pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102dcdcd5191696cc12aa05ae1bca8&n=tune&cid=2_dmtbwinflammquiz112222&mid=2_dmtbwinflammquiz112222&AFFID=477232&subid=2_dmtbwinflammquiz112222&partner_id=2
3.126.202.50200 OK 16 kB URL HTTP/1.1 pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102dcdcd5191696cc12aa05ae1bca8&n=tune&cid=2_dmtbwinflammquiz112222&mid=2_dmtbwinflammquiz112222&AFFID=477232&subid=2_dmtbwinflammquiz112222&partner_id=2
IP 3.126.202.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16939), with CRLF, LF line terminators
Hash 54f4abf688127e8cb6a4dcb1769e71fc
ee8b724c936ebdf94b6e7e4f518c6e5832430cba
c3a91e3af8a679533e4fcd7672dc59b84c2e568026f8a9efd086dfd1aeabce69
GET /inflammation-quiz/?offer=77&session_id=102dcdcd5191696cc12aa05ae1bca8&n=tune&cid=2_dmtbwinflammquiz112222&mid=2_dmtbwinflammquiz112222&AFFID=477232&subid=2_dmtbwinflammquiz112222&partner_id=2 HTTP/1.1
Host: pages.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 01:01:07 GMT
content-type: text/html; charset=utf-8
content-length: 15602
set-cookie: ubvs=5412132f-a800-4515-b8d1-72819caf44cc; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=5412132f-a800-4515-b8d1-72819caf44cc; Max-Age=259200; Domain=upwellness.com; Path=/; SameSite=Lax
ubpv=ac%2Cce51cc0b-0e94-443c-a27a-24c78d18f232; Max-Age=15897600; Path=/inflammation-quiz/; SameSite=Lax
content-location: http://pages.upwellness.com/inflammation-quiz/
etag: "ac:5412132fa8004515b8d172819caf44cc"
link: <http://pages.upwellness.com/inflammation-quiz/>; rel="canonical"
x-unbounce-pageid: ce51cc0b-0e94-443c-a27a-24c78d18f232
x-unbounce-variant: ac
x-unbounce-visitorid: 5412132f-a800-4515-b8d1-72819caf44cc
content-encoding: gzip
x-proxy-backend: page-server
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Wed, 23 Nov 2022 02:32:24 GMT
Date: Wed, 23 Nov 2022 01:01:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5121
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Last-Modified: Tue, 22 Nov 2022 23:35:46 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8559
Expires: Wed, 23 Nov 2022 03:23:46 GMT
Date: Wed, 23 Nov 2022 01:01:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 00:09:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3103
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fZGaoWlcLEYXgPVN/o/UNlFSUS4XPg4g/fpNYdRD/W1UsHq9golOkY0YY33WsT5UMfYHl6Sk8zY=
x-amz-request-id: W7BP4AD7SXHKR2SK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 00:42:47 GMT
age: 1100
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.14200 OK 2.9 kB URL HTTP/1.1 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.14:0
File type ASCII text, with very long lines (15017)
Hash 4458a4d76a70cb207bcc34d6bc6f872f
f484b0b1737f7de59ca699e6cc3169d234e8f6a8
0825f8972704bc1b84e30170cd77f5ecde2d6a7dbf9e43be96c6809c2c5228d7
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2902
Connection: keep-alive
Date: Tue, 30 Aug 2022 02:28:13 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:32 GMT
ETag: "4458a4d76a70cb207bcc34d6bc6f872f"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tz_dpf4aH9z_nKrHs0TFSepcZGL-GO2uXLX0iE1Y1EAN68gN6CbHDQ==
Age: 7338775
builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
54.230.111.14200 OK 2.0 kB URL HTTP/1.1 builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
IP 54.230.111.14:0
File type ASCII text, with very long lines (6270), with no line terminators
Hash 758360a4c8250a0350ab8677cac77c18
7746bff27c8dcbe68388596c1c8365a420df5b37
c0b2abade08b928af1b95e2d2be51df4325bb68bbaa435252e0105ffb0ddca83
GET /published-js/jquery-shims.bundle-aa41391.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1991
Connection: keep-alive
Date: Thu, 01 Sep 2022 01:20:53 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:26 GMT
ETag: "758360a4c8250a0350ab8677cac77c18"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: sk.555KwUlgsW126duQj1Mt5wNtK5cRV
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DuGE0XmoPeB7yb4_nctt8pyPcgWY5E5j45LV0bmaMzoK062Lgufmzw==
Age: 7170015
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 01:01:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f073a33d71d52349767f39cdbbd9105c
e4759753e014bf5b7e6b340bb8e527e62d92bdb8
abcabd97ff0ee052e370ad0f0f45e5fcac591fc2d7b81d1dcf6158cbf3d79965
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5518
Cache-Control: max-age=167157
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Etag: "637d453a-116"
Expires: Thu, 24 Nov 2022 23:27:04 GMT
Last-Modified: Tue, 22 Nov 2022 21:55:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
172.67.169.176200 OK 498 kB URL HTTP/2 cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
IP 172.67.169.176:0
File type Unicode text, UTF-8 text, with very long lines (60034), with no line terminators
Size 498 kB (497733 bytes)
Hash 0426397a9b31146729ac86c5be8595d3
953342b7defc23d1c552eba63f42bb915aae90f3
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
GET /proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1 HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:07 GMT
content-type: application/javascript
content-length: 497733
x-amz-id-2: XfamGhBMjZBo/sWrg3mxYdwUMUL0rpYArqF2RUd2t+2nxyqUognVNx+1xnHz8Eg7hGncdCbH6WA=
x-amz-request-id: RVX6E6XRK17ASENB
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "0426397a9b31146729ac86c5be8595d3"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
age: 50012066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcc8kp2zrhsoBD7UvdvDkdiuZKjtGN5nICws8U6e4zWAzjJizgEtR2jtXKVOdFfrfHcvzZFDeg1EXdxGEdZMOYep%2FJy4OL%2BK5KmgnEjlMQXmyGMyrh6bmItZRqxTEerPrvnf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e5f8cbd9ceb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-624541243
