJ+kKg==
x-amz-request-id: GEY83AX7650FNEC8
x-amz-replication-status: PENDING
last-modified: Sun, 06 Nov 2022 11:06:52 GMT
etag: "fb0ab9029256ba734cb18ceab652eae9"
x-amz-version-id: 3tIfomvjHbHcvAjh5w.xjX3bnGStnW79
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:12 GMT
via: 1.1 varnish
age: 8658
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1667741593.785702,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
content-length: 17966
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 06 Nov 2022 12:41:09 GMT
expires: Sun, 06 Nov 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 3123
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: c44md0fkDzvngq2yBxrbi88Hp2r7VVrgFs2Z9WMCEhyxJRjNZp7xs9p5O4IqcBdt8qdElMLx7tyiZi2klFSJug==
content-length: 27337
x-fb-trip-id: 1904183273
date: Sun, 06 Nov 2022 13:33:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 11 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=33330A1213E16D5A1F55184612146C76; domain=.bing.com; expires=Fri, 01-Dec-2023 13:33:12 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 970C79B445404CC4902CB3C4DB9B1B27 Ref B: OSL30EDGE0512 Ref C: 2022-11-06T13:33:12Z
date: Sun, 06 Nov 2022 13:33:12 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1667741590326&cv=11&fst=1667741590326&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 952 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1667741590326&cv=11&fst=1667741590326&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2033), with no line terminators
Hash fd56dcb19d9afe0116668a10ede5aa8a
e93d35e432dd396122574875285dad079c459bfb
e0a4ccd6d423629d1f0a5777c44cb3a2d791b67fc9a810fac258c57ac3647fce
GET /pagead/viewthroughconversion/862759327/?random=1667741590326&cv=11&fst=1667741590326&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 952
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 13:48:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1667741590245&cv=11&fst=1667741590245&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 955 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1667741590245&cv=11&fst=1667741590245&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2039), with no line terminators
Hash 5f7c2fd9421e743a92d2767dd34c4761
94a52ca0272e9422a058f6c7c1bfa384a603d623
1519169a18ebd46c919e8fc34c1b3f3d6f710780f19688072fad082d223d64a1
GET /pagead/viewthroughconversion/10838597190/?random=1667741590245&cv=11&fst=1667741590245&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 955
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 13:48:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1667741590343&cv=11&fst=1667741590343&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1667741590343&cv=11&fst=1667741590343&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2033), with no line terminators
Hash 1bfae28d1142b716efc25090a4539bfe
e3e2ff0970c7355a0d6dbd1b78fe9495029b68a5
0adfb40a1c924399211dc789be754dc77a39ad0f642b2d361fb156b26fabdb54
GET /pagead/viewthroughconversion/624541243/?random=1667741590343&cv=11&fst=1667741590343&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 13:48:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1667741590370&cv=11&fst=1667741590370&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 950 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1667741590370&cv=11&fst=1667741590370&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2035), with no line terminators
Hash 554a130245fd1d4677ebe524ee23f58f
03470a8a0365adf4704648ebf348b80aa8b20397
36a2dda6993f9d9ed93d7715de5cacbfe1f7c8fe459438d3f01e0221eaf0209c
GET /pagead/viewthroughconversion/458254939/?random=1667741590370&cv=11&fst=1667741590370&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 950
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 13:48:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.025787410415772705&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314
200 OK 0 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.025787410415772705&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.025787410415772705&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705; AWSALB=UJNV2ibhUjPuEvdiQW/WvFV/iQMa0Lrs+vJJB4+7AHFGn7G4R/Q1qhSQNnsBIjKAVKPuMts+QibOO05qJKw63aptSQxPDk4XJl8dNk+CmMinyUSVDtRX/NRONRtf; AWSALBCORS=UJNV2ibhUjPuEvdiQW/WvFV/iQMa0Lrs+vJJB4+7AHFGn7G4R/Q1qhSQNnsBIjKAVKPuMts+QibOO05qJKw63aptSQxPDk4XJl8dNk+CmMinyUSVDtRX/NRONRtf; _gcl_au=1.1.165865900.1667741590; UltraCartShoppingCartID=158D4263C5C6C501844D252AD92DBE00; JSESSIONID=abcBAdNVawUrjwmA8xac-; LBJSESSIONID=abcBAdNVawUrjwmA8xac-.n215
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:12 GMT
content-length: 0
set-cookie: AWSALB=jYU3+p7alPjdbkVAglX/oohf9oJ85xKkX5qI4iB5XHcS18ZhRxouamEHjeqVuQamRJj5P7tBte3C0j0uVBZyd8HLgoP/owm879d2lCWFo7PccU66BPc8IWQjKAAR; Expires=Sun, 13 Nov 2022 13:33:12 GMT; Path=/
AWSALBCORS=jYU3+p7alPjdbkVAglX/oohf9oJ85xKkX5qI4iB5XHcS18ZhRxouamEHjeqVuQamRJj5P7tBte3C0j0uVBZyd8HLgoP/owm879d2lCWFo7PccU66BPc8IWQjKAAR; Expires=Sun, 13 Nov 2022 13:33:12 GMT; Path=/; SameSite=None; Secure
UPWEL-ANP=6141; domain=store.upwellness.com; path=/; expires=Mon, 06-Nov-2023 13:33:12 GMT; HttpOnly
server: Apache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2bee0a5d64d991a6fa8093846e589c97
42d1ce0b2daa48c5e08b72e7100751687b355fae
6fc318373296a3b5139bfae3458908d2b18dd1130796573147d5939dea0fe4a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5637
Cache-Control: max-age=133300
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Etag: "63670747-1d7"
Expires: Tue, 08 Nov 2022 02:34:52 GMT
Last-Modified: Sun, 06 Nov 2022 01:00:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
mwebnice.com/6755/314/2/?subid=reviversglodersmixc
302 Found 951 B URL HTTP/2 mwebnice.com/6755/314/2/?subid=reviversglodersmixc
IP
Hash cfd47a44d418ac9fcfb4955ec164cf2c
ab7a1ee328950c2fb67ca7e66100bf764f0cb5e3
da7eae7c13b45629ba6fa79c5bc083729ad3665a57facd93a4e88141e5500a1d
Analyzer Verdict Alert fortinet Phishing
GET /6755/314/2/?subid=reviversglodersmixc HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 06 Nov 2022 13:33:10 GMT
content-type: text/html; charset=UTF-8
location: https://go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221106133318603&aff_sub=314
cache-control: max-age=3600, private
pragma: no-cache
expires: Sun, 06 Nov 2022 14:33:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765e33062aedb518-OSL
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1667741590508&cv=11&fst=1667741590508&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 950 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1667741590508&cv=11&fst=1667741590508&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2033), with no line terminators
Hash ddc5803c59a50c34cef87ecbb8f23c9c
60b5474864abaee99f8abd97b8cbe94c85c75f0e
a4a081e4325febf75806a2636338088f242373cd7d8802685b46b1ee081e5339
GET /pagead/viewthroughconversion/675938688/?random=1667741590508&cv=11&fst=1667741590508&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&auid=165865900.1667741590&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 950
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 13:48:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 498a93ef6474e78f5c7b8ec391786b1c
2fdbd636d3ec6c2476c2ac34697ba171eecdb768
ab9705c42b3e1f2c2cc005974f4dd27f75c27a053bd29e81d2a99824200dcef7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5231
Cache-Control: max-age=141518
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Etag: "636728f7-1d7"
Expires: Tue, 08 Nov 2022 04:51:50 GMT
Last-Modified: Sun, 06 Nov 2022 03:24:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.js.customerlabs.co/cl4975ot4arrr6.js
