go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221120000141021&aff_sub=1942
52.31.40.31302 Found 333 B URL HTTP/1.1 go.welldaily.com/aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221120000141021&aff_sub=1942
IP 52.31.40.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a2c74012af6aaf61dcb77435c34c3c90
c0edea4d4ddf45e4f2a1e0aa64c22f285a5bb28e
187a682d24f79093a2410c66756f4e255dd73d2f775c32b6c0dd3c185972d35b
GET /aff_c?offer_id=2&aff_id=55&aff_click_id=6755_sessid20221120000141021&aff_sub=1942 HTTP/1.1
Host: go.welldaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 20 Nov 2022 00:01:42 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=1024bec6867e81546bae923048842d&n=tune&AFFID=477232&subid=55_1942
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_2=ENC03e572ad168654f5600d652725c387615e1223c7ae6d76959a22f71d5c77a86a8d1e80ba5120585d80e540ef218cc0d0b567a39c21d0cd555807b2f09c47e0be19c44b537cd3818554a825f6610a976a31d1dd78a2ee72b4f2e27f8f12787bcbadb8fcfd0498c4c65afff24209982da8e124c8b42afce36e08c7e261d8c2d0e99c1097cd25; expires=Sun, 27 Nov 2022 00:01:42 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Tue, 14 Oct 2025 10:41:42 GMT; path=/; SameSite=None; Secure
Tracking_id: 1024bec6867e81546bae923048842d
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: f004b7d4eb5c9d126f917daaf6009119
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15517
Expires: Sun, 20 Nov 2022 04:20:19 GMT
Date: Sun, 20 Nov 2022 00:01:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2705
Cache-Control: max-age=126876
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:42 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:16:18 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Sun, 20 Nov 2022 00:57:07 GMT
Date: Sun, 20 Nov 2022 00:01:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 23:45:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 990
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8t4iv5H60KnizZ68hXQMTNcYqmewSE6NBE+0Kx6GEDujUC0Ol3sdx5vUQilfaVsxRTMYv29KEaXcDttvGJcTbw==
x-amz-request-id: 14WEQP9ESZX3QG5K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 23:38:30 GMT
age: 1392
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 00:01:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 692e18bfea5c1f0edf71abbdffc515fd
b0fa930e9b2c14c9f516dadd22b2f9d78cc84b6f
bdc2961d3d1420c5c217971b2bfb117d573dae6dbe478ee1f1145c0d525a0351
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDC2961D3D1420C5C217971B2BFB117D573DAE6DBE478EE1F1145C0D525A0351"
Last-Modified: Sat, 19 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7062
Expires: Sun, 20 Nov 2022 01:59:24 GMT
Date: Sun, 20 Nov 2022 00:01:42 GMT
Connection: keep-alive
pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=1024bec6867e81546bae923048842d&n=tune&AFFID=477232&subid=55_1942
3.69.136.55200 OK 17 kB URL HTTP/1.1 pages.upwellness.com/uc-grplus-vsl01-aff/?offer=2&session_id=1024bec6867e81546bae923048842d&n=tune&AFFID=477232&subid=55_1942
IP 3.69.136.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14847), with CRLF, LF line terminators
Hash d0e2ae144822440c3d0101924bda78ae
a77e22ee744885bfd450563dfadfc06f29a77519
50d1870f73bba85eca0989add96ebaa56163cc77ea76003bc36990e02b1fcfd8
GET /uc-grplus-vsl01-aff/?offer=2&session_id=1024bec6867e81546bae923048842d&n=tune&AFFID=477232&subid=55_1942 HTTP/1.1
Host: pages.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Sun, 20 Nov 2022 00:01:42 GMT
content-type: text/html; charset=utf-8
content-length: 17351
set-cookie: ubvs=db668977-1a79-4e18-94e4-f8023c4d9e06; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06; Max-Age=259200; Domain=upwellness.com; Path=/; SameSite=Lax
ubpv=ak%2C65d0fec8-b023-4c4b-ac8b-d609707436f9; Max-Age=15897600; Path=/uc-grplus-vsl01-aff/; SameSite=Lax
content-location: https://pages.upwellness.com/uc-grplus-vsl01-aff/
etag: "ak:db6689771a794e1894e4f8023c4d9e06"
link: <https://pages.upwellness.com/uc-grplus-vsl01-aff/>; rel="canonical"
x-unbounce-pageid: 65d0fec8-b023-4c4b-ac8b-d609707436f9
x-unbounce-variant: ak
x-unbounce-visitorid: db668977-1a79-4e18-94e4-f8023c4d9e06
content-encoding: gzip
x-proxy-backend: page-server
connection: close
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.34200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.34:0
File type ASCII text, with very long lines (15017)
Hash 4458a4d76a70cb207bcc34d6bc6f872f
f484b0b1737f7de59ca699e6cc3169d234e8f6a8
0825f8972704bc1b84e30170cd77f5ecde2d6a7dbf9e43be96c6809c2c5228d7
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Tue, 30 Aug 2022 02:28:13 GMT
last-modified: Mon, 04 Jul 2022 16:47:32 GMT
etag: "4458a4d76a70cb207bcc34d6bc6f872f"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P96u5RmYJl6ptE8w2nlDnZBjLo9Cb-kgRnY9e3pUWRuitetlWl-MJA==
age: 7076010
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c9ab4c9473fde60783ebe24c64834beb
ce9000b257b61f5299d4adf74b79a4c95771a84b
e471a929a54e28d389f513d0aae425c3969648090a778853e57a0612041595c8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116830
Date: Sun, 20 Nov 2022 00:01:42 GMT
Etag: "63788eba-1d7"
Expires: Mon, 21 Nov 2022 08:28:52 GMT
Last-Modified: Sat, 19 Nov 2022 08:07:22 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jyoW3MJNTPPj6L02BmzSlEWB825m1NDYpCG-sreCaZz4bJ-lQxS3Gw==
Age: 1290
www.googletagmanager.com/gtag/js?id=AW-624541243
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-624541243
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b20c79333f6c14bbb2d9863dede9d1b0
78cb7a5f3f5828076fc5b2faa68c9f473f61cbd3
dbe868d46814d3e8da009bf883007bfd509ef216a69cfdd64fed48bda1908fa8
GET /gtag/js?id=AW-624541243 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 00:01:42 GMT
expires: Sun, 20 Nov 2022 00:01:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M3S986P
142.250.74.168200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M3S986P
IP 142.250.74.168:0
File type ASCII text, with very long lines (9053)
Hash 2d98e076170dd966ae0b6dc2cb13f5b6
7fe84b2e46585b6d8ebb030a0906439ff18227a3
63bca6e6085a8706b63edce0ff1e4616ca70b9adcb57b47057d9d02edb97ce91
GET /gtm.js?id=GTM-M3S986P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 00:01:42 GMT
expires: Sun, 20 Nov 2022 00:01:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a16787af0af1dfe3cdc450bc5302bb2b
d628b7105ea09a9eadd8d8725968c7af965edb47
51685ca9fe054d82adc0e8ba7dc50b5c27a1dfaf75ee8cf2f65c98b68eb0fb46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1676
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:42 GMT
Last-Modified: Sat, 19 Nov 2022 23:33:46 GMT
Server: ECS (amb/6B86)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=AW-862759327
142.250.74.168200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-862759327
IP 142.250.74.168:0
File type ASCII text, with very long lines (2917)
Hash 4f2fef81e67a19129d9a08f237b48e1a
ad89ce9f1af5af3ea4a389524e9ae74a8860efea
74e2ca931931433344e33d6c15011ccfa1480073323ae515490fdd5d0e5bd156
GET /gtag/js?id=AW-862759327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 00:01:42 GMT
expires: Sun, 20 Nov 2022 00:01:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-10838597190
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10838597190
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e6fd9deab2b433416ab640b4f56ea601
a5f1b01a2e0e1df1add9e412bf1f712038c2ed06
b7513a9cec8a892cbd2e42d7d437f6529e8623a8c8b07576de21f1a7093ca4eb
GET /gtag/js?id=AW-10838597190 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 00:01:42 GMT
expires: Sun, 20 Nov 2022 00:01:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116578 bytes)
Hash bdbf97450fb5396e702c70c4ef72843b
33cc384ea8c58399a0f0fa7e5c5af39933dbdd9d
723ea9586814ce81666653937550b60d14bf5c405e424e4835f83cc9d14b8efd
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-1c762"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:42 GMT
age: 2607
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 64
x-timer: S1668902503.966832,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116578
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
151.101.86.110200 OK 4.0 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy/swatch
IP 151.101.86.110:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash bedc068a9cc6964d07e1673050cbb3ec
ba9a082014112801aa5b12602be54b52792d0a2d
0b237a3c974aec2776e15c96f50651fa55af3bd3bc927f37eb4a6510c96ebffa
GET /embed/medias/aeu9oe7qwy/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31333594
content-disposition: inline
content-type: image/jpeg
last-modified: Wed, 23 Mar 2022 20:25:50 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 28716
x-served-by: cache-iad-kiad7000125-IAD, cache-bma1622-BMA
x-cache: HIT, MISS
x-cache-hits: 353, 0
x-timer: S1668902503.966959,VS0,VE91
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4021
X-Firefox-Spdy: h2
cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
104.21.47.12200 OK 498 kB URL HTTP/2 cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
IP 104.21.47.12:0
File type Unicode text, UTF-8 text, with very long lines (60034), with no line terminators
Size 498 kB (497733 bytes)
Hash 0426397a9b31146729ac86c5be8595d3
953342b7defc23d1c552eba63f42bb915aae90f3
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
GET /proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1 HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:43 GMT
content-type: application/javascript
content-length: 497733
x-amz-id-2: XfamGhBMjZBo/sWrg3mxYdwUMUL0rpYArqF2RUd2t+2nxyqUognVNx+1xnHz8Eg7hGncdCbH6WA=
x-amz-request-id: RVX6E6XRK17ASENB
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "0426397a9b31146729ac86c5be8595d3"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
age: 49749302
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMqkQuKOcVeEiaycKi3g8NXcx8tYRczZbqBQXStVB%2FZ6koz%2BIBoEU7rK%2FLcraDVRc7HwBbSrmEGYOrXSCYAvqHVKktQ4Z2pTV%2BXbfMvdWf%2FQKQENFhw46pDrQ5cpgEqNa4xh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cce9a45aebb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a16fd70048d81d63ac778964066b5fd5
8678fd9c7ef3f0b3a286e170e87bf59773f41881
fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/embed/medias/tmmqdtznyg/swatch
151.101.86.110200 OK 4.3 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg/swatch
IP 151.101.86.110:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x56, components 3\012- data
Hash fb5a783f53d0a1085ac33c2afda39271
ba3edaca28fc953f25c45261c637e8d880d1e357
b55b8f64c5259f4f19ca1b5a388f3c93b67df5d805f71637cf3a12ff814be08b
GET /embed/medias/tmmqdtznyg/swatch HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
access-control-request-method: *
cache-control: public, no-cache, max-age=31276708
content-disposition: inline
content-type: image/jpeg
last-modified: Tue, 13 Apr 2021 18:37:38 UTC
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 34008
x-served-by: cache-iad-kcgs7200153-IAD, cache-bma1622-BMA
x-cache: HIT, MISS
x-cache-hits: 335, 0
x-timer: S1668902503.032200,VS0,VE93
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4324
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
151.101.86.110200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.jsonp
IP 151.101.86.110:0
File type ASCII text, with very long lines (5766)
Hash 51d94dbdafef31e243a0073c2ec07c56
1db69de9b0feea615e3fdc9851005b2e4d53ac7a
5c0761cf86a777c45787588ee1152e9112e7677f62dc87b795fd5a4030975eb8
GET /embed/medias/aeu9oe7qwy.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"b9c1fc59737f622ed82e4775fc02566b"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 424fecfb59b517d4cfaad5753557f76f
x-runtime: 0.058917
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 25469
x-served-by: cache-iad-kiad7000112-IAD, cache-bma1622-BMA
x-cache: HIT, MISS
x-cache-hits: 292, 0
x-timer: S1668902503.033246,VS0,VE92
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1828
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
151.101.86.110200 OK 1.8 kB URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP 151.101.86.110:0
File type ASCII text, with very long lines (5703)
Hash 52c1083db7a7cd6ff706ae48d2883527
ccf77628a4e1c76d2dee6e2bcbd2b000fc6593bd
2af6da720846599ee9a0a391591e78a4826c1f9c278509669f84fd0720032d77
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"31ad05d3f3325ed5c0aac6ef88415634"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: a7311a3d0f33371833317d3dda646f6c
x-runtime: 0.055148
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 28609
x-served-by: cache-iad-kcgs7200078-IAD, cache-bma1622-BMA
x-cache: HIT, MISS
x-cache-hits: 247, 0
x-timer: S1668902503.095968,VS0,VE94
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1816
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
151.101.86.110304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.jsonp
IP 151.101.86.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"31ad05d3f3325ed5c0aac6ef88415634"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 20 Nov 2022 00:01:43 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"31ad05d3f3325ed5c0aac6ef88415634"
age: 28609
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668902503.205078,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 23:44:49 GMT
cache-control: public,max-age=3600
age: 1014
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f9059f25c2df07171380740632e80519
d781261e716fb23c5005f3bd3782e84cbea3ee21
434fbeafb20c4c4480ebc8cafc45fd413fe94d6f63b2518b5fa0ff0ebe076559
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "434FBEAFB20C4C4480EBC8CAFC45FD413FE94D6F63B2518B5FA0FF0EBE076559"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 20 Nov 2022 06:01:43 GMT
Date: Sun, 20 Nov 2022 00:01:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 23567b452e21d299d938a6765aca75af
dd3412ae4214bd1b2fe0318966aec9e7c39178e8
ccb28c03a149e1dfb418e4588bcf2f96b765d724c70713fb1d1b7dc6eaa1c5eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCB28C03A149E1DFB418E4588BCF2F96B765D724C70713FB1D1B7DC6EAA1C5EB"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10498
Expires: Sun, 20 Nov 2022 02:56:41 GMT
Date: Sun, 20 Nov 2022 00:01:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a87f212def0b0049e5a54401ed7cee07
6d8e78a8e03fd66e2f92576d839390cc3f55cf2f
4e3175c4f746a97bf12e9bbda3d031f46dd0968ec819c79987b18797b81039f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E3175C4F746A97BF12E9BBDA3D031F46DD0968EC819C79987B18797B81039F3"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19387
Expires: Sun, 20 Nov 2022 05:24:50 GMT
Date: Sun, 20 Nov 2022 00:01:43 GMT
Connection: keep-alive
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