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-624541243
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b0fcdeb337a474d5554b1e7d05fe4370
a74683851b290dee0c8a6b371d94510e6fbe6752
69e52e636f87ad1b6d76f3c251a36d0e3a11a819cb27085683e67669d9302b1b
GET /gtag/js?id=AW-624541243 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 01:01:07 GMT
expires: Wed, 23 Nov 2022 01:01:07 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-10838597190
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10838597190
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 6bd3ae2fbbf166801e99ac5521678eaf
a3bcc7d54b3cca37f516e9020533e77dbb4bf03f
f8514d3378161e1abb5942e24c8f4c69342592fca5ba54e8258b79b662c868c3
GET /gtag/js?id=AW-10838597190 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 01:01:07 GMT
expires: Wed, 23 Nov 2022 01:01:07 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
151.101.85.131200 OK 12 kB URL HTTP/1.1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
IP 151.101.85.131:0
File type ASCII text, with very long lines (11879), with no line terminators
Hash b08aad2ef1dfef1576d4cbddd3ddd8fd
25e799f9b661b4cb2bd3c8c70455d1c928caa2d7
af8e0cdb45f6d957d59370dd3bbc96e2b3808be1c264569338784e4010d3ae10
GET / HTTP/1.1
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: application/json
x-amz-apigw-id: cB6RIFLWjoEFrdA=
X-Amz-Cf-Pop: ARN56-P2
X-Backend-Region: eu_west_1
Date: Wed, 23 Nov 2022 01:01:07 GMT
Age: 0
X-Cache: Miss from cloudfront, MISS
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, must-revalidate
Vary: Accept-Encoding, Referer
ETag: c1a25e1d6816d6d62e7914c952b1818c-v0.179.2
transfer-encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fedf02e02822f274551679adbe9f25fe
c7c7d2af70819668e8d7f508c1a5c372b83a903d
0a5fb597e01a3320f2fe2ab2be224712bb09b9169530cc5adacd2d17a3db807d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A5FB597E01A3320F2FE2AB2BE224712BB09B9169530CC5ADACD2D17A3DB807D"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 23 Nov 2022 03:40:28 GMT
Date: Wed, 23 Nov 2022 01:01:07 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=AW-458254939
142.250.74.168200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-458254939
IP 142.250.74.168:0
File type ASCII text, with very long lines (7857)
Hash 8ccba79b954b4a6ea0c494d4acc3f5c6
c5e16c5825b64599550efd9153917ea2e0414407
e7da3d67cf64de3fd222233dee3594cdb216e3a5ba6df856c48e4d816d839f16
GET /gtag/js?id=AW-458254939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 01:01:07 GMT
expires: Wed, 23 Nov 2022 01:01:07 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71606
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 753477ed3266064347eede3f9180e2ac
036099020a988b15f1392c7fd3e4d9d919cc29de
31e19818169a6317c288131fadf40bd671aa7acfc5559943b6dde9e3681d4b52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31E19818169A6317C288131FADF40BD671AA7ACFC5559943B6DDE9E3681D4B52"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12440
Expires: Wed, 23 Nov 2022 04:28:27 GMT
Date: Wed, 23 Nov 2022 01:01:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 753477ed3266064347eede3f9180e2ac
036099020a988b15f1392c7fd3e4d9d919cc29de
31e19818169a6317c288131fadf40bd671aa7acfc5559943b6dde9e3681d4b52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31E19818169A6317C288131FADF40BD671AA7ACFC5559943B6DDE9E3681D4B52"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Wed, 23 Nov 2022 03:56:00 GMT
Date: Wed, 23 Nov 2022 01:01:07 GMT
Connection: keep-alive
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
52.5.162.24200 OK 744 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
IP 52.5.162.24:0
File type ASCII text, with CRLF line terminators
Hash 3110f39a7f2fe9edef25454e9b7a57c2
273c540727af9f5f57cf7f0164d8eb43c56c1b71
b6591997ffdba5b81c1af7fa96a8f6cf26597eb4046d64f91301eb1000a54853
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 744
set-cookie: AWSALB=f+3YSRMmy+VrxjmPiXzEGk5tIgyGbM8PJP8vSLbU50EkPo+TUoHAyrYAhOIvNsVONaTHUS1iRYye3RsHteSwCvtNaXh2RrZm5YFq3VmxwZmloOfjFVc71LpQzYsL; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/
AWSALBCORS=f+3YSRMmy+VrxjmPiXzEGk5tIgyGbM8PJP8vSLbU50EkPo+TUoHAyrYAhOIvNsVONaTHUS1iRYye3RsHteSwCvtNaXh2RrZm5YFq3VmxwZmloOfjFVc71LpQzYsL; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
52.5.162.24200 OK 251 B URL HTTP/2 store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
IP 52.5.162.24:0
File type ASCII text, with CRLF line terminators
Hash e6735c6f608ee64c784286185e5ec194
fc90f684a019712ed8bba84418bd7aee5e691bb9
5a74dbf85d18206e84e65be38b869a0a2cc8bc71ac8adeb26321ccc5ef1411e2
GET /cgi-bin/UCInvisibleLink?merchantId=UPWEL HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 251
set-cookie: AWSALB=gfj2sw2ZpAIUJPTJlhKDqqwiDok/dIm3yTxf4vi4kc85oLCj3wCI+m1TBzgy5D2znaQshth+JQBlKNK3NTbHh0edYlgbdDbc7nvA5JcpD5xirvrkei/4LAsRme8I; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/
AWSALBCORS=gfj2sw2ZpAIUJPTJlhKDqqwiDok/dIm3yTxf4vi4kc85oLCj3wCI+m1TBzgy5D2znaQshth+JQBlKNK3NTbHh0edYlgbdDbc7nvA5JcpD5xirvrkei/4LAsRme8I; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-862759327
142.250.74.168200 OK 471 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-862759327
IP 142.250.74.168:0
Hash 3c029cebb14c176cd39575f107ecf80f
0c9d0610deeb424136273f065c2ef5d9a885ba2b
6373ccf2914e3bf71b24f281fbe4e114839878ee3949d3cf7dbceb3aed345ab3
GET /gtag/js?id=AW-862759327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 01:01:07 GMT
expires: Wed, 23 Nov 2022 01:01:07 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 00:11:10 GMT
cache-control: public,max-age=3600
age: 2998
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6391