200 OK 185 kB URL HTTP/2 cdn.js.customerlabs.co/cl4975ot4arrr6.js
IP
File type ASCII text, with very long lines (33547)
Size 185 kB (185008 bytes)
Hash 3d921d0b43ed5825b71341222e0a81db
8041519de353aed810b11296edea2f1c124ebe57
a4016255ce888aa3ed738541488afddfc806a1df1192a8d37c399de944abaf62
GET /cl4975ot4arrr6.js HTTP/1.1
Host: cdn.js.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 185008
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
access-control-expose-headers: ETag, x-amz-meta-custom-header
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Aug 2022 14:07:47 GMT
x-amz-version-id: al_g.shjIsMWB6JxEDFijx1HizIvBY6D
accept-ranges: bytes
server: AmazonS3
date: Sun, 06 Nov 2022 13:33:13 GMT
cache-control: max-age=60
etag: "3d921d0b43ed5825b71341222e0a81db"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DEHjARbuyy1lIeia-S5MzQoGbOeo4Xx5r1WZIcd5EuGmHDlK8fTlDg==
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/index.html
200 OK 325 B URL HTTP/2 cdn.useproof.com/proxy/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash f92252b1f21fd30ac52b59395971ecdb
ecb588481454091dcfea3c925c83577425497626
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
GET /proxy/index.html HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:13 GMT
content-type: text/html
content-length: 325
x-amz-id-2: ktVdw02rBvDyNEMR+M8gVazzAg6V9iYFvWE3+UJ+FxcuI0ke2H58fExL3QVhRzFoV80x9rZgprs=
x-amz-request-id: 4KY9G9PH389VN9ZY
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLjeIoS49Vx32aHek076zaZ%2Fw9Kdz9pdIdcBu3ukAvqOIC2LZvdRyAWGYs%2BSCSS2rp%2FHo0q3EI6gWUnxE%2BKCFtXtURzH0LrvyuvyqxeCIpkHtEQXY1FffmrA0z5uPd2br%2Bzm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e33197f750b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=27015508&Ver=2&mid=0f150b23-bc8f-4899-a250-aacc1045c402&sid=8e996d605dd711ed9dbb353188b37e4b&vid=8e999f005dd711edb0caad27f4cf288a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&r=<=3539&evt=pageLoad&sv=1&rn=484468
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27015508&Ver=2&mid=0f150b23-bc8f-4899-a250-aacc1045c402&sid=8e996d605dd711ed9dbb353188b37e4b&vid=8e999f005dd711edb0caad27f4cf288a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&r=<=3539&evt=pageLoad&sv=1&rn=484468
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27015508&Ver=2&mid=0f150b23-bc8f-4899-a250-aacc1045c402&sid=8e996d605dd711ed9dbb353188b37e4b&vid=8e999f005dd711edb0caad27f4cf288a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&r=<=3539&evt=pageLoad&sv=1&rn=484468 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=149446B57ED66105129C54E17F2360CD; domain=.bing.com; expires=Fri, 01-Dec-2023 13:33:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A635F193CBD24FC1A8D586FF1229BB1E Ref B: OSL30EDGE0512 Ref C: 2022-11-06T13:33:13Z
date: Sun, 06 Nov 2022 13:33:12 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/27015508.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27015508.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27015508.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0AA1889016CE667C10FC9AC4173B6721; domain=.bing.com; expires=Fri, 01-Dec-2023 13:33:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA5D7BACBE504EA986C4C906741259C7 Ref B: OSL30EDGE0512 Ref C: 2022-11-06T13:33:13Z
date: Sun, 06 Nov 2022 13:33:12 GMT
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/proxy.js
200 OK 114 kB URL HTTP/2 cdn.useproof.com/proxy/proxy.js
IP
File type Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size 114 kB (114404 bytes)
Hash 9f4d60f4f2b143cadacb2b8b3a901401
8c25b07f5122f9875920498c20ede6045320f479
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
GET /proxy/proxy.js HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/proxy/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:13 GMT
content-type: application/javascript
content-length: 114404
cache-control: public, max-age=315360000, no-transform
cf-bgj: minify
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
x-amz-id-2: yoAjzcyRlZUSIcodHaLndl6c776jIrkHPBSIgiDtxS12xvdyq2MKSDzEETmCnivt0ELZRmo4dWc=
x-amz-request-id: YH3Z1CT1HCFY0HSJ
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
age: 47387891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vpy8n0%2B7ItYDZdL65H%2FNI47E2bRTHf8QDYUJgE1m2nQoX38NfLpqmK53t4K6OZt89N1CKz8wCseh6xDkF%2BVjVGjk1wm9pFgRAW6meSi8yJmKDPz0Dr8vcapdKhxadIwLVOt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765e331d8b8e0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
200 OK 3.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
IP
File type PNG image data, 92 x 92, 8-bit colormap, non-interlaced\012- data
Hash 3e5b99433b8b72478180f7e404014a0b
dd2dc5346993430fd18898e72b853d4a8571cf54
316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3
GET /pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2978
date: Sat, 01 Oct 2022 14:13:43 GMT
last-modified: Fri, 30 Sep 2022 22:12:22 GMT
etag: "3e5b99433b8b72478180f7e404014a0b"
cache-control: max-age=31557600
x-amz-version-id: 3QcsdVfJCheU68tsNsHItjwpFa8KFILv
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: utSwxdyYjiL8ybd_TnUlFekA9GJie2UlsIZIAV9e-Qh8GCl9Qqi4HA==
age: 3107971
X-Firefox-Spdy: h2
script.hotjar.com/modules.f1e65ef904544a33c6d0.js
200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.f1e65ef904544a33c6d0.js
IP
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 0f58b5937c38edb646c879633af2ba34
253ed6753506bdbd2bc9dd85eaa0c724d8592bf6
c5bc2879b3d04080631054a073fc6b4b58f46f3a9732cbcb212cf73e349c1d81
GET /modules.f1e65ef904544a33c6d0.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68402
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "0f58b5937c38edb646c879633af2ba34"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SEoBrkss7xAVmzMBoSDFWys-nXiNToz4sZFUz_xboJ6FJhqLCVGQgw==
age: 177067
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
200 OK 1.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash c3187d70acad4469f04dd3d18fa9e6c3
7fd04ec574ffdaf4310b21dce8e0e68a1dccce36
282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9
GET /pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1275
date: Sat, 01 Oct 2022 15:35:13 GMT
last-modified: Fri, 30 Sep 2022 22:12:23 GMT
etag: "c3187d70acad4469f04dd3d18fa9e6c3"
cache-control: max-age=31557600
x-amz-version-id: rFfOJ_saqCQtRIyCcE2k29aF5A0MvJdI
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qlCYJuAeILYdjqkr2HC7P6b7RyxdGlXuXCi4YXhSDBmIEj4ZQ1qhww==
age: 3103081
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png
200 OK 393 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png
IP
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 3ff814e5236412c48f322c8898ef45bc
03bb8e101a159000a746aa4c781db1347e90535d
579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba
GET /pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 393
date: Sun, 18 Sep 2022 07:59:09 GMT
last-modified: Fri, 02 Sep 2022 15:02:02 GMT
etag: "3ff814e5236412c48f322c8898ef45bc"
cache-control: max-age=31557600
x-amz-version-id: xTEJkOHzfKHlADvFh7BSrD5ltmxEgYDT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -rk0is81dwb_6JEvLIDHpY7k6VmmyxYxJwYYXjW73cOhWuQrg-3Ihg==
age: 4253645
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
200 OK 4.9 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
IP
File type JPEG image data, baseline, precision 8, 156x156, components 3\012- data
Hash 86140e94391c453d7e943ecd2c76a385
87165779b2df1e9dc76345b53d6af5df0e7b5160
635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da
GET /pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4874
date: Wed, 28 Sep 2022 11:43:23 GMT
last-modified: Wed, 28 Sep 2022 11:43:04 GMT