54.230.111.105200 OK 178 kB URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 54.230.111.105:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size 178 kB (178069 bytes)
Hash 359008fe01078c59c66e034866170bd2
4a65a16a6f02824f60bc575ebcdeb53a490fa264
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 178069
date: Fri, 11 Nov 2022 05:26:37 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: "359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D0y928U1BnwnrnXvTbrNziEFVQM26BLXNYH-sRfGiShzQzFX_nFnvw==
age: 758106
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1050
Cache-Control: max-age=120159
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:43 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 09:24:22 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cd2f8d528903125edc4557995302d98
1db459edfbec089d10b8eee7957dac8ca0aab2e2
afae8d361d96208305e85421a20abff9ba50cf4f738d6a9e2c72c1dee650a7ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=172041
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:43 GMT
Etag: "63796b70-1d7"
Expires: Mon, 21 Nov 2022 23:49:04 GMT
Last-Modified: Sat, 19 Nov 2022 23:49:04 GMT
Server: nginx
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a4d34914c1427079d1c8d5fbd7309b21
e258f7b27dd5e5e38ec343b2e59fb97e4081dbd7
4c412c1a88087457fba5caf5f9af7ef4d4a6dc467d2d0852d40236f0901c4feb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 20 Nov 2022 00:01:43 GMT
Last-Modified: Sat, 19 Nov 2022 22:27:20 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wIncPPHQoeZmfvbrHXWk60vVurgp7hVAzxSYzWceG9NenBsbtc4pZw==
Age: 5663
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
52.5.162.24200 OK 744 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
IP 52.5.162.24:0
File type ASCII text, with CRLF line terminators
Hash 3110f39a7f2fe9edef25454e9b7a57c2
273c540727af9f5f57cf7f0164d8eb43c56c1b71
b6591997ffdba5b81c1af7fa96a8f6cf26597eb4046d64f91301eb1000a54853
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 744
set-cookie: AWSALB=NJYxK5V+8Wir5EtUjezasivEdkUoQsohzvth1pt9kn9bV9dOtWF/jKzfZcZf9xCFKmAsm16H99fkiaEoRd8OfldIjOdKT+XmIsRGpo9KJ5xEP8Nqx6J+vx2/MvjK; Expires=Sun, 27 Nov 2022 00:01:43 GMT; Path=/
AWSALBCORS=NJYxK5V+8Wir5EtUjezasivEdkUoQsohzvth1pt9kn9bV9dOtWF/jKzfZcZf9xCFKmAsm16H99fkiaEoRd8OfldIjOdKT+XmIsRGpo9KJ5xEP8Nqx6J+vx2/MvjK; Expires=Sun, 27 Nov 2022 00:01:43 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
52.205.62.94200 OK 49 B URL HTTP/1.1 h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
IP 52.205.62.94:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1467ad668080ed4ab50a1408a712cdcc
e0e5faa2d11a93edc33ee27f07885e0dd48110b4
7d7d1c1b75be5d8b716b9c137e025932f6f2e8391c978f08620b6ad892775096
GET /v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking HTTP/1.1
Host: h.upwellnessfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 20 Nov 2022 00:01:43 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 49
Connection: keep-alive
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Front-End-Https: off
fast.wistia.com/assets/external/wistia-mux.js
151.101.86.110200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65468)
Hash 8ca4953da62f6c8a05b7f2d7333a83f7
c68e554587e7e3dc6da836b6501e926ae543f933
9d7adbd9c2243a23cf7cb8ab534ce188da6f2b78d75e52ab79fb6af490dc6279
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-7a30"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 2605
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 90, 36
x-timer: S1668902504.521284,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31280
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/videoThumbnail.js
151.101.86.110200 OK 20 kB URL HTTP/2 fast.wistia.com/assets/external/videoThumbnail.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 95ea5c70b7b57e5d27aeae638c293447
f9d4577aa7199d3de1f3aa97f59550e56e6a5680
394f3bde7c52645c87752a164402c4aa0936cf21c3f469f4ea81cd5d5a19a73e
GET /assets/external/videoThumbnail.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-4e13"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 2603
x-served-by: cache-iad-kiad7000063-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 42, 4
x-timer: S1668902504.586540,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 19987
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
151.101.86.110200 OK 27 kB URL HTTP/2 fast.wistia.com/assets/external/thumbnailTextOverlay-v2.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a686c0bdd166da361e392970ebc6a3c4
36ecf480d71b173712b94c10e1b1cea3a89ba910
be3589dd82bc15545e29628e62b7e6ea6269a58bb86f4b97ca25507fcdb54f9e
GET /assets/external/thumbnailTextOverlay-v2.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-683f"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 2563
x-served-by: cache-iad-kiad7000094-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 153, 1
x-timer: S1668902504.586096,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 26687
X-Firefox-Spdy: h2
upwellness.com/services/scripts/jquery/jquery.min.js
208.83.60.221200 OK 31 kB URL HTTP/1.1 upwellness.com/services/scripts/jquery/jquery.min.js
IP 208.83.60.221:0
File type ASCII text, with very long lines (65451)
Hash 8662c673de81c12dca4d43967e6ea48d
d51f4e8cbd8a05224bbd685d29adcd3b5d59821f
276b50639b3e8fbe4b4459513ecb68ab82973b84d49b6db67b4688df36ca559c
GET /services/scripts/jquery/jquery.min.js HTTP/1.1
Host: upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 00:01:43 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Nov 2020 19:48:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"5fbd6399-15d84"
Expires: Sun, 27 Nov 2022 00:01:43 GMT
Pragma: public
Cache-Control: max-age=604800, public
Content-Encoding: gzip
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WM3fTASrXPhWW/Wyu6o+lw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Zk0sAWhphTWtxwOnmRnELrdh4M8=
flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&ndclid=&rf=&sem=&tm=0
34.211.168.148204 No Content 3.0 kB URL HTTP/2 flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&ndclid=&rf=&sem=&tm=0
IP 34.211.168.148:0
File type gzip compressed data, from Unix\012- data
Hash cc3a8659ba0266e3e19b267e0cdce4af
8b01e885d287725b897c1a67b99dedd2a343a5e5
399dd664ee5f3f88bed9f16f07cbbfc214f58f86c4e327957a8f155d8e08a1bd
GET /pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&ndclid=&rf=&sem=&tm=0 HTTP/1.1
Host: flask.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 00:01:43 GMT
server: istio-envoy
context-id: 7df69dff-d1a0-48c8-a03b-869acfc07111
x-envoy-upstream-service-time: 3
X-Firefox-Spdy: h2
store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
52.5.162.24200 OK 138 B URL HTTP/2 store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
IP 52.5.162.24:0
File type ASCII text, with CRLF, LF line terminators
Hash 12adc2d060832ca0b2f0a00aff27e61e
341f5f221c41c0f6c46e2d404934a3d58ffda14e
47acf180a3fa4a33a49e29c146d60c76d68b8d5f7fa5ddcb8196b6fb023e30d8
GET /affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-grplus-vsl01-aff/%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06; _gcl_au=1.1.988294787.1668902503; AWSALB=o3XkHXM3m9x9w9aslfDUKTnJj45L93cQKblf27g+O9AQ7spfF5uZXEjyeAiLfooVuZtuiggaHC/O2yw66Vq+wYPnFz3w7+zKqz9GX3zgXVjsM7AHqYPDUKRKzAWw; AWSALBCORS=o3XkHXM3m9x9w9aslfDUKTnJj45L93cQKblf27g+O9AQ7spfF5uZXEjyeAiLfooVuZtuiggaHC/O2yw66Vq+wYPnFz3w7+zKqz9GX3zgXVjsM7AHqYPDUKRKzAWw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 138
set-cookie: AWSALB=oAb8XHGynIPyvXCPjQnG1BA4f/occve1dE4vXvK35GXKPQf389zYO77LTzUnllal2idDzaslPLBQYhqR74PkadpD+Q+iUoLBe5v20wTAhSpLeqSo1zy+0Uw/5TMX; Expires=Sun, 27 Nov 2022 00:01:43 GMT; Path=/
AWSALBCORS=oAb8XHGynIPyvXCPjQnG1BA4f/occve1dE4vXvK35GXKPQf389zYO77LTzUnllal2idDzaslPLBQYhqR74PkadpD+Q+iUoLBe5v20wTAhSpLeqSo1zy+0Uw/5TMX; Expires=Sun, 27 Nov 2022 00:01:43 GMT; Path=/; SameSite=None; Secure
UltraCartShoppingCartID=BF83C4C31CC90301849257454F2DC500;Version=0;Path=/;Domain=.upwellness.com
ucacid=953912381.728723;Version=0;Path=/;Domain=.upwellness.com;Max-Age=315360000
ucacid=953912381.728723;Version=0;Path=/;Domain=store.upwellness.com;Max-Age=315360000
JSESSIONID=abcwjWaNoLPqFhJGRPttT; path=/; HttpOnly
LBJSESSIONID=abcwjWaNoLPqFhJGRPttT.n220; path=/; HttpOnly
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
151.101.86.133200 OK 45 kB URL HTTP/2 embed-ssl.wistia.com/deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720
IP 151.101.86.133:0
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d279bae4b54ae66328caa9fa6d84f5d
a09fc7ee495603b85bfd230fa171463f84d337e2
9b2282afb551e1c12679f8d4059e1a8209ea04ae8b3a3bafeef173da16b8be8d
GET /deliveries/d0a1fb999ec98584973653dd06314b37.png?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: d0a1fb999ec98584973653dd06314b37
last-modified: Wed, 23 Mar 2022 20:25:49 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 1082945
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000145-IAD, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 3083, 1
x-timer: S1668902504.876153,VS0,VE1
content-length: 45025
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/engines/hls_video.js
151.101.86.110200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65469)
Size 114 kB (114373 bytes)
Hash ddbf94a47f16fcd8a99d8c45572ac852
fabe447aee7408e90c4fcfc1de127d98987b8ca0
cb2cba64e3b0a0797031ca64b918bed7c1c58b6f3b40d92b4f45f93b3ea55109
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-1bec5"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 2607
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 19
x-timer: S1668902504.913383,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114373
X-Firefox-Spdy: h2
cdn.js.customerlabs.co/cl4975ot4arrr6.js
143.204.42.86200 OK 191 kB URL HTTP/2 cdn.js.customerlabs.co/cl4975ot4arrr6.js
IP 143.204.42.86:0
File type ASCII text, with very long lines (33540)
Size 191 kB (191202 bytes)
Hash 9bc0790bc835c816132d6d632d1fe678
d7ff94e3db5e659963e7a828053c2472af6d751d
989a353c87693ae8700e24dacf7d12637287b303896573ac84fa0211244f4615
GET /cl4975ot4arrr6.js HTTP/1.1
Host: cdn.js.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 191202
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
access-control-expose-headers: ETag, x-amz-meta-custom-header
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Nov 2022 14:22:36 GMT
x-amz-version-id: thfAOPM.3Vh.ROeETV1IO7VIRdXDVWRV
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 00:01:44 GMT
cache-control: max-age=60
etag: "9bc0790bc835c816132d6d632d1fe678"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qe-I3RfBQuz921ltCSmuVTkxZ1jHD40y_xVrKovF4ZJ3lXrDs2GTGw==
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
54.230.111.46200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
IP 54.230.111.46:0
Hash f6420c864830b5860bfaadd47a2bb21b
935d2ed35f43eb0f1aea9b0642df0d7f4770def7
6f36d2d4b4b9df950fd0dd0d57e0eacb7c4217e8086b4ef940cbd6e526930462
GET /ub.js?1618514269 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1856
date: Mon, 29 Aug 2022 01:57:45 GMT
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
etag: "f6420c864830b5860bfaadd47a2bb21b"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8UXcv5uWFlLsOMzEn6r0ZzDxZP0hOTNxdDi6KkSzAliom0qONfhlOw==
age: 7164240
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 20 Nov 2022 00:21:44 GMT
Date: Sun, 20 Nov 2022 00:01:44 GMT
Content-Length: 5276
Connection: keep-alive
d3pkntwtp2ukl5.cloudfront.net/uba.js
54.230.245.202200 OK 2.6 kB URL HTTP/1.1 d3pkntwtp2ukl5.cloudfront.net/uba.js
IP 54.230.245.202:0
Hash 0cb14d8485b6f6b47cfcc358cffdb6c1
3e052d8a13ea9277107483eb15ab56cf48c30ca7
ebe392be31434870228d4ee67cf35874bee9cbe5c24b59c99cdd7e0901845023
GET /uba.js HTTP/1.1
Host: d3pkntwtp2ukl5.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2649
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2017 22:50:10 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 19 Nov 2022 02:08:12 GMT
ETag: "0cb14d8485b6f6b47cfcc358cffdb6c1"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9eUOr_DaUr_bfnbIX-h-UVXMMo72Q-6gtXv9PH4GCMsmJP3HYE-nmQ==
Age: 78813
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d5ccc6ed714b650846fefb0a8e24ca22
30521fa613dcb97b95ad3baab58c4446482d5061
ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 19 Nov 2022 22:41:09 GMT
expires: Sun, 20 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 4835
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2443
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Last-Modified: Sat, 19 Nov 2022 23:21:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "6377f628-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 18 Nov 2022 21:16:24 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 96208
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 1383
x-timer: S1668902504.156324,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1668902503516&cv=11&fst=1668902503516&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 955 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1668902503516&cv=11&fst=1668902503516&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2037), with no line terminators
Hash 4da526d531d5fcbbcc87476a1bac3b3e
e1e6e2b0c522e140bf9d5af0252e2fb1f50443ab
1644a539b167a71aa068a46a1300ab81586c8044e19269a134d42b1b84c6c5ea
GET /pagead/viewthroughconversion/675938688/?random=1668902503516&cv=11&fst=1668902503516&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 955
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=015B42D30E0A672C191C50B10FFF66CA; domain=.bing.com; expires=Fri, 15-Dec-2023 00:01:44 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67279B6D9EA5401FA07BD545A5BD59B8 Ref B: OSL30EDGE0114 Ref C: 2022-11-20T00:01:44Z
date: Sun, 20 Nov 2022 00:01:43 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1668902503503&cv=11&fst=1668902503503&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 948 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1668902503503&cv=11&fst=1668902503503&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2037), with no line terminators
Hash d19b97b5289122388e5e7cad07a81915
de816ab60260844fa27ae0e42f5d890f2c7587fe
e79fd3fc063037ca4321fb11cad2fad014e5f98936fa1b01c940eaf8c20a40e7
GET /pagead/viewthroughconversion/458254939/?random=1668902503503&cv=11&fst=1668902503503&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 948
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1668902503483&cv=11&fst=1668902503483&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 954 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1668902503483&cv=11&fst=1668902503483&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2039), with no line terminators
Hash 545382000f7724f6cc4faf7059d64e82
92b88288e64dae3a217573d6091ff6bdbe12aeb8