Cache-Control: max-age=121938
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:08 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:53:26 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=http%3A//pages.upwellness.com/inflammation-quiz/%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
52.5.162.24200 OK 150 B URL HTTP/1.1 store.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=http%3A//pages.upwellness.com/inflammation-quiz/%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
IP 52.5.162.24:0
File type ASCII text, with CRLF, LF line terminators
Hash 7ed37b7946709e7778505d4d7af0f676
32c013e9b17ab4edd20c7bad0cda3a69d76b60de
b6ab278d3ed9a5287f1087a22f37d80e7a23bd582eb25a060a951e5f7eab9afc
GET /affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=http%3A//pages.upwellness.com/inflammation-quiz/%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Cookie: ubvt=5412132f-a800-4515-b8d1-72819caf44cc
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 01:01:08 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 150
Connection: keep-alive
Set-Cookie: AWSALB=BsmT839h3tpHk81xADqpbqd9Tp5U6pis6WMgvrXybWTvSt4TRjNn/fKIfEzr8OVEOVjbG11IKfmJScMOMBgulYKKpBlRmmLsqjXnGPXVHnnChPE0Up4JdkpqlrOO; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/
AWSALBCORS=BsmT839h3tpHk81xADqpbqd9Tp5U6pis6WMgvrXybWTvSt4TRjNn/fKIfEzr8OVEOVjbG11IKfmJScMOMBgulYKKpBlRmmLsqjXnGPXVHnnChPE0Up4JdkpqlrOO; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/; SameSite=None
UltraCartShoppingCartID=621B859F6529EC0184A200BD97205B00;Version=0;Path=/;Domain=.upwellness.com
ucacid=1632467514.022707;Version=0;Path=/;Domain=.upwellness.com;Max-Age=315360000
ucacid=1632467514.022707;Version=0;Path=/;Domain=store.upwellness.com;Max-Age=315360000
JSESSIONID=abctwF5E4X_A8p8ffJTVh; path=/; HttpOnly
LBJSESSIONID=abctwF5E4X_A8p8ffJTVh.n225; path=/; HttpOnly
Server: Apache
X-Content-Type-Options: nosniff
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary: Accept-Encoding
Content-Encoding: gzip
lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
52.218.243.161200 OK 28 kB URL HTTP/1.1 lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
IP 52.218.243.161:0
File type ASCII text, with very long lines (28306), with no line terminators
Hash bf8c92f4a904bf7ccb9db7e40b62f0ad
735ec2ef8e292a12edeb7c73fd7aef4a69366e07
8bd55783c0aca7aa373d3a4b2376241642237874208def4a8425fa00b26e80a4
GET /lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js HTTP/1.1
Host: lq3-production01.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: KOUSGDEnKe6/jd3GUNhn4BRUktyAl3M2kk4PR51Ij9XBYGnPZIyqCUwh0vmUOiXdTAJDNvFECkg=
x-amz-request-id: MEBRCX8VR6D19SD6
Date: Wed, 23 Nov 2022 01:01:09 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 06 Oct 2022 10:31:27 GMT
ETag: "b7077df2940f510c81e6397ff9820c3e-1"
Cache-Control: no-cache
Expires: 0
x-amz-version-id: zFhGAhdmW2dU3vn822lWyH7TXQcD4SE8
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 28306
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3kqDHvKJs35G1IHKwwqG5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g42JBToQnhiE10hwlnMR+OsLM5U=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 87fdc18fdfda2faf62246f4de4ce67bd
239c4cc5a9e314a95120e3a032aaf0c3580bbae8
b70c6aefed53103999fa830a20fc3c629a5f7272318b4cce4436a729d482f1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B70C6AEFED53103999FA830A20FC3C629A5F7272318B4CCE4436A729D482F1FE"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12384
Expires: Wed, 23 Nov 2022 04:27:32 GMT
Date: Wed, 23 Nov 2022 01:01:08 GMT
Connection: keep-alive
h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
52.205.62.94200 OK 49 B URL HTTP/1.1 h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
IP 52.205.62.94:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1467ad668080ed4ab50a1408a712cdcc
e0e5faa2d11a93edc33ee27f07885e0dd48110b4
7d7d1c1b75be5d8b716b9c137e025932f6f2e8391c978f08620b6ad892775096
GET /v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking HTTP/1.1
Host: h.upwellnessfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 23 Nov 2022 01:01:08 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 49
Connection: keep-alive
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Front-End-Https: off
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.8476752286265321&r=&u=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
52.5.162.24200 OK 0 B URL HTTP/1.1 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.8476752286265321&r=&u=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
IP 52.5.162.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.8476752286265321&r=&u=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Cookie: ubvt=5412132f-a800-4515-b8d1-72819caf44cc; AWSALB=BsmT839h3tpHk81xADqpbqd9Tp5U6pis6WMgvrXybWTvSt4TRjNn/fKIfEzr8OVEOVjbG11IKfmJScMOMBgulYKKpBlRmmLsqjXnGPXVHnnChPE0Up4JdkpqlrOO; UltraCartShoppingCartID=621B859F6529EC0184A200BD97205B00; ucacid=1632467514.022707; ucacid=1632467514.022707; JSESSIONID=abctwF5E4X_A8p8ffJTVh; LBJSESSIONID=abctwF5E4X_A8p8ffJTVh.n225
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 01:01:08 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=fzu47Zz4VFC1cyVxOIfiYT1TWFo2aQSd4X3rP/ZvVCw9Q6tKnDLfHpz0MzLrzmPqI+lNf5fLi8aCjQ9iR2DPknnIeSPcL/6PA3puL1qDYMSLazjx9RH31RKMY3Gg; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/
AWSALBCORS=fzu47Zz4VFC1cyVxOIfiYT1TWFo2aQSd4X3rP/ZvVCw9Q6tKnDLfHpz0MzLrzmPqI+lNf5fLi8aCjQ9iR2DPknnIeSPcL/6PA3puL1qDYMSLazjx9RH31RKMY3Gg; Expires=Wed, 30 Nov 2022 01:01:08 GMT; Path=/; SameSite=None
UPWEL-ANP=6141; domain=store.upwellness.com; path=/; expires=Thu, 23-Nov-2023 01:01:08 GMT; HttpOnly