etag: "86140e94391c453d7e943ecd2c76a385"
cache-control: max-age=31557600
x-amz-version-id: .44EtT.ci91ALNffk.Aqcau2MMwnL.tu
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e-IGjxGBDbGGaknH0tVkyiJk9GSMvzEdNHqnEpQTIXFMD157lIhYCw==
age: 3376190
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png
200 OK 404 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png
IP
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 6d0abbec035ce0c4075e7e7b8ee68550
2ecf92d54541667646b2364ce347baa45a57f77b
9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306
GET /pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 404
date: Wed, 24 Aug 2022 03:44:00 GMT
last-modified: Fri, 19 Aug 2022 13:11:08 GMT
etag: "6d0abbec035ce0c4075e7e7b8ee68550"
cache-control: max-age=31557600
x-amz-version-id: kmb8cUpvzx1e0W5zrYgEVmUNy2_n_cDY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PKaA-tNv7AM403qbwgvwM4Mgr0PG0xA0h0nSRxCPS-PgOaxU0eMUdA==
age: 6428954
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
200 OK 9.6 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
IP
File type JPEG image data, baseline, precision 8, 252x252, components 3\012- data
Hash 6ca7442dfba9d9e783f10f04dfcaa249
224afddf15c4f93481f56a2a997d752f09b38962
17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59
GET /pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9585
date: Sat, 03 Sep 2022 04:46:02 GMT
last-modified: Fri, 02 Sep 2022 15:02:02 GMT
etag: "6ca7442dfba9d9e783f10f04dfcaa249"
cache-control: max-age=31557600
x-amz-version-id: NAExZ8YNpNiGKXHp074OCSOuQTslKLnz
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CUHhe14EDR4uO_31vc8F-McgGOCD-ovUo_jxC3FVlP1tPYpyyfrf_w==
age: 5561232
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
200 OK 3.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
IP
File type PNG image data, 246 x 91, 8-bit colormap, non-interlaced\012- data
Hash b5c5f324193b5e16bbbeba489c9bf2f9
9f6c6b0feb1141dba640af2237d35ae33fc36677
84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153
GET /pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3345
date: Tue, 27 Sep 2022 01:00:28 GMT
last-modified: Fri, 02 Sep 2022 15:02:02 GMT
etag: "b5c5f324193b5e16bbbeba489c9bf2f9"
cache-control: max-age=31557600
x-amz-version-id: D8CcCALSyhURGKWa6Ftzdzs9l2_9qfLc
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _O_F4kwzmFPQ0UDwRpQBl5gmZoG3imCB7u-_Ip3EMc8JgPFjEMS4aQ==
age: 3501166
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/675938688/?random=1667741590508&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=993925600&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/675938688/?random=1667741590508&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=993925600&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1667741590508&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=993925600&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
200 OK 1.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash 9ac72e37f90441dec8054ca9fad4f958
c34ba3dfccc201d169861b88ae8172a8902559ef
6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918
GET /pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1035
date: Sat, 01 Oct 2022 14:13:43 GMT
last-modified: Fri, 30 Sep 2022 22:12:22 GMT
etag: "9ac72e37f90441dec8054ca9fad4f958"
cache-control: max-age=31557600
x-amz-version-id: C3B1NouAB67.TLg0bHDlpfxcs1fZbbmp
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m_n60Q2AEWvFIqjd4DwApnf7jYKDO4rKS7mNPSwtshHDko22kjII_A==
age: 3107971
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/862759327/?random=1667741590335&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733362124&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1667741590335&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733362124&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1667741590335&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733362124&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
200 OK 742 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
IP
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash b02c898ea0b0b138b4c46168d31ebc9b
d9ac970e50ee53c042ad38a2c706d3e0d5662f99
f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab
GET /pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 742
date: Sat, 01 Oct 2022 14:13:43 GMT
last-modified: Fri, 30 Sep 2022 22:12:22 GMT
etag: "b02c898ea0b0b138b4c46168d31ebc9b"
cache-control: max-age=31557600
x-amz-version-id: Oa48.CPodbKPpnrgrN39BNS3Es2CFVr7
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F-D_PKWD1cTPCG75p3hbwZVAxBvhZ7q5QGKM_7LoD-GGWX4cnd69dA==
age: 3107971
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/675938688/?random=1667741590508&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=993925600&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/675938688/?random=1667741590508&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=993925600&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1667741590508&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=993925600&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/458254939/?random=1667741590370&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3134060698&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/458254939/?random=1667741590370&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3134060698&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1667741590370&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3134060698&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/624541243/?random=1667741590343&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=394835604&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/624541243/?random=1667741590343&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=394835604&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1667741590343&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=394835604&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10838597190/?random=1667741590245&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3071162402&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10838597190/?random=1667741590245&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3071162402&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1667741590245&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3071162402&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10175858.json
200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10175858.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ad716787c5ee7f50ab6806a8dfac76d
31d18a36b7472a44913f9871c1ea0d3530f17060
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
GET /wi/config/10175858.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PIJbFpDhAZ3CtGjxRT5BDVTjYjuq8yKelSrB0eDD5YNo3sgYTd34cjSEK+Q9ZIeKHznVdMr1l/8=
x-amz-request-id: DS5KVBB91EK2YKBF
date: Sat, 05 Nov 2022 13:59:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 14 Jan 2022 20:54:46 GMT
x-amz-expiration: expiry-date="Sun, 19 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: fa2aBktS.tlgTipU0DLTD9VeWF6_YTMO
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
age: 84844