e47e1e406dc802ea366cde7db0e1a1253b5b25be909e3cbfbece71898b1bff3c
GET /pagead/viewthroughconversion/10838597190/?random=1668902503483&cv=11&fst=1668902503483&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1668902503369&cv=11&fst=1668902503369&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1668902503369&cv=11&fst=1668902503369&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2037), with no line terminators
Hash 3fa159be67c1fe3379ef212058d3a000
ef7e0224dd2ca306defef9ecb0eda8b3c19323cd
94e677e5f75678b8ff1640c9af926f0a578f0c5cecb70ed6195a0532d178323f
GET /pagead/viewthroughconversion/624541243/?random=1668902503369&cv=11&fst=1668902503369&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: RORtb5dZrv6NdMPTeUh+izjgle3N/jkKlYH/oCV3Vg94Y+aIUFUKueBOeYHrSX6YmqB5DZmAkhZMIKTlIa80Pg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Sun, 20 Nov 2022 00:01:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1668902503471&cv=11&fst=1668902503471&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 952 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1668902503471&cv=11&fst=1668902503471&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2037), with no line terminators
Hash 8952faae1fbbaa151183f944676dd44a
c9cd9ff8c452772eb089bd0f4e608db15b464083
53f498f29c617556e82d20a6b7a9d4cde7a5910387e542001af9506ce5860332
GET /pagead/viewthroughconversion/862759327/?random=1668902503471&cv=11&fst=1668902503471&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 952
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
151.101.86.110200 OK 915 B URL HTTP/2 fast.wistia.com/embed/medias/aeu9oe7qwy.m3u8
IP 151.101.86.110:0
Hash 48c1b43bc9be7e93632e0efa1882848c
05b4e7d3b3f87ecdc544789f68edeb5f8d7baf69
f1c7edc9dc26c60377b14f9cfe0e19cd642e189e6b27dde4ab088a3a2f0c1823
GET /embed/medias/aeu9oe7qwy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"f1c7edc9dc26c60377b14f9cfe0e19cd"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 4de619543c5737640fdb7e884620e889
x-runtime: 0.028281
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 0
x-served-by: cache-iad-kjyo7100174-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 1712, 1
x-timer: S1668902504.130944,VS0,VE92
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 915
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1668902503477&cv=11&fst=1668902503477&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 953 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1668902503477&cv=11&fst=1668902503477&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2037), with no line terminators
Hash 58fc3a53c9bd1a4888a3f386cc59cee1
2e223e1f89ec11eaf1b558f5e4bb3a708d390dca
478dacdeed256c4aac4c414d650ebcf6e0c96ade73aab7c7bcc633de16b520f5
GET /pagead/viewthroughconversion/862759327/?random=1668902503477&cv=11&fst=1668902503477&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&auid=988294787.1668902503&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5167
Cache-Control: max-age=128211
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Etag: "6378ac0c-1d7"
Expires: Mon, 21 Nov 2022 11:38:35 GMT
Last-Modified: Sat, 19 Nov 2022 10:12:28 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
151.101.86.133200 OK 3.7 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8
IP 151.101.86.133:0
Hash b2c3ce627cd8f47980d2dcefbca05105
1deffed6db48e30507c8b4b66b7388509e0dce28
1cee6eafba9f65cf32f5a89e8fcd9f2a2ecb7b90c457ded3889ec0f1e7a25df9
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Wed, 08 Nov 2023 06:27:07 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 1013677
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200045-IAD, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 304, 1
x-timer: S1668902504.353843,VS0,VE1
vary: Accept-Encoding
content-length: 3722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 277675
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-795540.js?sv=6
143.204.55.37200 OK 2.7 kB URL HTTP/2 static.hotjar.com/c/hotjar-795540.js?sv=6
IP 143.204.55.37:0
File type ASCII text, with very long lines (3789)
Hash f3fd1428724bd9d6bf2005bb8a08a6f9
009990c53a13d4c23a864823398b1d246dd1aceb
82e351bf65ce9cc52317a0d8245520b931dac8f69c8ae03785e00122ffede37a
GET /c/hotjar-795540.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 20 Nov 2022 00:01:44 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/613b8fc12905d4218098644e658075fd
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XYps22MMlxOImYOTd12DqVVlyyArIZhZo2_vkR0dg-FkxQlkQ2eE4w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn1.decide.dev/tracking/rainmakeradventures_lander.js
54.230.111.40200 OK 18 kB URL HTTP/2 cdn1.decide.dev/tracking/rainmakeradventures_lander.js
IP 54.230.111.40:0
File type ASCII text, with very long lines (58525)
Hash f714b8d9a69f7cb680f89905a9c65b94
94fd9d9a193e6bea5f64a6ce5558c9d751f719a8
3616e7037018c5f577ef4180d0734d7dba2b4164ecef7f90bc262e85f0b119e7
GET /tracking/rainmakeradventures_lander.js HTTP/1.1
Host: cdn1.decide.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 21:01:54 GMT
x-amz-version-id: pL0FXuWHNQ0OsQuEmXLofjnmRONnAPPJ
server: AmazonS3
content-encoding: gzip
date: Sat, 19 Nov 2022 08:11:45 GMT
etag: W/"ab885b5f44f7974dc5f7edafa552231e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ORx-adPvKJKpl5q-8sOkvv5ueFbSae19G1VtCCZQSVNaDF9o4TsuZw==
age: 56999
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
142.250.74.10200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700
IP 142.250.74.10:0
Hash 599fff5c3e6df3e442d2ffa5b9137b70
1b3e36fba874bc2d300f731e5d474b6f4f09ec9f
b6393e9d8491e74e360df9ddcefb3a4e181346c674c53910e084fb94fd73176b
GET /css?family=Lato:regular%7COswald:300%7CRoboto:300,regular,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Nov 2022 00:01:44 GMT
date: Sun, 20 Nov 2022 00:01:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:49:23 GMT
expires: Thu, 16 Nov 2023 21:49:23 GMT
cache-control: public, max-age=31536000
age: 267141
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.9a94ee76.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 275256
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
208.83.60.221200 OK 8.6 kB URL HTTP/1.1 www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
IP 208.83.60.221:0
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b5dc3661602dcf8810766c01556df41b
a84687898568cf8ae0ba6c4b35886b3ee4dfbd17
91e84a8da7499abc9388eed1192e8363c8dfe07e28e6300c69ee25be1a4eb994
GET /wp-content/uploads/2016/08/apple-touch-icon-144x144.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06; _gcl_au=1.1.988294787.1668902503; UltraCartShoppingCartID=BF83C4C31CC90301849257454F2DC500; ucacid=953912381.728723
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 00:01:44 GMT
Content-Type: image/png
Content-Length: 8622
Last-Modified: Wed, 29 Jul 2020 20:33:17 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5f21dd0d-21ae"
Expires: Sun, 27 Nov 2022 00:01:44 GMT
Pragma: public
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
cdn.useproof.com/proxy/index.html
104.21.47.12200 OK 325 B URL HTTP/2 cdn.useproof.com/proxy/index.html
IP 104.21.47.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash f92252b1f21fd30ac52b59395971ecdb
ecb588481454091dcfea3c925c83577425497626
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
GET /proxy/index.html HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:44 GMT
content-type: text/html
content-length: 325
x-amz-id-2: exk6QJT4eaAGO5KmRYKda0pyc44uLHadKItylMztRT2IyhmYjVg7I3y9YnktPcYbTsE8/7yyaZI=
x-amz-request-id: 2F192ZF2K64R490M
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kH987PqbaJAGpEjdDNWgQ%2B1VmIxytsSYisaEfrRpen0jxTz6h7pYs7CUZzge9M7dvwRZylWec4DZ0Xp9xZfWFuVlRPcxUsCf2zRPTS6mR0gtTD%2BTXWRrxE4ZL9wqaQo550FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9a9a8d5b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
151.101.86.133200 OK 485 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts
IP 151.101.86.133:0
File type MPEG transport stream data\012- data
Size 485 kB (484664 bytes)
Hash b7735798b762d519cb4886f5f5da5bd0
be1cebaf2a46bef7442b69d48557bd362607ea2d
05ae5071f29731644a77af5a8454af3f4fcac44566d33f6cc06b5a4e96107173
GET /deliveries/9f0335df980cfbc99b1506756335ffffa06da899.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Wed, 25 Oct 2023 07:37:22 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 9f0335df980cfbc99b1506756335ffffa06da899-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 2219062
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 11499, 1
x-timer: S1668902504.388288,VS0,VE22
content-length: 484664
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/proxy.js
104.21.47.12200 OK 114 kB URL HTTP/2 cdn.useproof.com/proxy/proxy.js
IP 104.21.47.12:0
File type Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size 114 kB (114404 bytes)
Hash 9f4d60f4f2b143cadacb2b8b3a901401
8c25b07f5122f9875920498c20ede6045320f479
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
GET /proxy/proxy.js HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/proxy/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:44 GMT
content-type: application/javascript
content-length: 114404
cache-control: public, max-age=315360000, no-transform
cf-bgj: minify
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
x-amz-id-2: yoAjzcyRlZUSIcodHaLndl6c776jIrkHPBSIgiDtxS12xvdyq2MKSDzEETmCnivt0ELZRmo4dWc=
x-amz-request-id: YH3Z1CT1HCFY0HSJ
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
age: 48548802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ai50wcb6C0ucwfYSQD5ctPdACeUl3lgDJZBieGrVC%2BzHK8XKVXz%2FJLpQoypzljAanzVNYDg%2BbdggSdtKUTlmf2NRKDx769F5GvzojhgapIdahu0UDB3U%2B4TLits9gcif3Ilv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cce9ad0c7fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
151.101.86.110200 OK 930 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP 151.101.86.110:0
Hash d98f824625558fb8273eb2bc853a1e08
6b9cc5b14072badf20cccc5f8f8ff7dcc7fae4df
f376ddcd25ce45f6ce99a7322ce248468478dc466ea353a8813223ac967f6057
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"f376ddcd25ce45f6ce99a7322ce24846"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: d591dbca1336ce0f4f617242671b156c
x-runtime: 0.028644
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 24159
x-served-by: cache-iad-kcgs7200134-IAD, cache-bma1622-BMA
x-cache: HIT, MISS
x-cache-hits: 84, 0
x-timer: S1668902504.403630,VS0,VE92
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 930
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
54.230.111.46200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP 54.230.111.46:0
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Wed, 31 Aug 2022 03:46:21 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OJfk-_YJlgOHmwCpaSBRw62PpHsITyxWTbIO7JAw0Q6rj4OS01swtw==
age: 6984923
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png
54.230.245.21200 OK 393 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 3ff814e5236412c48f322c8898ef45bc
03bb8e101a159000a746aa4c781db1347e90535d
579a2a97fb6616d4faf94ac23df731f250a672fda76be78a1fa74a6d1cd8dbba
GET /pages.upwellness.com/uc-grplus-vsl01-aff/ab7be666-white-speakericons-02_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 393
date: Sun, 18 Sep 2022 07:59:09 GMT
last-modified: Fri, 02 Sep 2022 15:02:02 GMT
etag: "3ff814e5236412c48f322c8898ef45bc"
cache-control: max-age=31557600
x-amz-version-id: xTEJkOHzfKHlADvFh7BSrD5ltmxEgYDT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 651Iuz6gMbLlRqygBpUOZTFY8PXkWpI3Eg3PN4qaevYei0yvhFmvkQ==
age: 5414556
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
151.101.86.110304 Not Modified 0 B URL HTTP/2 fast.wistia.com/embed/medias/tmmqdtznyg.m3u8
IP 151.101.86.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/medias/tmmqdtznyg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"f376ddcd25ce45f6ce99a7322ce24846"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 20 Nov 2022 00:01:44 GMT
via: 1.1 varnish
cache-control: public, no-cache
etag: W/"f376ddcd25ce45f6ce99a7322ce24846"
age: 24159
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668902505.548619,VS0,VE0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=27015508&Ver=2&mid=a8821bbc-9fa1-4a20-85a9-c3d8a8f40507&sid=84d03660686611edb0d2a389975ddeec&vid=84d03d80686611ed853997ea0ab207c1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&r=<=1716&evt=pageLoad&sv=1&rn=446099
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27015508&Ver=2&mid=a8821bbc-9fa1-4a20-85a9-c3d8a8f40507&sid=84d03660686611edb0d2a389975ddeec&vid=84d03d80686611ed853997ea0ab207c1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&r=<=1716&evt=pageLoad&sv=1&rn=446099
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27015508&Ver=2&mid=a8821bbc-9fa1-4a20-85a9-c3d8a8f40507&sid=84d03660686611edb0d2a389975ddeec&vid=84d03d80686611ed853997ea0ab207c1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&r=<=1716&evt=pageLoad&sv=1&rn=446099 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=328DCC8EF3EA6EB13425DEECF21F6F9F; domain=.bing.com; expires=Fri, 15-Dec-2023 00:01:44 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1044BC2778E940BCB7DECCCAEEFCE5A6 Ref B: OSL30EDGE0114 Ref C: 2022-11-20T00:01:44Z
date: Sun, 20 Nov 2022 00:01:44 GMT
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png
54.230.245.21200 OK 404 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 33 x 24, 8-bit colormap, non-interlaced\012- data
Hash 6d0abbec035ce0c4075e7e7b8ee68550
2ecf92d54541667646b2364ce347baa45a57f77b
9a2922fd430dfaeb13025d97826931939d872a7b3efd1d09f0e88c5f7c1fd306
GET /pages.upwellness.com/uc-grplus-vsl01-aff/aa65686b-white-speakericons-01_100x00o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 404
date: Wed, 24 Aug 2022 03:44:00 GMT
last-modified: Fri, 19 Aug 2022 13:11:08 GMT
etag: "6d0abbec035ce0c4075e7e7b8ee68550"
cache-control: max-age=31557600
x-amz-version-id: kmb8cUpvzx1e0W5zrYgEVmUNy2_n_cDY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X4NSrUD39hySjzgBKH6J5QOVvYU5zXr_lLvZW8el5NFCqq6TknvAAg==
age: 7589865
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
54.230.245.21200 OK 9.6 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg
IP 54.230.245.21:0
File type JPEG image data, baseline, precision 8, 252x252, components 3\012- data
Hash 6ca7442dfba9d9e783f10f04dfcaa249
224afddf15c4f93481f56a2a997d752f09b38962
17ddc63663734c555981527699774b02b945124941c10450a91b74ce56937b59
GET /pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_109m07807007000m00801o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 9585
date: Sat, 03 Sep 2022 04:46:02 GMT
last-modified: Fri, 02 Sep 2022 15:02:02 GMT
etag: "6ca7442dfba9d9e783f10f04dfcaa249"