Server: Apache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 295116d49d2482efd5aeffcbea457a3d
6a02b0e118f31f7c8dc6e012df8fd6c8613103b7
f1c5692a036fc07ec80894cbf70a7a8d0ab528dd8a9ccb831672992710e3b925
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 01:01:09 GMT
Last-Modified: Wed, 23 Nov 2022 00:56:44 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aAYdydAMHtA7Gg4f4GEppldjtLiU7G5fwOTiJInT1-EG0O1AVRnAeQ==
Age: 266
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 18d76f9ced2bc20ca6bda21336d7be35
4cd03c09a5a6eb34ca76f9d29f4bfe81d34c4c13
f4fff4e883acb8e49ebb526c0a2b441a137df16c9d570e1678755ae630966e19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114451
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Etag: "637c8ce8-2d7"
Expires: Thu, 24 Nov 2022 08:48:40 GMT
Last-Modified: Tue, 22 Nov 2022 08:48:40 GMT
Server: nginx
Content-Length: 727
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9fc5bb6c3282cfb4a446e74880c1de6f
7b2d7d1b1773a6cf61ab05fedf6d0acab7bc62b1
b135050dfc0d166dd36f32709eae3488ec8a8db4888c91caa08777c7bd89e1a4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 01:01:09 GMT
Last-Modified: Tue, 22 Nov 2022 23:17:44 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VpTrZu41XTgfqzJGk5-D1syOSfyPN6sa83JtI6bKfohLw16PLX3xTw==
Age: 6205
cdn.useproof.com/proxy/index.html
172.67.169.176200 OK 325 B URL HTTP/2 cdn.useproof.com/proxy/index.html
IP 172.67.169.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash f92252b1f21fd30ac52b59395971ecdb
ecb588481454091dcfea3c925c83577425497626
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
GET /proxy/index.html HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:09 GMT
content-type: text/html
content-length: 325
x-amz-id-2: S/VO5w2vRdnxQhbXobyAUuc1cWnLUwde9VaZ7hIyF1agE3EBju4ZgjqQLx1mBrRk10zqVwoyXM0=
x-amz-request-id: VETZA751A27T2Z3H
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkXxW39SgWt6ia2nKEAVZ%2BzxvlOp4d671SE6tI9IImFwL%2FPxvUL8DRKTp6IFPV63Z46s%2FdAs2szD7%2BAjzzioS36vWPxafC78HP9WKL0vzyS7N4Xmfs59abPLA6BO7w4noPa4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8d1eda3b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/proxy.js
172.67.169.176200 OK 114 kB URL HTTP/2 cdn.useproof.com/proxy/proxy.js
IP 172.67.169.176:0
File type Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size 114 kB (114404 bytes)
Hash 9f4d60f4f2b143cadacb2b8b3a901401
8c25b07f5122f9875920498c20ede6045320f479
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
GET /proxy/proxy.js HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/proxy/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:09 GMT
content-type: application/javascript
content-length: 114404
cache-control: public, max-age=315360000, no-transform
cf-bgj: minify
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
x-amz-id-2: yoAjzcyRlZUSIcodHaLndl6c776jIrkHPBSIgiDtxS12xvdyq2MKSDzEETmCnivt0ELZRmo4dWc=
x-amz-request-id: YH3Z1CT1HCFY0HSJ
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
age: 48811567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8THnidoQa4IRzDfnUF%2FQlJplUE%2BZjrciRUVPrrtIOUpbrxgiP6d0%2FUCXl6s5jAftuNIL9Od75zq9TRjJVClqObt7HO%2Fnc%2Fbl02lGCErtQfTmXMrBZwE1XgHyxpWDCodEv7HP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e5f8d4cf7db4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.thealternativedaily.com/wp-content/uploads/2016/07/getmyscorebtn.jpg
208.83.60.219200 OK 6.0 kB URL HTTP/2 www.thealternativedaily.com/wp-content/uploads/2016/07/getmyscorebtn.jpg
IP 208.83.60.219:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 289x59, components 3\012- data
Hash b2eac170298e451424d2b6abc47e2111
3e9fa9dd5501979e451fae80859c932582351927
008a49b472b118119bb608c77a2548e473338a1ebcba56942253a6c056b8c1aa
GET /wp-content/uploads/2016/07/getmyscorebtn.jpg HTTP/1.1
Host: www.thealternativedaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 01:01:09 GMT
content-type: image/jpeg
content-length: 5953
last-modified: Mon, 17 Jul 2017 09:19:04 GMT
etag: "596c8108-1741"
expires: Fri, 23 Dec 2022 01:01:09 GMT
cache-control: max-age=2592000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/4.5.0/firebase.js
142.250.74.163200 OK 116 kB URL HTTP/2 www.gstatic.com/firebasejs/4.5.0/firebase.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (16738)
Size 116 kB (116073 bytes)
Hash 0ff319bf584fbc1049438249c206242d
2adccf821c87d51efbc577cc3f091d6f254f0a35
2571c05e9c76a275e38235dc4b7256c971cccd9c1a40367b8d2f8fc9a14b4efb
GET /firebasejs/4.5.0/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 116073
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:31:50 GMT
expires: Thu, 16 Nov 2023 08:31:50 GMT
cache-control: public, max-age=31536000
age: 577759
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css
52.218.193.72200 OK 4.8 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css
IP 52.218.193.72:0
File type Unicode text, UTF-8 text, with very long lines (4780), with no line terminators
Hash 3ef6a357ce69dfdbd0fc95cd908b7211
069e499e6cb0cfd87a63d6efd03ed45e0ee72c78
189d627cc048280c5d155a07a318138f662df0d1ffced3eb687024f5345175a4
GET /lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: y3C/dI3puXTEnPC2pxKIh7sTM+gCEtOUcQVNJ8UDNI50cadP8VZdhx6P+c3lU9UO9YXOL6F26hk=
x-amz-request-id: VETN4G0M10VHXG77
Date: Wed, 23 Nov 2022 01:01:10 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 11 Apr 2022 15:45:24 GMT
ETag: "3ef6a357ce69dfdbd0fc95cd908b7211"
Expires: 1970-01-01T00:00:00.000Z
x-amz-version-id: .zZcEAkgY2IsHf8uyG3CwBul3v9vUK1V
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 4781
flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&ndclid=&rf=&sem=&tm=0
54.71.125.186204 No Content 0 B URL HTTP/2 flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&ndclid=&rf=&sem=&tm=0