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/624541243/?random=1667741590343&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=394835604&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/624541243/?random=1667741590343&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=394835604&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1667741590343&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=394835604&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10838597190/?random=1667741590245&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3071162402&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10838597190/?random=1667741590245&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3071162402&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1667741590245&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3071162402&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/862759327/?random=1667741590326&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648025192&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1667741590326&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648025192&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1667741590326&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648025192&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/862759327/?random=1667741590326&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648025192&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/862759327/?random=1667741590326&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648025192&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1667741590326&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=648025192&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=2122019352.1667741591&jid=933900601&gjid=429556789&_gid=546187388.1667741591&_u=YGBAiEABBAAAAEAAI~&z=115134762
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=2122019352.1667741591&jid=933900601&gjid=429556789&_gid=546187388.1667741591&_u=YGBAiEABBAAAAEAAI~&z=115134762
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=2122019352.1667741591&jid=933900601&gjid=429556789&_gid=546187388.1667741591&_u=YGBAiEABBAAAAEAAI~&z=115134762 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://pages.upwellness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/862759327/?random=1667741590335&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733362124&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/862759327/?random=1667741590335&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733362124&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1667741590335&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2733362124&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/458254939/?random=1667741590370&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3134060698&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/458254939/?random=1667741590370&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3134060698&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1667741590370&cv=11&fst=1667739600000&bg=ffffff&guid=ON&async=1>m=2oab20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3134060698&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 13:33:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
200 OK 8.6 kB URL HTTP/1.1 www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
IP
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b5dc3661602dcf8810766c01556df41b
a84687898568cf8ae0ba6c4b35886b3ee4dfbd17
91e84a8da7499abc9388eed1192e8363c8dfe07e28e6300c69ee25be1a4eb994
GET /wp-content/uploads/2016/08/apple-touch-icon-144x144.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705; _gcl_au=1.1.165865900.1667741590; UltraCartShoppingCartID=158D4263C5C6C501844D252AD92DBE00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 13:33:13 GMT
Content-Type: image/png
Content-Length: 8622
Last-Modified: Wed, 29 Jul 2020 20:33:17 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5f21dd0d-21ae"
Expires: Sun, 13 Nov 2022 13:33:13 GMT
Pragma: public
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cf53a4a6e1baa967710276bf64a7dd9f
076ee3e5538ea01508cef9a0226861576c1ea533
6f6e09dc10e2f85e0f14a1bba58c9ba7e3cdb4696daab4715b0b6e66692b22dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F6E09DC10E2F85E0F14A1BBA58C9BA7E3CDB4696DAAB4715B0B6E66692B22DC"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12914
Expires: Sun, 06 Nov 2022 17:08:27 GMT
Date: Sun, 06 Nov 2022 13:33:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22a25a5f34%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667741591159
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22a25a5f34%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667741591159
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22a25a5f34%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1667741591159 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1844528451646000
date: Sun, 06 Nov 2022 13:33:13 GMT
akamai-grn: 0.274f2417.1667741593.884475f7
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
200 OK 45 kB URL HTTP/2 embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
IP
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d279bae4b54ae66328caa9fa6d84f5d
a09fc7ee495603b85bfd230fa171463f84d337e2
9b2282afb551e1c12679f8d4059e1a8209ea04ae8b3a3bafeef173da16b8be8d
GET /deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: d0a1fb999ec98584973653dd06314b37
last-modified: Wed, 23 Mar 2022 20:25:49 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
age: 2181152
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000145-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 3459, 1
x-timer: S1667741593.437703,VS0,VE1
content-length: 45025
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/4.5.0/firebase.js
200 OK 116 kB URL HTTP/2 www.gstatic.com/firebasejs/4.5.0/firebase.js
IP
File type ASCII text, with very long lines (16738)
Size 116 kB (116073 bytes)
Hash 0ff319bf584fbc1049438249c206242d
2adccf821c87d51efbc577cc3f091d6f254f0a35
2571c05e9c76a275e38235dc4b7256c971cccd9c1a40367b8d2f8fc9a14b4efb
GET /firebasejs/4.5.0/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 116073
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 21:52:42 GMT
expires: Sun, 05 Nov 2023 21:52:42 GMT
cache-control: public, max-age=31536000
age: 56431
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667741591156&dep=2%2CPAGE_LOAD
200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667741591156&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1667741591156&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVltWmhOekJsT1RZdE1UZ3lNeTAwT1RVM0xXSTVOVEF0TkdVM05USm1PREk0WXpGaQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://pages.upwellness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 6840472675263601
date: Sun, 06 Nov 2022 13:33:13 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1667741593.884475f9
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 17:10:21 GMT
expires: Wed, 01 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 418972
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 323945
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.unbounce.com/trk?v=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705&xp=65d0fec8-b023-4c4b-ac8b-d609707436f9&g=convert
200 OK 0 B URL HTTP/1.1 t.unbounce.com/trk?v=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705&xp=65d0fec8-b023-4c4b-ac8b-d609707436f9&g=convert
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trk?v=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705&xp=65d0fec8-b023-4c4b-ac8b-d609707436f9&g=convert HTTP/1.1
Host: t.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 06 Nov 2022 13:33:13 GMT
content-type: application/javascript
content-length: 0
x-proxy-backend: page-server
connection: close
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 323945
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
200 OK 18 kB URL HTTP/1.1 www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
IP
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash d094840fd6b5b489b25f18a22a493822
29a59e8c0250e81421609d5c7c25f20776fdaa4a
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