cache-control: max-age=31557600
x-amz-version-id: NAExZ8YNpNiGKXHp074OCSOuQTslKLnz
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p5PVqOsFwvZcmeathrCp4LZtuNpxXZNhJP1EltmqthBrOCHq1vBIUw==
age: 6722143
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1668902504485&dep=2%2CPAGE_LOAD
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1668902504485&dep=2%2CPAGE_LOAD
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1668902504485&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1qWTJaVGd3TnpRdE16VXhNeTAwWWpkaExXRmhNek10WVRobE1tTTFOalF3WmpaaA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://pages.upwellness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 5
referrer-policy: origin
x-pinterest-rid: 1652925217682171
date: Sun, 20 Nov 2022 00:01:44 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1668902504.8a25a352
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/4.5.0/firebase.js
142.250.74.163200 OK 116 kB URL HTTP/2 www.gstatic.com/firebasejs/4.5.0/firebase.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (16738)
Size 116 kB (116073 bytes)
Hash 0ff319bf584fbc1049438249c206242d
2adccf821c87d51efbc577cc3f091d6f254f0a35
2571c05e9c76a275e38235dc4b7256c971cccd9c1a40367b8d2f8fc9a14b4efb
GET /firebasejs/4.5.0/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 116073
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:31:50 GMT
expires: Thu, 16 Nov 2023 08:31:50 GMT
cache-control: public, max-age=31536000
age: 314994
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
54.230.245.21200 OK 3.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 246 x 91, 8-bit colormap, non-interlaced\012- data
Hash b5c5f324193b5e16bbbeba489c9bf2f9
9f6c6b0feb1141dba640af2237d35ae33fc36677
84e592026970dcb362dd9afca58ee14ba148d62f8d52de8da147ec2b2f497153
GET /pages.upwellness.com/uc-grplus-vsl01-aff/c34647f5-upwellness-withouttagline-horizontal-logo-rgb-white_106u02j000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3345
date: Fri, 11 Nov 2022 01:40:50 GMT
last-modified: Thu, 03 Nov 2022 17:16:32 GMT
etag: "b5c5f324193b5e16bbbeba489c9bf2f9"
cache-control: max-age=31557600
x-amz-version-id: qAtlv8qMpnezwJzGk_sJtgf18GBQNVLi
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vPxtLBuznr7o8hV3oD_-yQN6dA7rD2M05SyGrcTCQDZLgC1WnpAAOA==
age: 771655
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668902504486
23.38.200.197200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668902504486
IP 23.38.200.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1668902504486 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2314648150875487
date: Sun, 20 Nov 2022 00:01:44 GMT
akamai-grn: 0.274f2417.1668902504.8a25a384
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
54.230.245.21200 OK 3.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 92 x 92, 8-bit colormap, non-interlaced\012- data
Hash 3e5b99433b8b72478180f7e404014a0b
dd2dc5346993430fd18898e72b853d4a8571cf54
316dd36671b451aa88c2cb9e2a833943ee9cb6e6b9fb1267f419d2b1ecbaa4e3
GET /pages.upwellness.com/uc-grplus-vsl01-aff/6d578cf0-color-icons-cbs-fox-usatoday-nbc-02-1_102k02k000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2978
date: Wed, 16 Nov 2022 00:57:24 GMT
last-modified: Thu, 03 Nov 2022 17:16:32 GMT
etag: "3e5b99433b8b72478180f7e404014a0b"
cache-control: max-age=31557600
x-amz-version-id: w4jMdFtzcllpfRvLDKyyyOIXg8rKQ2CP
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K1wpBM5DAkj0Go7Bfee0UqUs_6se0W6z1_a7KhwvO7l-clHLPYVK0A==
age: 342261
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
54.230.245.21200 OK 1.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash 9ac72e37f90441dec8054ca9fad4f958
c34ba3dfccc201d169861b88ae8172a8902559ef
6bcbcb6496dddd15c57669623a1361fc1082513cbdb9c653ed8d25ed8392a918
GET /pages.upwellness.com/uc-grplus-vsl01-aff/a2ab90a1-color-icons-cbs-fox-usatoday-nbc-01-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1035
date: Tue, 08 Nov 2022 16:15:49 GMT
last-modified: Thu, 03 Nov 2022 17:16:32 GMT
etag: "9ac72e37f90441dec8054ca9fad4f958"
cache-control: max-age=31557600
x-amz-version-id: WXrDW6vydO9DbnAmhapDbd2YU_qodpyj
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZIxbgMQrWaMkWEz8PsScB2pt9v2-AAuo6t-PzfSObSzcU1eOBRXgrQ==
age: 978356
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
208.83.60.221200 OK 18 kB URL HTTP/1.1 www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
IP 208.83.60.221:0
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash d094840fd6b5b489b25f18a22a493822
29a59e8c0250e81421609d5c7c25f20776fdaa4a
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
GET /wp-content/uploads/2015/10/favicon-152.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06; _gcl_au=1.1.988294787.1668902503; UltraCartShoppingCartID=BF83C4C31CC90301849257454F2DC500; ucacid=953912381.728723
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 00:01:44 GMT
Content-Type: image/png
Content-Length: 18176
Last-Modified: Tue, 06 Oct 2015 22:43:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "56144e92-4700"
Expires: Sun, 27 Nov 2022 00:01:44 GMT
Pragma: public
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
54.230.245.21200 OK 742 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash b02c898ea0b0b138b4c46168d31ebc9b
d9ac970e50ee53c042ad38a2c706d3e0d5662f99
f2d83312c2b1c7c1ad2be8e99b5b8d3c5d8432c2828d5cf52ee15e4423698bab
GET /pages.upwellness.com/uc-grplus-vsl01-aff/8abaeb2d-color-icons-cbs-fox-usatoday-nbc-03-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 742
date: Sat, 29 Oct 2022 01:33:07 GMT
last-modified: Wed, 26 Oct 2022 17:19:47 GMT
etag: "b02c898ea0b0b138b4c46168d31ebc9b"
cache-control: max-age=31557600
x-amz-version-id: kIEilbCNatkb7a84cv8uul2EsrboYjdG
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JDEK-NU8pXcI-dATiYDAT-M26uQB4EAHkfj2f6wjNXa6j4G_VywTkg==
age: 1895318
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
54.230.245.21200 OK 4.9 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg
IP 54.230.245.21:0
File type JPEG image data, baseline, precision 8, 156x156, components 3\012- data
Hash 86140e94391c453d7e943ecd2c76a385
87165779b2df1e9dc76345b53d6af5df0e7b5160
635fa27826bc3b802f341bba0c8291af3698ada8d704bb116692a4b0fe77c1da
GET /pages.upwellness.com/uc-grplus-vsl01-aff/d05c88fb-image-from-ios-3-1_105y04h04c04c00e00501o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4874
date: Tue, 15 Nov 2022 03:35:00 GMT
last-modified: Thu, 03 Nov 2022 17:16:32 GMT
etag: "86140e94391c453d7e943ecd2c76a385"
cache-control: max-age=31557600
x-amz-version-id: AMabXqYDu7m_QZ2hbRjrLSrKe1h4lxGX
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RKsnF31O8VxHqnJ9pkN75fQ3ut6AET9U-Sx_IHIeNZ7J9bcMEgdfjw==
age: 419205
X-Firefox-Spdy: h2
script.hotjar.com/modules.55241fd65a1af5a1837b.js
143.204.55.68200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.55241fd65a1af5a1837b.js
IP 143.204.55.68:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f82b1a8e62b6a241154cb066c4d1ad8
942982f722f180cb3eac787f0f5edb1f3927696a
36a9999c741ee16ea1337a713b13a62f7e368a437ebe9581c487d42b7c7fe50b
GET /modules.55241fd65a1af5a1837b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68617
date: Thu, 17 Nov 2022 11:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yjgR10sTvPpuneXiup0FRKiq1Wo5e45RVXsjYZImN36oMTO9OUDZ4A==
age: 219338
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/external/interFontFace.js
151.101.86.110200 OK 18 kB URL HTTP/2 fast.wistia.com/assets/external/interFontFace.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (45349), with no line terminators
Hash 53c97190603845aa22fe260f7ec735c4
a16cfa041fdd5e6652d23cde3ac4c207b8dd5276
091e2d49b6d1c2a135481ce5d39810dcf6debcc9da5879c450ee7d40765237a5
GET /assets/external/interFontFace.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-46e6"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 2608
x-served-by: cache-iad-kcgs7200123-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 97, 8
x-timer: S1668902505.627099,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 18150
X-Firefox-Spdy: h2
bat.bing.com/p/action/27015508.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27015508.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27015508.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3811E02B2FA76678124CF2492E526782; domain=.bing.com; expires=Fri, 15-Dec-2023 00:01:44 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DD171AA0A7C0418F9AC07CC0829D5D4C Ref B: OSL30EDGE0114 Ref C: 2022-11-20T00:01:44Z
date: Sun, 20 Nov 2022 00:01:44 GMT
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
54.230.245.21200 OK 1.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 118 x 118, 8-bit colormap, non-interlaced\012- data
Hash c3187d70acad4469f04dd3d18fa9e6c3
7fd04ec574ffdaf4310b21dce8e0e68a1dccce36
282f5a01cde33126c76b73790e408dec892b9968334879013b7deffe276a11d9
GET /pages.upwellness.com/uc-grplus-vsl01-aff/b16fd4d5-color-icons-cbs-fox-usatoday-nbc-04-1_103a03a000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1275
date: Sat, 12 Nov 2022 00:36:46 GMT
last-modified: Thu, 03 Nov 2022 17:16:32 GMT
etag: "c3187d70acad4469f04dd3d18fa9e6c3"
cache-control: max-age=31557600
x-amz-version-id: T_0nxU6loFzRDd9fqV_6RgHnlX2uGNyi
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1mRsHPJFyirpiOf_N-nicmf4frJuzB2JaFsFnmPyauYpDUlrjX5bCQ==
age: 689098
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10175858.json
188.125.94.204200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10175858.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ad716787c5ee7f50ab6806a8dfac76d
31d18a36b7472a44913f9871c1ea0d3530f17060
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
GET /wi/config/10175858.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: onlYeDrkufegHsOHHmJLvtNGIYfNBkhyAhUFR849cqBaTbc3wiI4wCTclBd/sJrN+fDZGtbrbxDkVYg+ZYg/IQ==
x-amz-request-id: 0TYVSCEVR8VHGWGZ
date: Sat, 19 Nov 2022 05:37:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 14 Jan 2022 20:54:46 GMT
x-amz-expiration: expiry-date="Sun, 19 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: fa2aBktS.tlgTipU0DLTD9VeWF6_YTMO
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
age: 66229
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
151.101.86.133200 OK 3.7 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8
IP 151.101.86.133:0
Hash ad213983ab337bf180cb7bd17f3641e5
b326ce5f18fe0100810062a573be21a7d03af258
5203ca710a081e640b4d1f8ccb231da0edbd624da8698b8498acf75be0279714
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Tue, 17 Oct 2023 12:57:56 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 2891029
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100027-IAD, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 10504, 1
x-timer: S1668902505.670595,VS0,VE1
vary: Accept-Encoding
content-length: 3731
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/862759327/?random=1668902503477&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3330531239&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1668902503477&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3330531239&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1668902503477&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3330531239&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10056129.json
188.125.94.204200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10056129.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc5f6676b4f2531b36b8c7120da6ecca
e7ddbe9b016bc7594e9d5f3a7bf960b56226d5de
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
GET /wi/config/10056129.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fpn7ScSiftiXlY1XSGk7znhfGzdKQMXBWu1MuznkH+LbcCxmF6kT9qHTOsfZ5oob9Jkc0Rn6C6I=
x-amz-request-id: 5H7EGQC3PCKYH7CG
date: Sat, 19 Nov 2022 10:44:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
age: 47836
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1024125552.1668902504&jid=1744379018&gjid=1634663052&_gid=1151890229.1668902504&_u=YGBAiEABBAAAAEAAI~&z=1897450308
142.250.150.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1024125552.1668902504&jid=1744379018&gjid=1634663052&_gid=1151890229.1668902504&_u=YGBAiEABBAAAAEAAI~&z=1897450308
IP 142.250.150.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1024125552.1668902504&jid=1744379018&gjid=1634663052&_gid=1151890229.1668902504&_u=YGBAiEABBAAAAEAAI~&z=1897450308 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://pages.upwellness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/624541243/?random=1668902503369&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1071208361&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/624541243/?random=1668902503369&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1071208361&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1668902503369&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1071208361&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/862759327/?random=1668902503471&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3696917347&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1668902503471&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3696917347&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1668902503471&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3696917347&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/675938688/?random=1668902503516&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3816868100&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/675938688/?random=1668902503516&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3816868100&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1668902503516&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3816868100&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3b1d0042dde3a7cc0f3c9a298949354
5643577b85e8c0d80cf8a5c94262727138b8d001
3efe18400af9e79682d4505e35b7b2debe378453facc569dbb575b6ba849d874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3b1d0042dde3a7cc0f3c9a298949354
5643577b85e8c0d80cf8a5c94262727138b8d001
3efe18400af9e79682d4505e35b7b2debe378453facc569dbb575b6ba849d874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/458254939/?random=1668902503503&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3292592306&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/458254939/?random=1668902503503&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3292592306&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1668902503503&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3292592306&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
151.101.86.133200 OK 304 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts
IP 151.101.86.133:0
File type gzip compressed data, from Unix\012- data
Size 304 kB (304417 bytes)
Hash 0912051c464396991c5cfd675d05f214
83b5874d66c5da1b02d9e47d7a95be4f5d38adc0
e7cab5a43fb14914bd4184f879583c5475e7b14b34ebae4a072de9d97ccc08f8
GET /deliveries/2acc52173c43d44dfa93ee8a21061db47c4ae5ed.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Thu, 28 Sep 2023 09:50:17 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 2acc52173c43d44dfa93ee8a21061db47c4ae5ed-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:44 GMT
age: 4543888
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200130-IAD, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 53, 1
x-timer: S1668902505.774640,VS0,VE1
content-length: 216952
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10838597190/?random=1668902503483&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=788953866&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10838597190/?random=1668902503483&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=788953866&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1668902503483&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=788953866&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/675938688/?random=1668902503516&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3816868100&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/675938688/?random=1668902503516&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3816868100&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1668902503516&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3816868100&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
23.36.76.200200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash 4dbb6a70352514258a764f17379df162
1d07ed4093d8e6fa0bd406c05e527a79d56ae1d4
71c5c0962b4fe28b5bf7ff4396001d27459106809c564c55e379ee28dc4a6a43
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31425518
Expires: Sat, 18 Nov 2023 17:20:22 GMT
Date: Sun, 20 Nov 2022 00:01:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:21 GMT
expires: Thu, 16 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 275243
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/624541243/?random=1668902503369&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1071208361&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/624541243/?random=1668902503369&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1071208361&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1668902503369&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1071208361&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
23.36.76.200200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash 4dbb6a70352514258a764f17379df162
1d07ed4093d8e6fa0bd406c05e527a79d56ae1d4
71c5c0962b4fe28b5bf7ff4396001d27459106809c564c55e379ee28dc4a6a43
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31425518
Expires: Sat, 18 Nov 2023 17:20:22 GMT
Date: Sun, 20 Nov 2022 00:01:44 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
www.google.no/pagead/1p-user-list/458254939/?random=1668902503503&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3292592306&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/458254939/?random=1668902503503&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3292592306&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1668902503503&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3292592306&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10838597190/?random=1668902503483&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=788953866&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10838597190/?random=1668902503483&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=788953866&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1668902503483&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=788953866&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/862759327/?random=1668902503477&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3330531239&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/862759327/?random=1668902503477&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3330531239&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1668902503477&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3330531239&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9499a514bd5cc60fd7f841ea6d534583
b5d504c5aec93bb324106e51ac8f451fb28d5f62
2ec729570f488d779f7c65aa3f75f939afd0361f92ebeba79567cb49c37918a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EC729570F488D779F7C65AA3F75F939AFD0361F92EBEBA79567CB49C37918A3"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Sun, 20 Nov 2022 01:27:14 GMT
Date: Sun, 20 Nov 2022 00:01:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0221df1d0f7ec47514a03758ce83f18f
59aaf8e97c727c44933ad992e2d7202f9aee236e
3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aef3984dc528d9c6aeaeb62752f5c01d
56a959993eb3e2dbc1047ac8f0477cc279631b48
099598c1ff8acfd47c6800ef89c25d0723e7cc8a2ca67bc7a5191c6a84e3c821
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6012
Cache-Control: max-age=168695
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "637946e4-1d7"
Expires: Mon, 21 Nov 2022 22:53:20 GMT
Last-Modified: Sat, 19 Nov 2022 21:13:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18364
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18364
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18364
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18364
Expires: Sun, 20 Nov 2022 05:07:49 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
www.google.no/pagead/1p-user-list/862759327/?random=1668902503471&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3696917347&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/862759327/?random=1668902503471&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3696917347&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1668902503471&cv=11&fst=1668902400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3696917347&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:01:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83073085e08b3f219b42b841c1ca52bb
c1b91cf497433f2c8b8ec12a4a71e07f25191b32
913a923c7e210a82dfc6a23580eba7f81fb74a468582e8a7704aaad9958390e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F54276ef6-e002-4d55-a4fd-6d4f94f787a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 91286e80-ec62-49aa-b405-048e17ac69bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3juyFgVoAMFkJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794cc4-024eb9f167cf3c531ebcfce2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EiJ1nOT_IJIHvCltpyFpzQM0n4IYEbv669SRfxwzRAaCUx8_iN55Mg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:22:41 GMT
etag: "c1b91cf497433f2c8b8ec12a4a71e07f25191b32"
content-type: image/jpeg
age: 5944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t.unbounce.com/trk?v=db668977-1a79-4e18-94e4-f8023c4d9e06&xp=65d0fec8-b023-4c4b-ac8b-d609707436f9&g=convert
3.126.202.50200 OK 0 B URL HTTP/1.1 t.unbounce.com/trk?v=db668977-1a79-4e18-94e4-f8023c4d9e06&xp=65d0fec8-b023-4c4b-ac8b-d609707436f9&g=convert
IP 3.126.202.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trk?v=db668977-1a79-4e18-94e4-f8023c4d9e06&xp=65d0fec8-b023-4c4b-ac8b-d609707436f9&g=convert HTTP/1.1
Host: t.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 20 Nov 2022 00:01:45 GMT
content-type: application/javascript
content-length: 0
x-proxy-backend: page-server
strict-transport-security: max-age=63072000; includeSubDomains
permissions-policy: battery=()
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
connection: close
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Fw8oQLJjyFcjQIOfpxxUo1r8R1gh14yVsFGC-xmr9rhfTVVna1o3w==
age: 1337979
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1e751db3c22be366e4bef8b30644677
a2147825fc70ee46cdff2c5857646078c7cc3dad
713e83ce024a939bbc34268a18ea20e6e18fedeeeb6c5e5788df9b473c1c1c27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7659
x-amzn-requestid: 78936c00-59d6-45ae-97fe-b038a9748078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0BFtdoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4c-45f909677dc2cece6f0e27aa;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -B6mMWjuXxI3rVMu78ut9_BICmn-XzHWHfmj5Xi6H0OoXSAMCPNm0Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "a2147825fc70ee46cdff2c5857646078c7cc3dad"
content-type: image/jpeg
age: 8414
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.060947521500917756&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
52.5.162.24200 OK 0 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.060947521500917756&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
IP 52.5.162.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.060947521500917756&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Cookie: ubvt=db668977-1a79-4e18-94e4-f8023c4d9e06; _gcl_au=1.1.988294787.1668902503; AWSALB=oAb8XHGynIPyvXCPjQnG1BA4f/occve1dE4vXvK35GXKPQf389zYO77LTzUnllal2idDzaslPLBQYhqR74PkadpD+Q+iUoLBe5v20wTAhSpLeqSo1zy+0Uw/5TMX; AWSALBCORS=oAb8XHGynIPyvXCPjQnG1BA4f/occve1dE4vXvK35GXKPQf389zYO77LTzUnllal2idDzaslPLBQYhqR74PkadpD+Q+iUoLBe5v20wTAhSpLeqSo1zy+0Uw/5TMX; UltraCartShoppingCartID=BF83C4C31CC90301849257454F2DC500; ucacid=953912381.728723; ucacid=953912381.728723; JSESSIONID=abcwjWaNoLPqFhJGRPttT; LBJSESSIONID=abcwjWaNoLPqFhJGRPttT.n220; cl4975ot4arrr6_source=Direct; cl4975ot4arrr6_session_starts=1668902504151; cl4975ot4arrr6_session_ends=1668904304152; cl4975ot4arrr6_utmParams=%7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D; cl4975ot4arrr6_uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b; cl4975ot4arrr6_sid=CL-d03e65b5-4495-490f-83aa; cl4975ot4arrr6_gid=cl4975ot4arrr635b36252-9e45-4074-8b73-f77e57377780; _li_dcdm_c=.upwellness.com; _lc2_fpi=f0f26c15fa8f--01gj95ehq295866sfxtv7j34ef; _ga=GA1.2.1024125552.1668902504; _gid=GA1.2.1151890229.1668902504; _dc_gtm_UA-28307243-3=1; _uetsid=84d03660686611edb0d2a389975ddeec; _uetvid=84d03d80686611ed853997ea0ab207c1; _fbp=fb.1.1668902504876.2099231818
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:45 GMT
content-length: 0
set-cookie: AWSALB=vhrs/R48Zt756OONwVHri6UeqTHlO0pvX4w7W/6VstKMjw6IRuRd1IamvGRg52ytgw0Bxp6yyq0DfITUyok3N7C5d2Fpxg1fgpWzN0zbxob9+4VWoKtdzVA6zVyO; Expires=Sun, 27 Nov 2022 00:01:45 GMT; Path=/
AWSALBCORS=vhrs/R48Zt756OONwVHri6UeqTHlO0pvX4w7W/6VstKMjw6IRuRd1IamvGRg52ytgw0Bxp6yyq0DfITUyok3N7C5d2Fpxg1fgpWzN0zbxob9+4VWoKtdzVA6zVyO; Expires=Sun, 27 Nov 2022 00:01:45 GMT; Path=/; SameSite=None; Secure
UPWEL-ANP=6141; domain=store.upwellness.com; path=/; expires=Mon, 20-Nov-2023 00:01:45 GMT; HttpOnly
server: Apache
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4454f87c40e9b7c5de9853c1ec6f0671
119aac07a88e7c358bf353335f3a81039ca9943b
e909f823611609282c643c58ccc7b267dcfc09970e58b66742dc8baf7cda5bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5699
x-amzn-requestid: ea538aed-2b5a-4940-b49f-b4703a556956
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i6KHnQoAMFu3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b74-2f756f9a27ddc4b001cdaff2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:36 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w4JqPNmzHlUl4EMM2osU4Z5dtroFWOB0DL5ylePs6XBbIdxpsPItnQ==
via: 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "119aac07a88e7c358bf353335f3a81039ca9943b"
content-type: image/jpeg
age: 8414
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:36:28 GMT
age: 8717
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e33cec1fb25538471758ee73cffc0c88
351f0afdd289e84c829401b80645c8803b47bc39
d826e4a0f0f53e95864b1e40d6bf13d2e82ad5806f988b7d54bb97e21b45da8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6744
x-amzn-requestid: e03ae3dd-b804-4a7f-9d23-f208c2608b63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3juwFMKIAMFpIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794cc4-67355244587bcb725a80e363;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: txwSLf1dmqrnZtohweappWUggRFbJJXEruSrPUZk48IcXkpkzzhzZQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:53:20 GMT
age: 4105
etag: "351f0afdd289e84c829401b80645c8803b47bc39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0221df1d0f7ec47514a03758ce83f18f
59aaf8e97c727c44933ad992e2d7202f9aee236e
3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 623ee888c7c89b3b1fbc7454032403e9
6c237808a186c2ac0d7084fb386b0862d188dabb
a7e8212bb8c2c738a61f1f7ecf730ee09e751334f3cdb5ed447913b69561f5b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7bd20d-d931-4bf4-b779-4d11f018d81f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: c80806cc-6125-4e82-971e-1c93d7bb5ce9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3izgHavoAMFicA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b49-51a4c2ba1d646c1c7633d99a;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bsukMDSn70wVNA0iIBkOUGae0uTFHvOowG90XsuEqTUVoYg8IReLzQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:54:26 GMT
age: 7639
etag: "6c237808a186c2ac0d7084fb386b0862d188dabb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c0b444e29e715bd9cf8c917bf0904870
c2bfd71c50d73489110a9bdb0385cb0557f4eda4
ca13b00dbac6ca8ecffff24b88f92a8022c40ef1e39cbb0ce5aef92ea8a0e8b7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147896
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "6378f694-1d7"
Expires: Mon, 21 Nov 2022 17:06:41 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:28 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sobnnbMp3SpLTz0xjHe9iY6_TvuzZoYz9qLeQf9FN73h9tkNaWLZ9Q==
Age: 5773
tr.outbrain.com/cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc
64.202.112.159200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc
IP 64.202.112.159:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 00:01:45 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: ae790f7ee694fd22a0a3aac6364ff77e
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&optOut=false&bust=040036149559827794&referrer=
64.202.112.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&optOut=false&bust=040036149559827794&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00ecfc580bbba23ea48e25b4bb418ef655,00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&optOut=false&bust=040036149559827794&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 00:01:45 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: fdab682bce71bb8333222f3b3563b05b
content-encoding: gzip
events.ub-analytics.com/i?stm=1668902504632&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=65e72b73-a6e9-45c1-a140-29ec637a1df9&dtm=1668902504630&vp=1280x939&ds=1268x1251&vid=1&sid=fd0bd418-3999-4414-bf37-9c146b7d6abe&duid=96f21abb-a5d4-4f25-8fed-2ef142d5a9d7&uid=db668977-1a79-4e18-94e4-f8023c4d9e06&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