IP 54.71.125.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&ndclid=&rf=&sem=&tm=0 HTTP/1.1
Host: flask.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 23 Nov 2022 01:01:09 GMT
server: istio-envoy
context-id: 81f423f0-aab5-4184-a871-eafdeef84c81
x-envoy-upstream-service-time: 2
X-Firefox-Spdy: h2
cdn.js.customerlabs.co/cl4975ot4arrr6.js
143.204.42.86200 OK 191 kB URL HTTP/1.1 cdn.js.customerlabs.co/cl4975ot4arrr6.js
IP 143.204.42.86:0
File type ASCII text, with very long lines (33540)
Size 191 kB (191202 bytes)
Hash 9bc0790bc835c816132d6d632d1fe678
d7ff94e3db5e659963e7a828053c2472af6d751d
989a353c87693ae8700e24dacf7d12637287b303896573ac84fa0211244f4615
GET /cl4975ot4arrr6.js HTTP/1.1
Host: cdn.js.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 191202
Connection: keep-alive
Date: Wed, 23 Nov 2022 01:01:10 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Access-Control-Expose-Headers: ETag, x-amz-meta-custom-header
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 21 Nov 2022 21:23:13 GMT
ETag: "9bc0790bc835c816132d6d632d1fe678"
Cache-Control: max-age=60
x-amz-version-id: C1DASnfA0sWthFzaWaR0QLMU9MXInfPn
Accept-Ranges: bytes
Server: AmazonS3
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yU-ssyw7avhs5-uky6TmeImUq9he4lTPohMgmO97fqsct4_XW_wpjQ==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3540
Expires: Wed, 23 Nov 2022 02:00:09 GMT
Date: Wed, 23 Nov 2022 01:01:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c463ad-46db-4c1c-a9ef-76d12a5dbcd7.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c463ad-46db-4c1c-a9ef-76d12a5dbcd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31e6c88ba7f6e2f34a3f8c0986a5d358
ee9fe28661702bb56a5eae71ab66dda08c87cf50
9fa1bbbe3c52215f34509683ae2c1992f2319e2eef36e93dc1e6a29fe17df39b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c463ad-46db-4c1c-a9ef-76d12a5dbcd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9422
x-amzn-requestid: 61475bac-5ed8-4661-b9a4-055578afe9d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5AHZ8oAMFfAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d06-7e69e5cd1afef9ee089f9d75;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:02 GMT
x-amz-cf-pop: SFO5-C3, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sMYTVN-IORXjnkopVsJADA2eo6hd_RytfhrADXP2gvWl2YhDSpZOrA==
via: 1.1 86eb67c9cdffbb1cad0c7a18a9b0f5a4.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:38 GMT
age: 11071
etag: "ee9fe28661702bb56a5eae71ab66dda08c87cf50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 448adf31ef3a09f7d8a45e1c038fe1d8
88e9613f90c14dca0b2c0b60103d0c8e4d859cc8
cedf0f3bd94dfde56b90f130fc960fe73d0131594b9b4ff0e8dbbe27d76b0926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8000
x-amzn-requestid: 9761ee4c-6da2-4b57-8fab-4d94ec810717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bn1pXGrCIAMFe3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63730308-7628d58a621de956205e1f9c;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 03:10:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pRbkuC0HMmZTAId5hWCbgs763wEzKLsxSo7iVWlSla5RYqhGxnzMrQ==
via: 1.1 100e7eca600d702a8613a94cb0899fe8.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:46:20 GMT
age: 11689
etag: "88e9613f90c14dca0b2c0b60103d0c8e4d859cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd647b7ae-6c81-4319-a790-7c588599e88d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd647b7ae-6c81-4319-a790-7c588599e88d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fd467778c7a69252efd26485c4443dc
bc4c851e17fefa49897e3b3cb66c5ce9cda718fb
6363b7ec5c10449836e9a0330871df17daf160b0fe509507d0422e0d4854b868
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd647b7ae-6c81-4319-a790-7c588599e88d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8820
x-amzn-requestid: f4826eb0-c486-4161-9889-ab71966f465e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE4FLWIAMFc3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-53f202ae48abf5c1212b1faa;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pGXUB8MtXFMiCQEeE3VjP-h1EicN3p4xHP1g0kwJ523r6G1-L0hz3A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:19:23 GMT
age: 78106
etag: "bc4c851e17fefa49897e3b3cb66c5ce9cda718fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78da78cf9180d9d9ac52db0a782478f6
05481896144b04b575d499e1da72410731470d86
ff7c4104b9e7478aba6de837b9992317754fe9bc17d6b61560bc50fd92329871
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114462
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Etag: "637c8cf3-117"
Expires: Thu, 24 Nov 2022 08:48:51 GMT
Last-Modified: Tue, 22 Nov 2022 08:48:51 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78da78cf9180d9d9ac52db0a782478f6
05481896144b04b575d499e1da72410731470d86
ff7c4104b9e7478aba6de837b9992317754fe9bc17d6b61560bc50fd92329871
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114462
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Etag: "637c8cf3-117"
Expires: Thu, 24 Nov 2022 08:48:51 GMT
Last-Modified: Tue, 22 Nov 2022 08:48:51 GMT
Server: nginx
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 77d0b21a-db56-431c-8bc1-15ce409beadd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE2FyqIAMFnEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-6661a45a00c174e87e789791;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4i-DyxmOE3pf55HCp1_oYxYPupFwEdMiQH8YRPQlyj-HMHtlRUfS4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:57:57 GMT
age: 75792
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:27:21 GMT
age: 9228