GET /wp-content/uploads/2015/10/favicon-152.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705; _gcl_au=1.1.165865900.1667741590; UltraCartShoppingCartID=158D4263C5C6C501844D252AD92DBE00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 13:33:13 GMT
Content-Type: image/png
Content-Length: 18176
Last-Modified: Tue, 06 Oct 2015 22:43:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "56144e92-4700"
Expires: Sun, 13 Nov 2022 13:33:13 GMT
Pragma: public
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TCAzyvO1bcTTCaz5Nn-D2xyCVIi3jj9kTmV-ylm-iY91oEguk_zYVg==
age: 177067
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:21 GMT
expires: Thu, 02 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 323932
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4fa30fc8533e28b2e39ed1e71d77786d
aaebcae5c42509f9d8afabc7d8678ebd91da0ae2
b500fe2c135f0a9af1417e5209ee761e0f5f11a2e1d1d074b770a054e301ab0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132418
Date: Sun, 06 Nov 2022 13:33:13 GMT
Etag: "63670cfb-1d7"
Expires: Tue, 08 Nov 2022 02:20:11 GMT
Last-Modified: Sun, 06 Nov 2022 01:25:15 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y-P2GQQsIs-A2DwJocUYpdhxlVwGJwajxnyx4_WpWyT_rAtPkid7Dw==
Age: 3296
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4fa30fc8533e28b2e39ed1e71d77786d
aaebcae5c42509f9d8afabc7d8678ebd91da0ae2
b500fe2c135f0a9af1417e5209ee761e0f5f11a2e1d1d074b770a054e301ab0b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130316
Date: Sun, 06 Nov 2022 13:33:13 GMT
Etag: "63670cfb-1d7"
Expires: Tue, 08 Nov 2022 01:45:09 GMT
Last-Modified: Sun, 06 Nov 2022 01:25:15 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8f9cwCAXOpVxPm82a64040AfrEXUZW-1kS1_3YY395qLKVf6KEMBfw==
Age: 1194
tr.outbrain.com/unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&obApiVersion=1.1&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&optOut=false&bust=048409429365310297&referrer=
200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&obApiVersion=1.1&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&optOut=false&bust=048409429365310297&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&obApiVersion=1.1&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&optOut=false&bust=048409429365310297&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 13:33:13 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 4fd45985523d683b1c10d808348ff3e8
content-encoding: gzip
fast.wistia.com/assets/external/wistia-mux.js
200 OK 840 B URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP
Hash eeccc1f46f4ebcd3779e26daa54088ed
3afda809e31f2c7f053f5fe5fa05d7168a8ab0f2
1d1bc5da947b15e7c0feef38a1c3b76e4f97e6312d90123f9db9929fe7d99553
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-7ba7"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:12 GMT
age: 308
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 641, 9
x-timer: S1667741592.393551,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31655
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 1f865c107630bec3fc17f60abae01d91
c9b0cc2c604d962519f0a320bc25d13c853c9c93
77237c19763f3fc9765d7c4c1606f23f469c978f913bd2e2c06fa1d96fb9237d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96093
Date: Sun, 06 Nov 2022 13:33:13 GMT
Etag: "63667384-1d7"
Expires: Mon, 07 Nov 2022 16:14:46 GMT
Last-Modified: Sat, 05 Nov 2022 14:30:28 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L_WZ7WC_zPKLwMRWRO3FCUvAiDJ3HsfDFeCOUFbqMr0hQSsEprT7Ag==
Age: 6258
fast.wistia.com/assets/external/engines/hls_video.js
200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP
File type ASCII text, with very long lines (65469)
Size 114 kB (114372 bytes)
Hash 8227dcc0c564f99aeb6c9c299833327f
17c9e05b9588fc5f19c03c22a8134a6f9447e63a
c5870b78fde7c728459c40e65cba9ae895dfa76a81f5f78036c98690927886bd
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-1bec4"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
age: 309
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 60, 7
x-timer: S1667741594.683910,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114372
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1667741591178&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=0ea2d316-6a43-4269-9430-b0c4cdd3c720&dtm=1667741591172&vp=1280x939&ds=1268x1251&vid=1&sid=7463f962-77fa-4f6d-9e60-2029925cdaf4&duid=860a06b1-f551-4397-a28a-d3e2ce6d2f06&uid=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1667741591178&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=0ea2d316-6a43-4269-9430-b0c4cdd3c720&dtm=1667741591172&vp=1280x939&ds=1268x1251&vid=1&sid=7463f962-77fa-4f6d-9e60-2029925cdaf4&duid=860a06b1-f551-4397-a28a-d3e2ce6d2f06&uid=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1667741591178&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=0ea2d316-6a43-4269-9430-b0c4cdd3c720&dtm=1667741591172&vp=1280x939&ds=1268x1251&vid=1&sid=7463f962-77fa-4f6d-9e60-2029925cdaf4&duid=860a06b1-f551-4397-a28a-d3e2ce6d2f06&uid=8f1645a5-1d37-4d9d-8a9b-1dac9f70c705&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:13 GMT
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.0.9
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl/firstVisit
200 OK 0 B URL HTTP/1.1 io.v2.customerlabs.co/cl/firstVisit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl/firstVisit HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 489
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sun, 06 Nov 2022 13:33:13 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591403&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591403&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591403&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 13:33:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591405&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591405&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591405&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 13:33:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591400&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591400&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591400&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 13:33:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591407&sw=1280&sh=1024&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591407&sw=1280&sh=1024&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit_GRPlus&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591407&sw=1280&sh=1024&v=2.9.89&r=stable&ec=3&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 13:33:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591408&cd[content_name]=replay%2C%20rt&sw=1280&sh=1024&v=2.9.89&r=stable&ec=4&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591408&cd[content_name]=replay%2C%20rt&sw=1280&sh=1024&v=2.9.89&r=stable&ec=4&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=VSLVisit_GRP&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591408&cd[content_name]=replay%2C%20rt&sw=1280&sh=1024&v=2.9.89&r=stable&ec=4&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 13:33:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591410&cd[start_time]=2022-11-06T13%3A33%3A11.143Z&cd[customerlabs_user_id]=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&sw=1280&sh=1024&v=2.9.89&r=stable&ec=5&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&eid=cl4975ot4arrr6b356418e-97bf-4e25-b2bd-58d7d1fccf6f&tm=2&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591410&cd[start_time]=2022-11-06T13%3A33%3A11.143Z&cd[customerlabs_user_id]=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&sw=1280&sh=1024&v=2.9.89&r=stable&ec=5&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&eid=cl4975ot4arrr6b356418e-97bf-4e25-b2bd-58d7d1fccf6f&tm=2&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=302615157369859&ev=website_session_start&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&rl=&if=false&ts=1667741591410&cd[start_time]=2022-11-06T13%3A33%3A11.143Z&cd[customerlabs_user_id]=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&sw=1280&sh=1024&v=2.9.89&r=stable&ec=5&o=30&fbp=fb.1.1667741591399.502581279&it=1667741590999&coo=false&eid=cl4975ot4arrr6b356418e-97bf-4e25-b2bd-58d7d1fccf6f&tm=2&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 06 Nov 2022 13:33:13 GMT