44.199.30.13200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1668902504632&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=65e72b73-a6e9-45c1-a140-29ec637a1df9&dtm=1668902504630&vp=1280x939&ds=1268x1251&vid=1&sid=fd0bd418-3999-4414-bf37-9c146b7d6abe&duid=96f21abb-a5d4-4f25-8fed-2ef142d5a9d7&uid=db668977-1a79-4e18-94e4-f8023c4d9e06&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
IP 44.199.30.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1668902504632&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=65e72b73-a6e9-45c1-a140-29ec637a1df9&dtm=1668902504630&vp=1280x939&ds=1268x1251&vid=1&sid=fd0bd418-3999-4414-bf37-9c146b7d6abe&duid=96f21abb-a5d4-4f25-8fed-2ef142d5a9d7&uid=db668977-1a79-4e18-94e4-f8023c4d9e06&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjVkMGZlYzgtYjAyMy00YzRiLWFjOGItZDYwOTcwNzQzNmY5IiwidmFyaWFudElkIjoiYWsiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:45 GMT
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.0.9
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
23.36.76.200200 OK 1.6 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.6 MB (1558520 bytes)
Hash c99eba935e2a3089e3a768d3646f5b3f
2773babf9ff2e0f3beba2f10403018cf55019e92
0cf3d354eadd8e8aa2fead4090a75c396014486ea74b61219c8cf946d4272a35
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1558520
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31518194
Expires: Sun, 19 Nov 2023 19:04:59 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
23.36.76.200200 OK 1.6 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.6 MB (1558520 bytes)
Hash c99eba935e2a3089e3a768d3646f5b3f
2773babf9ff2e0f3beba2f10403018cf55019e92
0cf3d354eadd8e8aa2fead4090a75c396014486ea74b61219c8cf946d4272a35
GET /deliveries/2c03dce466616e7a49124ce8492869e4a6c54c82.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1558520
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 2c03dce466616e7a49124ce8492869e4a6c54c82-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31518194
Expires: Sun, 19 Nov 2023 19:04:59 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5188dd5d6dbca15f94938bb8836a6189
f5913713b97894d783da425fb6765d45c4abfeab
e5bdaa001f917015fac1cee247fb8550b17e17f641e5a37e7423e87f64dbd26c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169849
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "637962e2-117"
Expires: Mon, 21 Nov 2022 23:12:34 GMT
Last-Modified: Sat, 19 Nov 2022 23:12:34 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7ccf6805307eb94d92f1bb85a443c2ab
2dcb64113d905a3e012c216a2d43a839629bc34a
57eccd4e25e3ed45f13f6fee4fcb5170eaf0af508fd6768a03891a3ef1620a86
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121496
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "63789b5b-1d7"
Expires: Mon, 21 Nov 2022 09:46:41 GMT
Last-Modified: Sat, 19 Nov 2022 09:01:15 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7UyWlebQVHpR46DILWsRS-rR9vuVs0cETEhZzUb8HcOBVZgfnMOhXg==
Age: 2726
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7ccf6805307eb94d92f1bb85a443c2ab
2dcb64113d905a3e012c216a2d43a839629bc34a
57eccd4e25e3ed45f13f6fee4fcb5170eaf0af508fd6768a03891a3ef1620a86
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123631
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "63789b5b-1d7"
Expires: Mon, 21 Nov 2022 10:22:16 GMT
Last-Modified: Sat, 19 Nov 2022 09:01:15 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: USOVvLtsrEjt-X2GoieddXtq7Ki8dTtbfRz8w5waRn2rWfzXxaMFJA==
Age: 4861
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7ccf6805307eb94d92f1bb85a443c2ab
2dcb64113d905a3e012c216a2d43a839629bc34a
57eccd4e25e3ed45f13f6fee4fcb5170eaf0af508fd6768a03891a3ef1620a86
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122643
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "63789b5b-1d7"
Expires: Mon, 21 Nov 2022 10:05:48 GMT
Last-Modified: Sat, 19 Nov 2022 09:01:15 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3wFO4IzBMY9p_5zhtXcpOfS4LTKDOxvm1XkzX5otXN7_Ny8zzOZfrg==
Age: 3873
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7ccf6805307eb94d92f1bb85a443c2ab
2dcb64113d905a3e012c216a2d43a839629bc34a
57eccd4e25e3ed45f13f6fee4fcb5170eaf0af508fd6768a03891a3ef1620a86
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124792
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "63789b5b-1d7"
Expires: Mon, 21 Nov 2022 10:41:37 GMT
Last-Modified: Sat, 19 Nov 2022 09:01:15 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4ybZkm-itRwdv8PDQ3fZ-PMQ_bcl0eFPdK15ZoZ9lwyXj1AC7MJHEw==
Age: 6022
io.v2.customerlabs.co/cl/firstVisit
44.207.227.229200 OK 0 B URL HTTP/1.1 io.v2.customerlabs.co/cl/firstVisit
IP 44.207.227.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl/firstVisit HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 489
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sun, 20 Nov 2022 00:01:45 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
23.36.76.200200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash ab5749148714924c5838aca07a914f1f
8986957e269c8ede3f95a1e04a5578bb85a780a4
d85c34da5529aa87fc3dbd68b383e851e3b44f90004f99e75ade9397a7d92f78
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31510318
Expires: Sun, 19 Nov 2023 16:53:43 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
23.36.76.200200 OK 106 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Size 106 kB (105863 bytes)
Hash ab5749148714924c5838aca07a914f1f
8986957e269c8ede3f95a1e04a5578bb85a780a4
d85c34da5529aa87fc3dbd68b383e851e3b44f90004f99e75ade9397a7d92f78
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 105863
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31510318
Expires: Sun, 19 Nov 2023 16:53:43 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
44.207.227.229200 OK 178 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
IP 44.207.227.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6a3798870feca410199021a871b222fd
4ff7e0626d70a479d810b01075d3da0fc2f2b9e9
fd3147abd2ce0ba44347f874969845f233a43683473e843344cc24bcda2cfc01
GET /externalIds?customerlabs_user_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Sun, 20 Nov 2022 00:01:45 GMT
Server: nginx/1.12.1
Content-Length: 178
Connection: keep-alive
io.v2.customerlabs.co/cl
44.207.227.229200 OK 0 B IP 44.207.227.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 837
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sun, 20 Nov 2022 00:01:45 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d0cbe3bf65cbe8312ff174f0e3a277a8
64dc206cad286f48c68d0adbe92b40ed8614e1b9
a546b0bae9d64dd1340782f4ed56d8eacead5ef4d19c2c75c8af264384b401af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162678
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:45 GMT
Etag: "637946df-117"
Expires: Mon, 21 Nov 2022 21:13:03 GMT
Last-Modified: Sat, 19 Nov 2022 21:13:03 GMT
Server: nginx
Content-Length: 279
io.v2.customerlabs.co/cl
44.207.227.229200 OK 0 B IP 44.207.227.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 832
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sun, 20 Nov 2022 00:01:45 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1668902504876.2099231818&customerlabs_user_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&t=0&sc=1280%20x%201024
44.207.227.229200 OK 561 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1668902504876.2099231818&customerlabs_user_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&t=0&sc=1280%20x%201024
IP 44.207.227.229:0
File type JSON data\012- , ASCII text, with very long lines (561), with no line terminators
Hash 8913be325463a0b45485c98fb596df60
f2f4bab96a6230f08f043f47fae9fad5090899b5
e0bb1af94f2691accb324f3c7610454cedc4ab4c56d5a8934b90286a7bcdf5a6
GET /externalIds?facebook___fbp=fb.1.1668902504876.2099231818&customerlabs_user_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&id=cl4975ot4arrr6&uid=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b&t=0&sc=1280%20x%201024 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Sun, 20 Nov 2022 00:01:45 GMT
Server: nginx/1.12.1
Content-Length: 561
Connection: keep-alive
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
23.36.76.200200 OK 452 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 452 kB (451576 bytes)
Hash 67501a36beb525a095955cf7549a54e8
fab51b09bb81d0ea8f8671e0545ce29d11c97a85
576624d97d2cf55136788b5f9201affb7ad1016f856685473acd8b1bdc8ae870
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 451576
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31511220
Expires: Sun, 19 Nov 2023 17:08:45 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
23.36.76.200200 OK 452 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 452 kB (451576 bytes)
Hash 67501a36beb525a095955cf7549a54e8
fab51b09bb81d0ea8f8671e0545ce29d11c97a85
576624d97d2cf55136788b5f9201affb7ad1016f856685473acd8b1bdc8ae870
GET /deliveries/c6d0dceb10dbd106159687b3689dd280c381b6a0.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 451576
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c6d0dceb10dbd106159687b3689dd280c381b6a0-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31511220
Expires: Sun, 19 Nov 2023 17:08:45 GMT
Date: Sun, 20 Nov 2022 00:01:45 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
www.facebook.com/tr/
157.240.200.35200 OK 0 B IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tr/ HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------10976281620833126971867625991
Content-Length: 5371
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Nov 2022 00:01:46 GMT
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
104.26.9.50302 Found 1.5 kB URL HTTP/2 a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
IP 104.26.9.50:0
Hash cdc2be4b4602e99727afda46f30c4572
b881f61030b1e74a92555ba403e44e007bc73fc5
211d8dfccd3ba788fcb43c722c3cc69c14f5838d1ad2839c50813e5bee79eaf6
GET /px/smart/a/?seg=uc-grplus-vsl01-aff&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:46 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:46 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-mttb4:cc-nginx-6c897bf986-mttb4
x-requestid: 991c10c6-21ca-4900-aeb6-2633ff983f8e
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH%2BLCBl3zktOAb3ivraOtxUQdEWBUtyrkA7wDViaixd60Nn0LCQbooCysIGklQsG4MAi2dq3ALGe%2B6JIZCuBKoZoMLbqI79PouJU6NJhnOVmiyGgfzwVQUg4a7thaOksNbvmgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b56c1ab50c-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9e9a32c993dadb0abbd6d31c81a2f056
6211f2f06e50d1fde0577b903449d77cc9665778
c863d098f25df16aa0afc5b9adeb96e76f99027b536ecfb1ce36eacc67e46840
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85983
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "63781b49-117"
Expires: Sun, 20 Nov 2022 23:54:49 GMT
Last-Modified: Fri, 18 Nov 2022 23:54:49 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9e762b91ebee8d06eb2862a1df4983b7
b9d2c5e1e22f127495be465d8005052304dd5c91
93d64616f109338bd9eeb349ced57d9650e59c7ccefe539a580ebc13e6130f7a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103376
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "63784863-1d7"
Expires: Mon, 21 Nov 2022 04:44:42 GMT
Last-Modified: Sat, 19 Nov 2022 03:07:15 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9gfwMggY3Br03AIGOOs4bUYsns_nU2dDEOTaDAC2zrIWgd3uK8UxPw==
Age: 5847
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9e762b91ebee8d06eb2862a1df4983b7
b9d2c5e1e22f127495be465d8005052304dd5c91
93d64616f109338bd9eeb349ced57d9650e59c7ccefe539a580ebc13e6130f7a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101853
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "63784863-1d7"
Expires: Mon, 21 Nov 2022 04:19:19 GMT
Last-Modified: Sat, 19 Nov 2022 03:07:15 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UpJ1mb2xdvkNI8FQ9jFeO25YFijn9Jf0l2J__drUOYioUWG_qQe0Ow==
Age: 4324
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10175858&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:46 GMT
expires: Sun, 20 Nov 2022 00:01:46 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGpueWMCELzEI2LgiJCEsp5JKVB_59EFEgEBAQG_emODYwAAAAAA_eMAAA&S=AQAAAvOWj3YE01UQvaRsqT2L2CQ; Expires=Mon, 20 Nov 2023 06:01:46 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2020%20Nov%202022%2000%3A01%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2020%20Nov%202022%2000%3A01%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Sun%2C%2020%20Nov%202022%2000%3A01%3A46%20GMT&n=0&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:46 GMT
expires: Sun, 20 Nov 2022 00:01:46 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGpueWMCEJYE5ddWIDih45hP9x9lU04FEgEBAQG_emODYwAAAAAA_eMAAA&S=AQAAAthNFU-xr7qW19eCywe2AAQ; Expires=Mon, 20 Nov 2023 06:01:46 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 34ae43b603f86f2549ef51016055a694
894620a0d695dd1491ce925ef9e889b25c3c41ee
81d4426d339d11cd09d26f82abd2c49f61f74a2f727681f544680ae4f5442cfa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145910
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "6378f557-1d7"
Expires: Mon, 21 Nov 2022 16:33:36 GMT
Last-Modified: Sat, 19 Nov 2022 15:25:11 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2yFEWO0rb48bEvgrhXG_-9C9E7DnsdDRWrOjxy_D4asTvoeFD7k01g==
Age: 4105
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9e9a32c993dadb0abbd6d31c81a2f056
6211f2f06e50d1fde0577b903449d77cc9665778
c863d098f25df16aa0afc5b9adeb96e76f99027b536ecfb1ce36eacc67e46840
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2349
Cache-Control: max-age=88332
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "63781b49-117"
Expires: Mon, 21 Nov 2022 00:33:58 GMT
Last-Modified: Fri, 18 Nov 2022 23:54:49 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
104.26.3.122302 Found 0 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
IP 104.26.3.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/smart/?c=24a3d6f0fe7dd9c&seg=uc-grplus-vsl01-aff&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:45 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?seg=uc-grplus-vsl01-aff&c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6450474e3-554a-4a71-a7c7-90ea245eb41b
x-frontend: cc-nginx-6c897bf986-wg6g8:cc-nginx-6c897bf986-wg6g8
x-requestid: f49b0c43-67dd-4885-bae7-8a8ef617c6b0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGQGDF9d1M3TUJLOlXfuIIj5wM%2FZPi6MAlHDnR%2BvMxjedDnK6jbjd%2FgltSk3puKCfuvepQQ4ruFe5UNjbLFiLpCJuoVC2nODEorT7m%2Fiajq1OWR0pX5zbi%2FQ32P5KNZyR7PxLZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b32932b51e-OSL
X-Firefox-Spdy: h2