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: a00f5ff7-02af-40e4-9f40-2814025de9db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b42xTFSEIAMFt2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d1a1-783544906babf838250f304e;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:05:05 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 9V7tmwd73b953mOccy4ESy8rFwDUOEb90oS7KsT05eaOJmdDrgfh5g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 07:28:09 GMT
age: 63180
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
54.230.111.14200 OK 34 kB URL HTTP/1.1 builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
IP 54.230.111.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1825a0c47b2e38b6cf30a4072987bce1
1710545a9d62ae8aaf4b1dd415ffd910df671839
0b4478d998fd8dc7dd45411ac1d80c70e89194ec993a6ef4c53676ba92ab1282
GET /published-js/main.bundle-384ff03.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 33495
Connection: keep-alive
Date: Tue, 30 Aug 2022 01:41:30 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:26 GMT
ETag: "1825a0c47b2e38b6cf30a4072987bce1"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 98o96_wpmrQlnzWvy5odTbtrfBP7LrGA7zc0Buma_Aj4rmAtalNAOQ==
Age: 7341581
b-code.liadm.com/a-057g.min.js
143.204.55.112200 OK 11 kB URL HTTP/1.1 b-code.liadm.com/a-057g.min.js
IP 143.204.55.112:0
File type Unicode text, UTF-8 text, with very long lines (30660)
Hash a7bbc42f5271ca94f2480570ccb3a567
8891c34d6a681ff4d69ce0ebce7e872cf614511d
e37d4880252443f82ec48b62b0f9091a3a04fb3d5fd6fe843acd705c8fc1ff3a
GET /a-057g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 22 Nov 2022 06:47:47 GMT
Cache-Control: "public, max-age=86400"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sPvq9f1b5m6Ygd2ZPyvCFd99amgN2TOSVEnMTu3Wfax_2dFbdu5Lqw==
Age: 65603
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 23 Nov 2022 01:21:10 GMT
Date: Wed, 23 Nov 2022 01:01:10 GMT
Content-Length: 5276
Connection: keep-alive
d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
54.230.111.16200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
IP 54.230.111.16:0
Hash f6420c864830b5860bfaadd47a2bb21b
935d2ed35f43eb0f1aea9b0642df0d7f4770def7
6f36d2d4b4b9df950fd0dd0d57e0eacb7c4217e8086b4ef940cbd6e526930462
GET /ub.js?1618514269 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1856
date: Mon, 29 Aug 2022 01:57:45 GMT
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
etag: "f6420c864830b5860bfaadd47a2bb21b"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c6Cj0SENnHqlJ82Hh4Em3UqRW-80P1SwerjRmW1UwJon4Bw5IMx7-A==
age: 7427006
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78da78cf9180d9d9ac52db0a782478f6
05481896144b04b575d499e1da72410731470d86
ff7c4104b9e7478aba6de837b9992317754fe9bc17d6b61560bc50fd92329871
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114462
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Etag: "637c8cf3-117"
Expires: Thu, 24 Nov 2022 08:48:52 GMT
Last-Modified: Tue, 22 Nov 2022 08:48:51 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 78da78cf9180d9d9ac52db0a782478f6
05481896144b04b575d499e1da72410731470d86
ff7c4104b9e7478aba6de837b9992317754fe9bc17d6b61560bc50fd92329871
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114462
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:09 GMT
Etag: "637c8cf3-117"
Expires: Thu, 24 Nov 2022 08:48:52 GMT
Last-Modified: Tue, 22 Nov 2022 08:48:51 GMT
Server: nginx
Content-Length: 279
cdn.taboola.com/libtrc/unip/1225872/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/1.1 cdn.taboola.com/libtrc/unip/1225872/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58488)
Hash cba749de2564af41c25142b52b1a9254
e089b2dc346c754fa6e5e0e50a0345ea18451ba9
e6e99427e313b68c6d3f27864a13a23169f5fbee3f59d2f78bd097df5982864c
GET /libtrc/unip/1225872/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17946
x-amz-id-2: qpT2YeNsswasDSXp4oIEw2V6wynzthrbYTOC8bhFiL4qCH6hg/qqHSFkKTZ/Zrxf7zlOUwqUpsU=
x-amz-request-id: 33PYZ55ZGB9SHA15
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 20 Nov 2022 11:20:49 GMT
ETag: "529c36a298268cdab3b94c05d8d39bfc"
x-amz-version-id: 1ISsJshg78FFwoPyGORj_DGaRAfZZEpP
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 23 Nov 2022 01:01:10 GMT
Via: 1.1 varnish
Age: 17615
X-Served-By: cache-bma1679-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1669165270.030594,VS0,VE1
Cache-Control: private,max-age=14401
Vary: Accept-Encoding
abp: 17
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 0ea4c9f3e5667fd0b6adf14d80e87295
426c4e4bf6c2dc5fc4caaebbb756c1cd27196919
631acf61947830bdd51fb7b4498b214448564eb965d37bfb2edbd7a086040513
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11430
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 21:23:50 GMT
Accept-Ranges: bytes
ETag: "077538f81f4d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=3DF06BAD15DA6CBA037D79C8148D6D4F; domain=.bing.com; expires=Mon, 18-Dec-2023 01:01:10 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: A05BD00D11964C8685AD5CFA457C5546 Ref B: OSL30EDGE0306 Ref C: 2022-11-23T01:01:10Z
Date: Wed, 23 Nov 2022 01:01:09 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/core.js
151.101.84.84200 OK 1.1 kB IP 151.101.84.84:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
date: Wed, 23 Nov 2022 01:01:10 GMT
content-length: 1146
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6034
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Last-Modified: Tue, 22 Nov 2022 23:20:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 23 Nov 2022 00:41:08 GMT
expires: Wed, 23 Nov 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 1202
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1669165268692&cv=11&fst=1669165268692&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 973 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1669165268692&cv=11&fst=1669165268692&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2233), with no line terminators