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
200 OK 915 B URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
IP
Hash 48c1b43bc9be7e93632e0efa1882848c
05b4e7d3b3f87ecdc544789f68edeb5f8d7baf69
f1c7edc9dc26c60377b14f9cfe0e19cd642e189e6b27dde4ab088a3a2f0c1823
GET /embed/medias/aeu9oe7qwy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 02b983ccc7debc6886454fb5ea5bce0d
x-runtime: 0.023325
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
age: 1
x-served-by: cache-iad-kjyo7100174-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 821, 1
x-timer: S1667741594.899792,VS0,VE6
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 915
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
200 OK 930 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP
Hash d98f824625558fb8273eb2bc853a1e08
6b9cc5b14072badf20cccc5f8f8ff7dcc7fae4df
f376ddcd25ce45f6ce99a7322ce248468478dc466ea353a8813223ac967f6057
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"f376ddcd25ce45f6ce99a7322ce24846"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f4d94d76502dc24c3bd0918a89259458
x-runtime: 0.026475
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
age: 0
x-served-by: cache-iad-kcgs7200134-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 31, 1
x-timer: S1667741594.917788,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 930
X-Firefox-Spdy: h2
fast.wistia.com/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "6365833b-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 04 Nov 2022 21:25:15 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
age: 144311
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 2297
x-timer: S1667741594.953588,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
IP
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash 4dbb6a70352514258a764f17379df162
1d07ed4093d8e6fa0bd406c05e527a79d56ae1d4
71c5c0962b4fe28b5bf7ff4396001d27459106809c564c55e379ee28dc4a6a43
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
Accept-Ranges: bytes
Cache-Control: max-age=31085155
Expires: Wed, 01 Nov 2023 08:19:08 GMT
Date: Sun, 06 Nov 2022 13:33:13 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
200 OK 1.6 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.6 MB (1558520 bytes)
Hash c99eba935e2a3089e3a768d3646f5b3f
2773babf9ff2e0f3beba2f10403018cf55019e92
0cf3d354eadd8e8aa2fead4090a75c396014486ea74b61219c8cf946d4272a35
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1558520
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
Accept-Ranges: bytes
Cache-Control: max-age=31092410
Expires: Wed, 01 Nov 2023 10:20:04 GMT
Date: Sun, 06 Nov 2022 13:33:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
200 OK 3.7 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
IP
Hash b2c3ce627cd8f47980d2dcefbca05105
1deffed6db48e30507c8b4b66b7388509e0dce28
1cee6eafba9f65cf32f5a89e8fcd9f2a2ecb7b90c457ded3889ec0f1e7a25df9
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Wed, 13 Sep 2023 16:58:11 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
age: 4653304
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200045-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 1625, 1
x-timer: S1667741594.998565,VS0,VE1
vary: Accept-Encoding
content-length: 3722
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"f376ddcd25ce45f6ce99a7322ce24846"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 06 Nov 2022 13:33:14 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"f376ddcd25ce45f6ce99a7322ce24846"
age: 0
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1667741594.106006,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash db2a48e7e9f5a46be10e264b33a427ef
a7782d1532923b857b2775262d9c79394ab57c66
93c104669cda2bf2910fb1c92a6baa45f7c40a270eac4eaf305a8441cc62ceb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3261
Cache-Control: max-age=120826
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:14 GMT
Etag: "6366dfd7-117"
Expires: Mon, 07 Nov 2022 23:07:00 GMT
Last-Modified: Sat, 05 Nov 2022 22:12:39 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 279
embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
200 OK 485 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 485 kB (484664 bytes)
Hash b7735798b762d519cb4886f5f5da5bd0
be1cebaf2a46bef7442b69d48557bd362607ea2d
05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Wed, 25 Oct 2023 07:37:22 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:14 GMT
age: 1058151
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 11499, 1
x-timer: S1667741594.196551,VS0,VE1
content-length: 484664
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&id=cl4975ot4arrr6&uid=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540
200 OK 178 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&id=cl4975ot4arrr6&uid=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ada74c5b1021f701f49502633b4389cb
4b8d50b496500aa9e38b44d35cc6037ee9a8e098
604bcaf6ab0c5b73ef79b20a087d850e683102ab0ad31410777978216d95574e
GET /externalIds?customerlabs_user_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&id=cl4975ot4arrr6&uid=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Sun, 06 Nov 2022 13:33:14 GMT
Server: nginx/1.12.1
Content-Length: 178
Connection: keep-alive
rp.liadm.com/j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4 HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 06 Nov 2022 13:33:14 GMT
content-length: 0
trace-id: 567f8e149ea0e636
vary: Origin
location: /j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
set-cookie: lidid=47cd3ce3-faeb-489e-be8b-1292e40f3d80; Max-Age=63072000; Expires=Tue, 05 Nov 2024 13:33:14 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
IP
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash ab5749148714924c5838aca07a914f1f
8986957e269c8ede3f95a1e04a5578bb85a780a4
d85c34da5529aa87fc3dbd68b383e851e3b44f90004f99e75ade9397a7d92f78
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment a7ec61e3e17b30009f4079021efec85f56cda9c7
Accept-Ranges: bytes
Cache-Control: max-age=31140322
Expires: Wed, 01 Nov 2023 23:38:36 GMT
Date: Sun, 06 Nov 2022 13:33:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
200 OK 452 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 452 kB (451576 bytes)
Hash 67501a36beb525a095955cf7549a54e8
fab51b09bb81d0ea8f8671e0545ce29d11c97a85
576624d97d2cf55136788b5f9201affb7ad1016f856685473acd8b1bdc8ae870
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 451576
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment a7ec61e3e17b30009f4079021efec85f56cda9c7
Accept-Ranges: bytes
Cache-Control: max-age=31140322
Expires: Wed, 01 Nov 2023 23:38:36 GMT
Date: Sun, 06 Nov 2022 13:33:14 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
vc.hotjar.io/sessions/795540?s=0.25&r=0.1739798175702586
204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/795540?s=0.25&r=0.1739798175702586
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/795540?s=0.25&r=0.1739798175702586 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Sun, 06 Nov 2022 13:33:14 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zwQXfFK3us9DK2A83TmdympmPbdUqHa0eygj2FBeFfqe8sXWnRhbOA==