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=2027&scd=75&ssd=1&est=1668902504458&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1668902506490&vi=1668902504457&ri=890e08de57776ef2514ad507bb1b9efa&ref=null&cv=20221113-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=2027&scd=75&ssd=1&est=1668902504458&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1668902506490&vi=1668902504457&ri=890e08de57776ef2514ad507bb1b9efa&ref=null&cv=20221113-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=2027&scd=75&ssd=1&est=1668902504458&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1668902506490&vi=1668902504457&ri=890e08de57776ef2514ad507bb1b9efa&ref=null&cv=20221113-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 20 Nov 2022 00:01:46 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
live-visitor-counts.herokuapp.com/lvc/register
3.210.192.5200 OK 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP 3.210.192.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 194
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://cdn.useproof.com
Vary: Origin
Date: Sun, 20 Nov 2022 00:01:46 GMT
Content-Length: 0
Via: 1.1 vegur
rp.liadm.com/j?dtstmp=1668902504930&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gj95ehq295866sfxtv7j34ef&tna=v2.5.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
3.225.228.120302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1668902504930&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gj95ehq295866sfxtv7j34ef&tna=v2.5.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4
IP 3.225.228.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1668902504930&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gj95ehq295866sfxtv7j34ef&tna=v2.5.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4 HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:46 GMT
content-length: 0
trace-id: 740fa85bdab139cd
vary: Origin
location: /j?dtstmp=1668902504930&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gj95ehq295866sfxtv7j34ef&tna=v2.5.1&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGxpbmUtaGVpZ2h0OiA2NHB4OyI-PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTogNjBweDsgY29sb3I6IHJnYigyMDEsIDI0NSwgMjU1KTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhLCBzYW5zLXNlcmlmOyBmb250LXdlaWdodDogNDAwOyBmb250LXN0eWxlOiBub3JtYWw7Ij48c3Ryb25nPjMwLVNlY29uZCAiQm9uZSBvbiBCb25lIiBUcmljayBmb3IgR3JlYXNpbmcgWW91ciBLbmVlcywgSGlwcywgRWxib3dzICZhbXA7IEJhY2s8L3N0cm9uZz48L3NwYW4-PC9oMT4&n3pc=true
set-cookie: lidid=cb4e581e-4760-4baf-a066-e78317f2b92e; Max-Age=63072000; Expires=Tue, 19 Nov 2024 00:01:46 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 170ed5a656d7b74969bcdafa6f183480
debc50470ac95ce3eaaa6567e7cff9613f5ba368
da23ece9c0f2a948b66be9004ef630de8e737bdd985f3625ade6f13f6ebaf745
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4606
Cache-Control: max-age=105693
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "63785649-1d7"
Expires: Mon, 21 Nov 2022 05:23:19 GMT
Last-Modified: Sat, 19 Nov 2022 04:06:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:46 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1668902506709;Expires=Thu, 19 Jan 2023 00:01:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=ee5040a1-6b1e-4be4-9fa2-69d3287c3e74;Expires=Thu, 19 Jan 2023 00:01:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 170ed5a656d7b74969bcdafa6f183480
debc50470ac95ce3eaaa6567e7cff9613f5ba368
da23ece9c0f2a948b66be9004ef630de8e737bdd985f3625ade6f13f6ebaf745
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 00:01:46 GMT
Last-Modified: Sat, 19 Nov 2022 22:51:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
a.clickcertain.com/px/r/?ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
104.26.9.50302 Found 13 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
IP 104.26.9.50:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /px/r/?ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&cn=NO
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:46 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:46 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-wg6g8:cc-nginx-6c897bf986-wg6g8
x-requestid: aceeac03-153d-4f61-ba09-7fae59781e96
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tth3jJpRstyZ9XMJO0GsX0KhCsRSrMhsUxkvDiv82jmaJ2V9CE6Jv104jcSBogdhAZ0qTKkKD3FExs67goO7%2FzUKM8zFxpmoaABYStNsV05%2BbZTSy%2BeiarQF0Yxs3eb4bpQ5Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b9283ab50c-OSL
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive/check?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:46 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1668902506759;Expires=Thu, 19 Jan 2023 00:01:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=0ca29f0d-14cf-43b5-889d-fecbbdfa4069;Expires=Thu, 19 Jan 2023 00:01:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Thu, 19 Jan 2023 00:01:46 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=0ca29f0d-14cf-43b5-889d-fecbbdfa4069
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?done=true&ta_id=0ca29f0d-14cf-43b5-889d-fecbbdfa4069
104.26.9.50204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=0ca29f0d-14cf-43b5-889d-fecbbdfa4069
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=0ca29f0d-14cf-43b5-889d-fecbbdfa4069 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 00:01:46 GMT
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:46 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-h576m:cc-nginx-6c897bf986-h576m
x-requestid: 275153f4-04ba-477c-917e-41ebbef537a3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r67M%2BNqUm97xq8XseqVqYkC5cZUMAJwnB%2F5vHoi7lUP9bpBqc%2BTz9JgccazdMrcToHvtRkqlFkqX7MRFOXLqwPrxRcOIJAI5JC5NmGlwcvXmhJ1ioekhee%2FycHPCMBivxLxRAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9bb6a1db50c-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 5c91f155e753240990d2579dfd11525f
0caf0e6b4dad8cb43bfd932b3dc573c785dfb713
7b6a421fbb3521aed4b51a28003fafc98c54f62194151e5fd2439285c05d3a45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171071
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "6379671f-1d7"
Expires: Mon, 21 Nov 2022 23:32:57 GMT
Last-Modified: Sat, 19 Nov 2022 23:30:39 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JaE17SdQ99PVxyrzSJY6y1LQnztQEmwS5VspIYVL7vskJ77sCSW43w==
Age: 138
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash cbe7ae786f4c7688059f1ea88bed94a3
cab3cc1657bbe596ab76f5cc174e5dd0cf4502e1
2f6fdb203ce480421278af9e3c5e3079a168474a4912982b0522215a1ced82b0
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118023
Date: Sun, 20 Nov 2022 00:01:46 GMT
Etag: "6378820e-1d7"
Expires: Mon, 21 Nov 2022 08:48:49 GMT
Last-Modified: Sat, 19 Nov 2022 07:13:18 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v1dgonYsTYqeL_jqqvkGJoILsSXkHb1ELJuYhbKyy_LoJSRHLm0q6A==
Age: 5731
i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID
44.199.73.19303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID
IP 44.199.73.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sun, 20 Nov 2022 00:01:47 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&_li_chk=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&previous_uuid=4a8b61efe5514153b7df7d8a5d4c7db2
Set-Cookie: lidid=4a8b61ef-e551-4153-b7df-7d8a5d4c7db2; Max-Age=63072000; Expires=Tue, 19 Nov 2024 00:01:47 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&_li_chk=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&previous_uuid=4a8b61efe5514153b7df7d8a5d4c7db2
44.199.73.19303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&_li_chk=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&previous_uuid=4a8b61efe5514153b7df7d8a5d4c7db2
IP 44.199.73.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dbb1993b8%25252dfc73%25252d4b99%25252d86e0%25252d1a737cfc5cf4%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&_li_chk=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&previous_uuid=4a8b61efe5514153b7df7d8a5d4c7db2 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sun, 20 Nov 2022 00:01:47 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253dbb1993b8%252dfc73%252d4b99%252d86e0%252d1a737cfc5cf4%2526anx_uId%253d%2524UID&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
Set-Cookie: _li_ss=MgYIkgEQ0xM; Max-Age=2592000; Expires=Tue, 20 Dec 2022 00:01:47 GMT; SameSite=None; Path=/s; Secure
lidid=b638f2c6-0b0f-4346-83fd-224e3c80ab2a; Max-Age=63072000; Expires=Tue, 19 Nov 2024 00:01:47 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 2
Strict-Transport-Security: max-age=31536000; includeSubDomains
a.browserspeed.support/cs?puid=f2e26e6b-2a59-5c58-8c08-96adb99a479d&pid=lc
52.34.232.110302 Found 24 B URL HTTP/2 a.browserspeed.support/cs?puid=f2e26e6b-2a59-5c58-8c08-96adb99a479d&pid=lc
IP 52.34.232.110:0
File type HTML document, ASCII text
Hash cd5fa747861f510d1d45ab9dc80a16a0
90d910869fbe5e0f79b7f7e58f59f5303f46ad78
5bdd19de1ad3c04f1a88334882b16565cef8ac274902e671a72ebebdb35c697c
GET /cs?puid=f2e26e6b-2a59-5c58-8c08-96adb99a479d&pid=lc HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
date: Sun, 20 Nov 2022 00:01:47 GMT
content-type: text/html; charset=utf-8
content-length: 24
location: https://a.browserspeed.support/
set-cookie: tuid=0e220b7a-7fdf-4063-9796-148223d60c51; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
172.67.169.176200 OK 135 B URL HTTP/2 api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
IP 172.67.169.176:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 09bb20bd6492433aeefd6e0bc58d2535
87bde4e112d461ccaba288f695eeee602b18c87e
2bb51a241e778ff0916e4feda43afe9dbb1567568d5a7150d526a13bb52bc26a
GET /pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942 HTTP/1.1
Host: api.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:45 GMT
content-type: application/json; charset=utf-8
x-amzn-requestid: 8a557959-c172-4c93-84ef-4b2a4658cbf7
access-control-allow-origin: *
surrogate-control: no-store
x-amzn-remapped-content-length: 178
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: b34wgFb0oAMF2Vg=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
pragma: no-cache
x-amzn-remapped-date: Sun, 20 Nov 2022 00:01:45 GMT
x-cache: Miss from cloudfront
via: 1.1 37485b4aa4feacfc1ca26cfa4163e76a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P2
x-amz-cf-id: hhXExfaNNqaYTXO11fw_O15Uqpivoa5Rt9Xkf9sCRy5-RiJiSTUEVw==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIIZvMXbEBaHSjRR7rZ%2BVLJCEjQYJRkSmN9SlwEd4tCDrXb4L61KxVgiFg4Uy2dqzmxFqAmk%2F9TUTOVYNmvBb65JPaq4VPJzKZdvjaemYxEJtA6t78HND73GGkJhZkVqGky1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b0d853b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.browserspeed.support/
52.34.232.110200 OK 4 B IP 52.34.232.110:0
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: tuid=0e220b7a-7fdf-4063-9796-148223d60c51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: awselb/2.0
date: Sun, 20 Nov 2022 00:01:47 GMT
content-type: application/json; charset=utf-8
content-length: 4
set-cookie: tuid=0e220b7a-7fdf-4063-9796-148223d60c51; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dbb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4%26anx_uId%3d%24UID
142.250.74.130302 Found 509 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dbb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4%26anx_uId%3d%24UID
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (332), with CRLF, LF line terminators
Hash 53a8e6ca6747db6a6128d8861e7bc85d
f54ee91f3be1d4774b54c8b516b00a7ac6d43907
6ca6391378743fc784f85e86d5120b8a56313805bef218b0fdd8fa1088654ec5
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dbb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4%26anx_uId%3d%24UID HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_tc=
date: Sun, 20 Nov 2022 00:01:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 509
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 00:16:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_tc=
142.250.74.130302 Found 455 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 70467e972e103507badd49d0f590f0d0
aabf5f63badc773c87b84faac2b0ad964248abe6
d9e3413afd4601c07756e0541b5d2900d4bccf39018978772927db3329bd164a
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_error=3
date: Sun, 20 Nov 2022 00:01:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_error=3
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_error=3
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8%2Dfc73%2D4b99%2D86e0%2D1a737cfc5cf4%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:47 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&anx_uId=$UID
x-frontend: cc-nginx-6c897bf986-ncrdk:cc-nginx-6c897bf986-ncrdk
x-requestid: 03f33822-f053-4438-9b50-c6aee1208cd6
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXs0lA7GNMslqmiQOtKP2Ev%2FId%2F41qI64bllpPkqffgsIxJu6zsAmvqFgR%2FN9Hxc5MmWcktAAip5v4DFSRBHjpS7P%2F6XjF%2BpH3dg1Zrq6dBScwkGOvkZiujl%2B6RIWTOh3uN6GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9c04dd4b50c-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8-fc73-4b99-86e0-1a737cfc5cf4%26anx_uId%3D%24UID
185.89.210.101302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8-fc73-4b99-86e0-1a737cfc5cf4%26anx_uId%3D%24UID
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dbb1993b8-fc73-4b99-86e0-1a737cfc5cf4%26anx_uId%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 20 Nov 2022 00:01:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&anx_uId=0
AN-X-Request-Uuid: d94332ac-dcd5-455b-8647-2df796faec48
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253dbb1993b8%252dfc73%252d4b99%252d86e0%252d1a737cfc5cf4%2526anx_uId%253d%2524UID&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
104.26.9.50302 Found 471 B URL HTTP/2 a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253dbb1993b8%252dfc73%252d4b99%252d86e0%252d1a737cfc5cf4%2526anx_uId%253d%2524UID&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
IP 104.26.9.50:0
Hash 306f418448d9386973e8cba677ee3cdf
f342b95b8fc1eceff87ed077f7b0b989b845f07c
346557785638bf307a869139a386b7cac91eed4b900848150312ea3a296b3699
GET /px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253dbb1993b8%252dfc73%252d4b99%252d86e0%252d1a737cfc5cf4%2526anx_uId%253d%2524UID&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:47 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dbb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4%26anx_uId%3d%24UID
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:47 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-wg6g8:cc-nginx-6c897bf986-wg6g8
x-requestid: 10b3fc98-f8d4-4666-a024-52d6cab9d85b