Hash d42f0ac723ae070e1ab628c73550f0f8
a22582852113fff6403ec4750af20051a5e1bd38
5cc952273e9dd85a88cf1ba760b299e4239846283470c72d63a1428f470ec55e
GET /pagead/viewthroughconversion/675938688/?random=1669165268692&cv=11&fst=1669165268692&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 973
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 01:16:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1669165268578&cv=11&fst=1669165268578&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 974 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1669165268578&cv=11&fst=1669165268578&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2233), with no line terminators
Hash a3ea9a41bb863228c749faca2e9cc452
453bfe8eaf89e60522ab563d54c12c1a5535e316
e72d9c3d3d9ef73d2c1dcfea551a8524fd957a5689f750b48187851a96b1d6bf
GET /pagead/viewthroughconversion/624541243/?random=1669165268578&cv=11&fst=1669165268578&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 974
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 01:16:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669165268597&cv=11&fst=1669165268597&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669165268597&cv=11&fst=1669165268597&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2233), with no line terminators
Hash d3f260338bcd491bf15f1ac60fec2dcb
6c50a47561734fbeb22c4cbf92ee539fc1017ea3
9f6dc4ccd3d1e41fe185e97cca7c529c45089caedd41e19b3137530e1ac6ac94
GET /pagead/viewthroughconversion/862759327/?random=1669165268597&cv=11&fst=1669165268597&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 01:16:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5uhZpUgu9Nciq+VoTOaQ5NGCjEvFpSip3jqpYjFpNuDHAw8asndL2tAZ3o84F1KZlwubCpI1vBpyFHSrxkugrA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 01:01:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1669165268616&cv=11&fst=1669165268616&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 976 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1669165268616&cv=11&fst=1669165268616&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2233), with no line terminators
Hash 9dd32273b6f9cdbc79a5bb29f9a9bcfe
d21e377a0adf280d9c282b138f9c8814c9ffbac9
c2d100aeabb976db2e4dda97580e35aad9b01389148f04f25f089ddf125ba31f
GET /pagead/viewthroughconversion/458254939/?random=1669165268616&cv=11&fst=1669165268616&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 976
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 01:16:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1669165268588&cv=11&fst=1669165268588&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1669165268588&cv=11&fst=1669165268588&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2237), with no line terminators
Hash 0c8c55cd321f35e82fe8a9bd60e89860
ee13374ce7d0e609354e8782a381d445d2f85c14
f34d53c619bfe6f4a4eb72412db31ffc4a297a1c9d128fc48b21c3de0130dca3
GET /pagead/viewthroughconversion/10838597190/?random=1669165268588&cv=11&fst=1669165268588&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&auid=1157853419.1669165269&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 01:16:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6359
Cache-Control: max-age=119746
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637c88c1-1d7"
Expires: Thu, 24 Nov 2022 10:16:56 GMT
Last-Modified: Tue, 22 Nov 2022 08:30:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af7b01f8aaa890df509f36183224f3a1
c6151f633bec14a338de8e8b4ef4b9b73990a93f
a774d68a664d737c2c279925a458dc67f9e77d9904a3381eaaa96851ea956505
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637c2d5e-1d7"
Last-Modified: Wed, 23 Nov 2022 00:45:25 GMT
Server: ECS (amb/6B94)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 766b653c52f272e64655ada64ef6611a
44889e880af1d3dbc5f151583b99f656ecf2361d
410c65f033ef7b9f010f4b6047ab5160fbd5405f7ac1d1914043a784dd9e8cf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "410C65F033EF7B9F010F4B6047AB5160FBD5405F7AC1D1914043A784DD9E8CF4"
Last-Modified: Mon, 21 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12403
Expires: Wed, 23 Nov 2022 04:27:53 GMT
Date: Wed, 23 Nov 2022 01:01:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 766b653c52f272e64655ada64ef6611a
44889e880af1d3dbc5f151583b99f656ecf2361d
410c65f033ef7b9f010f4b6047ab5160fbd5405f7ac1d1914043a784dd9e8cf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "410C65F033EF7B9F010F4B6047AB5160FBD5405F7AC1D1914043A784DD9E8CF4"
Last-Modified: Mon, 21 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12428
Expires: Wed, 23 Nov 2022 04:28:18 GMT
Date: Wed, 23 Nov 2022 01:01:10 GMT
Connection: keep-alive
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 28249
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:40:39 GMT
expires: Fri, 17 Nov 2023 21:40:39 GMT
cache-control: public, max-age=31536000
age: 444031
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:14:57 GMT
expires: Wed, 22 Nov 2023 17:14:57 GMT
cache-control: public, max-age=31536000
age: 27973
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:49:23 GMT
expires: Thu, 16 Nov 2023 21:49:23 GMT
cache-control: public, max-age=31536000
age: 529907
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
GET /s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:28:19 GMT
expires: Thu, 16 Nov 2023 19:28:19 GMT
cache-control: public, max-age=31536000
age: 538371
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 94250170f5c865fb81152fb41b7ab9bf
f238261df180f320206464ed2ec595a11a102b7c
9d28f30a9e5896805022c13731bb93cf1be864f18265bf008766f4bfff39a000