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1667741591573&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gh6ja995xc2fczmpkrcg51bk&tna=v2.5.0&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Referer: https://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:14 GMT
content-type: application/json
content-length: 13
trace-id: 70f77de5fe2bbb62
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: a11592eb-b93e-4f64-9caf-93029ddb8314
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/interFontFace.js
200 OK 18 kB URL HTTP/2 fast.wistia.com/assets/external/interFontFace.js
IP
File type ASCII text, with very long lines (45349), with no line terminators
Hash 53c97190603845aa22fe260f7ec735c4
a16cfa041fdd5e6652d23cde3ac4c207b8dd5276
091e2d49b6d1c2a135481ce5d39810dcf6debcc9da5879c450ee7d40765237a5
GET /assets/external/interFontFace.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63652028-46e6"
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:14 GMT
age: 309
x-served-by: cache-iad-kcgs7200123-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 63, 5
x-timer: S1667741594.484120,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 18150
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
200 OK 3.7 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
IP
Hash ad213983ab337bf180cb7bd17f3641e5
b326ce5f18fe0100810062a573be21a7d03af258
5203ca710a081e640b4d1f8ccb231da0edbd624da8698b8498acf75be0279714
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Tue, 17 Oct 2023 12:57:56 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:14 GMT
age: 1730118
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100027-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 10504, 1
x-timer: S1667741595.510383,VS0,VE1
vary: Accept-Encoding
content-length: 3731
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
200 OK 217 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
IP
File type MPEG transport stream data\012- data
Size 217 kB (216952 bytes)
Hash 4623e44ce676c904300654bcf080dcf0
ad6d26d688448a627c1256cf7443ec0af8cd9e21
1a5ba73a0dc667b06ed9d02518d62a0035d6df2e4f2825455bb47ed19794a3e7
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Thu, 28 Sep 2023 09:50:17 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:14 GMT
age: 3382978
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200130-IAD, cache-bma1669-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 1
x-timer: S1667741595.563473,VS0,VE1
content-length: 216952
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1667741591399.502581279&id=cl4975ot4arrr6&uid=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&t=0&sc=1280%20x%201024
200 OK 560 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1667741591399.502581279&id=cl4975ot4arrr6&uid=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&t=0&sc=1280%20x%201024
IP
File type JSON data\012- , ASCII text, with very long lines (560), with no line terminators
Hash 8e5d2cb00a5b1f0b88052925ee9fc5c1
d29f91a9415426b56ace3940912801766eb27c3b
6ba061df98956f468ac52d7e12c363c60a4d1490a216b5cf3ae302b35a187f87
GET /externalIds?facebook___fbp=fb.1.1667741591399.502581279&id=cl4975ot4arrr6&uid=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540&t=0&sc=1280%20x%201024 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Sun, 06 Nov 2022 13:33:15 GMT
Server: nginx/1.12.1
Content-Length: 560
Connection: keep-alive
fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/aeu9oe7qwy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 06 Nov 2022 13:33:15 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
age: 2
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1667741595.161066,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/aeu9oe7qwy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pages.upwellness.com/
Origin: https://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 06 Nov 2022 13:33:15 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
age: 3
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1667741595.430819,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2006%20Nov%202022%2013%3A33%3A12%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2006%20Nov%202022%2013%3A33%3A12%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Sun%2C%2006%20Nov%202022%2013%3A33%3A12%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:15 GMT
expires: Sun, 06 Nov 2022 13:33:15 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJu3Z2MCEMN1H2etx-si1CvpZ-M98lQFEgEBAQEJaWNxYwAAAAAA_eMAAA&S=AQAAAqOCOQdZR0CUlmcboOqE1ks; Expires=Mon, 6 Nov 2023 19:33:15 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:15 GMT
expires: Sun, 06 Nov 2022 13:33:15 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBJu3Z2MCELgZX_nG-XRLGfn6Jgf2sWgFEgEBAQEJaWNxYwAAAAAA_eMAAA&S=AQAAAlk8rF8_KivAbXdelkIaw7I; Expires=Mon, 6 Nov 2023 19:33:15 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a4db94cd0c27e0d7bc3645e2abd9b39f
0b996cd97358b865fa87c86bbd0b8e0776716bd0
398bbfaa5ddd46b46d0246fecef586dce54d51b33a178af497c99eaa63311519
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3654
Cache-Control: max-age=123751
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:15 GMT
Etag: "6366e9bc-117"
Expires: Mon, 07 Nov 2022 23:55:46 GMT
Last-Modified: Sat, 05 Nov 2022 22:54:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash a4db94cd0c27e0d7bc3645e2abd9b39f
0b996cd97358b865fa87c86bbd0b8e0776716bd0
398bbfaa5ddd46b46d0246fecef586dce54d51b33a178af497c99eaa63311519
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3654
Cache-Control: max-age=123751
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 13:33:15 GMT
Etag: "6366e9bc-117"
Expires: Mon, 07 Nov 2022 23:55:46 GMT
Last-Modified: Sat, 05 Nov 2022 22:54:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314
200 OK 135 B URL HTTP/2 api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 09bb20bd6492433aeefd6e0bc58d2535
87bde4e112d461ccaba288f695eeee602b18c87e
2bb51a241e778ff0916e4feda43afe9dbb1567568d5a7150d526a13bb52bc26a
GET /pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314 HTTP/1.1
Host: api.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:14 GMT
content-type: application/json; charset=utf-8
x-amzn-requestid: ecef529d-fb02-4708-9b0f-c5d35f8c3cc6
access-control-allow-origin: *
surrogate-control: no-store
x-amzn-remapped-content-length: 178
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: bLmgIGUTIAMFw5Q=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
pragma: no-cache
x-amzn-remapped-date: Sun, 06 Nov 2022 13:33:14 GMT
x-cache: Miss from cloudfront
via: 1.1 36510edbc7ba8916907c18e15b00f64c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 0uivsW9HOaepRONdENAARx5s22qj8IPUcEqMGJpIoDk9iybnsqGFqA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dD557HDUEZ3z5jBZSFjRgQwsbOxGxJ2JO8AiI6UxAE62Fy6qd7PlOi7CJjdpgCAERk9Z9cDFM0MhKhjtj9aKVPKPPjuXVRtOsb8TAZ%2BMyp%2BnvpZuJz0bsp%2Bz1KS7Gc5Ee31"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e33236d72b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3f05eb949aed22a653a4a330dd39124
dc70bf3a88c7ebe739f97ff24e2ce87837f8129c
66b859a302fab795d2dffcc12a4b9e1cad062fb435b09850b2a7a899977a2b81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135519
Date: Sun, 06 Nov 2022 13:33:15 GMT
Etag: "636716ce-1d7"
Expires: Tue, 08 Nov 2022 03:11:54 GMT
Last-Modified: Sun, 06 Nov 2022 02:07:10 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0FcfjZPvc3ecn1-1O7Tvd6Wy3Z53Xz1MBS2laytxNqyFKRU2jAZ8qw==
Age: 3885
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e3f05eb949aed22a653a4a330dd39124