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4G%2FHgcm8m8Sq4reWvT11Y7DOwV1FtaIyEXJcjRj5xI%2B6uj6EGyhDAE8i4Yp%2FkAVVfU%2B8NC8DuMDgnRxfPCh6BMHMmodmDOTM5dOCMjx16DzQTfDydDnJB0hWovLM%2BdwVbdqow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9bebca0b50c-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0
18.195.183.89302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0
IP 18.195.183.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:48 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=804949f8-e818-47dc-8502-223243f0efde; path=/; expires=Mon, 20-Nov-2023 00:01:48 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668902508; path=/; expires=Mon, 20-Nov-2023 00:01:48 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668902508; path=/; expires=Mon, 20-Nov-2023 00:01:48 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668902508; path=/; expires=Mon, 20-Nov-2023 00:01:48 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0
18.195.183.89200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0
IP 18.195.183.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:48 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/playPauseLoadingControl.js
151.101.86.110200 OK 16 kB URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (60125), with no line terminators
Hash 7264d7b49eb6dc6eef062a9511cfd32e
d6724f77d675d740c895a283e4b8e3dbdd1719d5
6cca15bd7bbece1644b8b31db564da9659fa85f73ea22b814cb831cf0113a4e3
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-3e59"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:48 GMT
age: 2611
x-served-by: cache-iad-kcgs7200113-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 35
x-timer: S1668902508.400341,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 15961
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 3639992680507714
date: Sun, 20 Nov 2022 00:01:48 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1668902508.8a25e2da
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
44.207.227.229200 OK 0 B IP 44.207.227.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 741
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://pages.upwellness.com
Date: Sun, 20 Nov 2022 00:01:48 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 894802d88df968039fc3bea13a8d28e9
b162aefe5ddd08b4445f99e5d3f65400277dd12b
b1581a63ceca2384dd4ce27a962008cc5f2356683c1f9b787c1262c8d86ddc7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123113
Date: Sun, 20 Nov 2022 00:01:48 GMT
Etag: "637896fe-1d7"
Expires: Mon, 21 Nov 2022 10:13:41 GMT
Last-Modified: Sat, 19 Nov 2022 08:42:38 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SxALFW2ytxfC2fkpocFZV_ponzvetiuNLkxbpLiINQavxGLattKQGA==
Age: 5463
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 894802d88df968039fc3bea13a8d28e9
b162aefe5ddd08b4445f99e5d3f65400277dd12b
b1581a63ceca2384dd4ce27a962008cc5f2356683c1f9b787c1262c8d86ddc7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123082
Date: Sun, 20 Nov 2022 00:01:48 GMT
Etag: "637896fe-1d7"
Expires: Mon, 21 Nov 2022 10:13:10 GMT
Last-Modified: Sat, 19 Nov 2022 08:42:38 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C54Bhi9yWyUktk-0WjcOmWbdxTUOjAWI6Q1058c-pE3Dd4QgD9_B6Q==
Age: 5433
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 894802d88df968039fc3bea13a8d28e9
b162aefe5ddd08b4445f99e5d3f65400277dd12b
b1581a63ceca2384dd4ce27a962008cc5f2356683c1f9b787c1262c8d86ddc7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 20 Nov 2022 00:01:48 GMT
Last-Modified: Sat, 19 Nov 2022 22:43:48 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O5WCJxeZnkdJ9J7sbQwI6f2EFXiWzRfUr4HX10bRcLC5UqkEHuvLmA==
Age: 4680
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 894802d88df968039fc3bea13a8d28e9
b162aefe5ddd08b4445f99e5d3f65400277dd12b
b1581a63ceca2384dd4ce27a962008cc5f2356683c1f9b787c1262c8d86ddc7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 20 Nov 2022 00:01:48 GMT
Last-Modified: Sat, 19 Nov 2022 22:19:12 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d-A0JijfXzrwmQV8KfAzcN54OsVR8KGW0YoqkC_YDWPQcE8vgyuDmQ==
Age: 6156
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800
52.46.128.147302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800
IP 52.46.128.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 20 Nov 2022 00:01:48 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: WJZ09ZY0S017NDX4QCR9
Set-Cookie: ad-id=A8OvUAvVFU2Vo6LV9OJP5Cc|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 00:01:48 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
fast.wistia.com/assets/external/allIntegrations.js
151.101.86.110200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (21637), with no line terminators
Hash 98d8f1350f159ef9d630464f2677623c
ee33382759ec18abebe452fb065599627d729114
0bcc59bc6540d08234fceefb99483c915ced9406d7b30173817cb18553c462b3
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-15f7"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 20 Nov 2022 00:01:48 GMT
age: 2612
x-served-by: cache-iad-kiad7000146-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 51, 13
x-timer: S1668902509.813830,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 5623
X-Firefox-Spdy: h2
distillery.wistia.com/x
35.168.54.198204 No Content 0 B IP 35.168.54.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1566
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 00:01:48 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
distillery.wistia.com/x
35.168.54.198204 No Content 0 B IP 35.168.54.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1562
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 00:01:48 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 894802d88df968039fc3bea13a8d28e9
b162aefe5ddd08b4445f99e5d3f65400277dd12b
b1581a63ceca2384dd4ce27a962008cc5f2356683c1f9b787c1262c8d86ddc7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120779
Date: Sun, 20 Nov 2022 00:01:48 GMT
Etag: "637896fe-1d7"
Expires: Mon, 21 Nov 2022 09:34:47 GMT
Last-Modified: Sat, 19 Nov 2022 08:42:38 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2bMq4aRnxaAnc8yxBmwRq9o1u7m3f8ty7UDg7AxjqjTnmo2R-i4mfQ==
Age: 3129
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800&dcc=t
52.46.128.147200 OK 65 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800&dcc=t
IP 52.46.128.147:0
File type HTML document, ASCII text
Hash 22fdf49482d8200e8f305bbe262eff14
f254bd4053267c2cf46675613e689016d8b7f775
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=456888466965772800&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 20 Nov 2022 00:01:48 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: NV6FV79JRXMK1ZQZXMJ0
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
distillery.wistia.com/x
35.168.54.198204 No Content 0 B IP 35.168.54.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1456
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 20 Nov 2022 00:01:48 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
pipedream.wistia.com/mput?topic=metrics
54.165.194.153200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP 54.165.194.153:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:48 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
pipedream.wistia.com/mput?topic=metrics
54.165.194.153200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP 54.165.194.153:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 18187
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:48 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
pipedream.wistia.com/mput?topic=metrics
54.165.194.153200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP 54.165.194.153:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:48 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=5029&scd=75&ssd=1&est=1668902504458&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1668902509492&vi=1668902504457&ri=890e08de57776ef2514ad507bb1b9efa&ref=null&cv=20221113-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=5029&scd=75&ssd=1&est=1668902504458&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1668902509492&vi=1668902504457&ri=890e08de57776ef2514ad507bb1b9efa&ref=null&cv=20221113-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=5029&scd=75&ssd=1&est=1668902504458&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1668902509492&vi=1668902504457&ri=890e08de57776ef2514ad507bb1b9efa&ref=null&cv=20221113-4-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-grplus-vsl01-aff%2F%3Foffer%3D2%26session_id%3D1024bec6867e81546bae923048842d%26n%3Dtune%26AFFID%3D477232%26subid%3D55_1942 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 20 Nov 2022 00:01:49 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-458254939
142.250.74.168200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-458254939
IP 142.250.74.168:0
GET /gtag/js?id=AW-458254939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Nov 2022 00:01:42 GMT
expires: Sun, 20 Nov 2022 00:01:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 0 B IP 188.125.94.204:0
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dUlUNqGrZ5rMQ+B8ulYOhp8iBwhNdErTrMu3RRkwlon+ymiJHLOUNsTBxPw2QZy9wY0grxQJMH4=
x-amz-request-id: A8ERB5K383QYTAJ7
date: Sat, 19 Nov 2022 23:12:47 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2938
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&cn=NO
104.26.9.50200 OK 0 B URL HTTP/2 a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&cn=NO
IP 104.26.9.50:0
GET /px/cont/?c=24a3d6f0fe7dd9c&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&cn=NO HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:46 GMT
content-type: text/html
etag: W/"YmIxOTkzYjhnZmM3M2c0Yjk5Zzg2ZTBnMWE3MzdjZmM1Y2Y0LXow"
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:46 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-86nf6:cc-nginx-6c897bf986-86nf6
x-requestid: c88b9a78-458f-4795-8f01-ae5e9ddd94a6
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5r7bDUiwBxVQi9KJV3QXHTJDS61sQSwJoBmzeLXQ4x%2BxGXx5byEaRoKb5ORdeMCSUwXL5toKLRPxHlLimFCy1zFY89CWZ5vpVKcueluVpvWRDXyk94zSrTu11nTWqfi4QJWEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b82f55b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/ta/?ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4
IP 104.26.9.50:0
GET /px/ta/?ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&cn=NO
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:46 GMT
content-type: text/html
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:46 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-wpzn6:cc-nginx-6c897bf986-wpzn6
x-requestid: 8a0fe08c-6746-48fc-9b24-951df454c994
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROQfB87SX9y054l9JxhlwiGS%2F4zhAWi3I0%2BRgcKZ9t5HaNVcxKkCLfNVzFjRvWzOvP165zGMQFGvuXa3uxmCOxId167vnzqHQxuRo0LoObVVdWBQI9DYVcSRcQAkLaXo5%2Bgg7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b9182fb50c-OSL
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
52.215.128.208200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
IP 52.215.128.208:0
POST /api/v2/client/sites/795540/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://pages.upwellness.com
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:46 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
151.101.85.131200 OK 0 B URL HTTP/2 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
IP 151.101.85.131:0
GET / HTTP/1.1
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
x-amz-apigw-id: b34wIFu_DoEFbyg=
x-amz-cf-pop: ARN56-P2
x-backend-region: eu_west_1
date: Sun, 20 Nov 2022 00:01:43 GMT
age: 0
x-cache: Miss from cloudfront, MISS
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
vary: Accept-Encoding, Referer
etag: W/c1a25e1d6816d6d62e7914c952b1818c-v0.179.2
content-encoding: br
accept-ranges: none
X-Firefox-Spdy: h2
b-code.liadm.com/a-057g.min.js
54.230.111.91200 OK 0 B URL HTTP/2 b-code.liadm.com/a-057g.min.js
IP 54.230.111.91:0
GET /a-057g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 19 Nov 2022 06:40:55 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n5wcW3GzOAgLaWs94ANxUeZ5tmr8hCGMuCOqB18TKgWhlYyfCGtkxQ==
age: 62449
X-Firefox-Spdy: h2
analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252250640ec9-6df6-4a6c-b58d-930805af70d3%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D1024bec6867e81546bae923048842d%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_1942%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D1024bec6867e81546bae923048842d%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_1942%2522%257D
172.67.180.171200 OK 0 B URL HTTP/2 analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252250640ec9-6df6-4a6c-b58d-930805af70d3%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D1024bec6867e81546bae923048842d%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_1942%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D1024bec6867e81546bae923048842d%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_1942%2522%257D
IP 172.67.180.171:0
GET /track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252250640ec9-6df6-4a6c-b58d-930805af70d3%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D1024bec6867e81546bae923048842d%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_1942%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-grplus-vsl01-aff%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-grplus-vsl01-aff%252F%253Foffer%253D2%2526session_id%253D1024bec6867e81546bae923048842d%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D55_1942%2522%257D HTTP/1.1
Host: analytics.proofapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 20 Nov 2022 00:01:46 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
etag: W/"3f-JJ3vLZ7F9Ogvq/KTIrwbG3kWbVQ"
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1CDHPln8hLyL2GwU7mddoSexISYAmcNiXd0o4mDl9pMKui%2BGw5L5UJdUxdsVwKp955UIQSRdHLnTu3yrDQVf0cQcWbGyoSnCxRfdFUDcJdqlNdlnhKug2V8lpyfypRAsCG2C3k4DTVf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9b88b9f1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&anx_uId=0
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&anx_uId=0
IP 104.26.9.50:0
GET /px/img/bidswitch/?done=true&ccid=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 20 Nov 2022 00:01:48 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=bb1993b8-fc73-4b99-86e0-1a737cfc5cf4&expires=5&user_group=0
set-cookie: _ccpx_u=bb1993b8%2dfc73%2d4b99%2d86e0%2d1a737cfc5cf4; Expires=Mon, 20 Nov 2023 00:01:48 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-6c897bf986-66rhr:cc-nginx-6c897bf986-66rhr
x-requestid: 48f7b346-e6a0-4de0-b502-2d4213bb1182
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ9GKxzmbnkLHioz1qIkW4rUKFasgWR4Li9VO7ZmjuP7OoHpe0hujwQY7HrQHsBaYp%2BvHAHdWUSQQur9FYzqfgUhzSGYIIwMMtpxK%2Fo5XKAAiI5FT3IN0Rz7aVL8YQkcxoB3SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cce9c25f55b50c-OSL
X-Firefox-Spdy: h2