dc70bf3a88c7ebe739f97ff24e2ce87837f8129c
66b859a302fab795d2dffcc12a4b9e1cad062fb435b09850b2a7a899977a2b81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137802
Date: Sun, 06 Nov 2022 13:33:15 GMT
Etag: "636716ce-1d7"
Expires: Tue, 08 Nov 2022 03:49:57 GMT
Last-Modified: Sun, 06 Nov 2022 02:07:10 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nSfc72OscCtkB0CBoUvsbf70qXyhFE6v6X2u-bQuPPVOVrPHK-viqA==
Age: 6167
live-visitor-counts.herokuapp.com/lvc/register
204 No Content 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cdn.useproof.com/
Origin: https://cdn.useproof.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Cowboy
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Date: Sun, 06 Nov 2022 13:33:15 GMT
Via: 1.1 vegur
live-visitor-counts.herokuapp.com/lvc/register
200 OK 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 193
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://cdn.useproof.com
Vary: Origin
Date: Sun, 06 Nov 2022 13:33:15 GMT
Content-Length: 0
Via: 1.1 vegur
analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522d6b2d086-035d-45b3-878b-3aaeedf91218%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D10275cce51cfdb823659ba9c31765f%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_314%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D10275cce51cfdb823659ba9c31765f%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_314%2522%257D
200 OK 5.7 kB URL HTTP/2 analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522d6b2d086-035d-45b3-878b-3aaeedf91218%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D10275cce51cfdb823659ba9c31765f%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_314%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D10275cce51cfdb823659ba9c31765f%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_314%2522%257D
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2c79373e8b8e4cf734632f0d806572e5
79fcac9ebb858106a572cd574eba30e48c96e334
f2c00c10c098ded555a7c5dc42ae58ca44ba21c6dd5ba0319ca4bee05f85d549
GET /track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522d6b2d086-035d-45b3-878b-3aaeedf91218%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D10275cce51cfdb823659ba9c31765f%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_314%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D10275cce51cfdb823659ba9c31765f%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_314%2522%257D HTTP/1.1
Host: analytics.proofapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 13:33:15 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
etag: W/"3f-o1zkEYaf4wPAEZgCgVDySr2jxjc"
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIfRhFoN4mdYs52Q9%2FcB02mdBd8WcvZTHFcKTZNKewp0QP4a%2Bu%2BPtPmrf1j1M%2FoBpkinyXbzJKh0B65GKvu%2F%2FQfgo5GGddoTElL07HU7GesugcgkeNMWnWWPgB8m4V31uti105XjLb9A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e332c2a1ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash cfd015a649a484910f2934d9bf13b296
a29609791336dd336341801296f0a527cf63d8bd
bb4686d4396165a57bd05985ff6257610b69c3f00eb9b0294c7c4b9f1ba0b917
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158048
Date: Sun, 06 Nov 2022 13:33:17 GMT
Etag: "6367737e-1d7"
Expires: Tue, 08 Nov 2022 09:27:25 GMT
Last-Modified: Sun, 06 Nov 2022 08:42:38 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uK2V8OkBujNjdJa4MsU2dOC3NH80VbCrlHn92seRUwv7cweoaBgzAQ==
Age: 2687
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1458
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 13:33:18 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-795540.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-795540.js?sv=6
IP
GET /c/hotjar-795540.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 06 Nov 2022 13:32:13 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/88195342f0c7ca5077052e8b3ab9d389
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hNLabTCHkF7NfcAkrWHz-v-wRAwiO_eSS88OPg0rbCqgfy8U3ek46Q==
age: 59
X-Firefox-Spdy: h2
trc.taboola.com/1225872/trc/3/json?tim=1667741590878&data=%7B%22id%22%3A700%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667741590866%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667741590875%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A75%2C%22supv%22%3Atrue%7D%7D&pubit=i
200 OK 0 B URL HTTP/2 trc.taboola.com/1225872/trc/3/json?tim=1667741590878&data=%7B%22id%22%3A700%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667741590866%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667741590875%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A75%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
GET /1225872/trc/3/json?tim=1667741590878&data=%7B%22id%22%3A700%2C%22ii%22%3A%22%2Fuc-grplus-vsl01-aff%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1667741590866%2C%22cv%22%3A%2220221106-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1667741590875%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D10275cce51cfdb823659ba9c31765f%26n%3Dtune%26AFFID%3D477232%26subid%3D55_314%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A75%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 13:33:13 GMT
via: 1.1 varnish
x-served-by: cache-bma1628-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667741593.089469,VS0,VE93
vary: Accept-Encoding
x-vcl-time-ms: 93
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M3S986P
200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M3S986P
IP
GET /gtm.js?id=GTM-M3S986P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Nov 2022 13:33:11 GMT
expires: Sun, 06 Nov 2022 13:33:11 GMT
cache-control: private, max-age=900
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
200 OK 0 B URL HTTP/2 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
IP
GET / HTTP/1.1
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
x-amz-apigw-id: bLmfuFdNDoEF1pA=
x-amz-cf-pop: ARN56-P2
x-backend-region: eu_west_1
date: Sun, 06 Nov 2022 13:33:11 GMT
age: 0
x-cache: Miss from cloudfront, HIT
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
vary: Accept-Encoding, Referer
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.179.2
content-encoding: br
accept-ranges: none
X-Firefox-Spdy: h2
b-code.liadm.com/a-057g.min.js
200 OK 0 B URL HTTP/2 b-code.liadm.com/a-057g.min.js
IP
GET /a-057g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 06 Nov 2022 04:46:56 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O_b8dxu1HcBAj_hj3M9apxufcJ0EzyauO0o1t1lFFOSKERyfl_qrLw==
age: 31576
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540
302 Found 0 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540
IP
GET /px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540 HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 06 Nov 2022 13:33:14 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr66f31c76e-aab5-44d6-84d6-979a9db05540
x-frontend: cc-nginx-f867f9bd7-858gk:cc-nginx-f867f9bd7-858gk
x-requestid: 8ddd7bb8-0fa7-4895-b8f4-254e0bef6296
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L12DkkNPGRiuiP6mAJwfQwBy2R2PqFqUXIZJMJNJkIa3YbscToE2HreVcHIgk1Fh00LD6HQohPvoW8j%2FBvuoxol%2FguaMM17shD3lmVYOPBCtEYqUUFGoMVChMdhXrOC2kVbofw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765e33238ee0b4ed-OSL
X-Firefox-Spdy: h2
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
200 OK 0 B URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Sep 2022 23:09:05 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: W/"359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z3vPevB-fB2kB2Y4vuE5XSi5KnXyjURgk2AsHq6lXdULs1Ngia1NxA==
age: 5495047
X-Firefox-Spdy: h2
154.12.255.128
151.101.86.110
104.21.35.233
3.69.136.55
52.210.234.44
93.184.220.29
23.36.76.162