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4573
Cache-Control: max-age=170864
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637d5769-118"
Expires: Fri, 25 Nov 2022 00:28:54 GMT
Last-Modified: Tue, 22 Nov 2022 23:12:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash cbc3f413a5f14ec736ab57439abbcf05
febf3ae0cf0d981459c3e0ac7c51152358fd88b6
8aa0f7abb30b03fceff4a2b8357954910c4d30900c5082e213b6549d9a5b6e20
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98253
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637c3ce8-1d7"
Expires: Thu, 24 Nov 2022 04:18:43 GMT
Last-Modified: Tue, 22 Nov 2022 03:07:20 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yGrdXeIApmzgAaHeCkLt_sa0jL_RAhQIY1-bOXM_G2pNebtyf_-MtA==
Age: 4283
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3343579c912910e34b887ffd1d958551
f3f56f70dbe12ae60f3f8c4b47d0859420cb91b1
a73a4160b1d6fb82146f214d1cafc833e1e4828258dc7ea593ca2a8ab8a765a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168823
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637d614d-117"
Expires: Thu, 24 Nov 2022 23:54:53 GMT
Last-Modified: Tue, 22 Nov 2022 23:54:53 GMT
Server: nginx
Content-Length: 279
live-visitor-counts.herokuapp.com/lvc/register
3.210.192.5204 No Content 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP 3.210.192.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cdn.useproof.com/
Origin: https://cdn.useproof.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Cowboy
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Date: Wed, 23 Nov 2022 01:01:10 GMT
Via: 1.1 vegur
www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
23.23.204.175200 OK 18 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
IP 23.23.204.175:0
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash d094840fd6b5b489b25f18a22a493822
29a59e8c0250e81421609d5c7c25f20776fdaa4a
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
GET /wp-content/uploads/2015/10/favicon-152.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: image/png
content-length: 18176
server: Pagely-ARES/1.10.15
x-gateway-request-id: c15c52dfee2537c00469e14959eeb853
last-modified: Fri, 23 Sep 2022 23:00:59 GMT
etag: "4700-5e96026c123c4"
expires: Wed, 21 Dec 2022 08:04:16 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
23.23.204.175200 OK 8.6 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
IP 23.23.204.175:0
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b5dc3661602dcf8810766c01556df41b
a84687898568cf8ae0ba6c4b35886b3ee4dfbd17
91e84a8da7499abc9388eed1192e8363c8dfe07e28e6300c69ee25be1a4eb994
GET /wp-content/uploads/2016/08/apple-touch-icon-144x144.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: image/png
content-length: 8622
server: Pagely-ARES/1.10.15
x-gateway-request-id: 151c9643d83352608e96ef4a89da92dd
last-modified: Fri, 23 Sep 2022 23:01:07 GMT
etag: "21ae-5e960272eb24c"
expires: Wed, 21 Dec 2022 08:04:16 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3343579c912910e34b887ffd1d958551
f3f56f70dbe12ae60f3f8c4b47d0859420cb91b1
a73a4160b1d6fb82146f214d1cafc833e1e4828258dc7ea593ca2a8ab8a765a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=168823
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637d614d-117"
Expires: Thu, 24 Nov 2022 23:54:53 GMT
Last-Modified: Tue, 22 Nov 2022 23:54:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&id=cl4975ot4arrr6&uid=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c
54.80.192.176200 OK 178 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&id=cl4975ot4arrr6&uid=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c
IP 54.80.192.176:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 25b686640eb20a2a0f05fb833caeff61
f9797d8946d6e21d3e8415bcfffdab625a657493
ee0565a5ed6675615a5306401e3e64f6b161bda2a8cfcccb5c5a462b28ea4802
GET /externalIds?customerlabs_user_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&id=cl4975ot4arrr6&uid=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Wed, 23 Nov 2022 01:01:10 GMT
Server: nginx/1.12.1
Content-Length: 178
Connection: keep-alive
live-visitor-counts.herokuapp.com/lvc/register
3.210.192.5200 OK 0 B URL HTTP/1.1 live-visitor-counts.herokuapp.com/lvc/register
IP 3.210.192.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /lvc/register HTTP/1.1
Host: live-visitor-counts.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 280
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://cdn.useproof.com
Vary: Origin
Date: Wed, 23 Nov 2022 01:01:10 GMT
Content-Length: 0
Via: 1.1 vegur
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
104.26.8.162204 No Content 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
IP 104.26.8.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/tracking/property/the-alternative-daily/save HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://pages.upwellness.com/
Origin: http://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 23 Nov 2022 01:01:10 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHCZ%2B%2FOt%2BKmJV75LaYcKrzkpaYr6KW%2FlWTm9RRH2RsCf2EBOx9L4C55vkFhACfDz9xJMlPVodOR0ee9FqXapdNnmR5nAovWYd8%2B5oRRBg%2Bi%2Bkyq5IoLb7Ec8HNFiyiTpcXn9%2FDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8d8eba0b51b-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7fe70ba1663df473a878bec0cb121697
8fa8248bc2cc98efcae1b78c7c61792b337859a3
b1d6e27090ed6698426411efcf7e431456b1882f216a612081c272a8c03e558b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5644
Cache-Control: max-age=164762
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:10 GMT
Etag: "637d3b64-117"
Expires: Thu, 24 Nov 2022 22:47:12 GMT
Last-Modified: Tue, 22 Nov 2022 21:13:08 GMT
Server: ECS (amb/6B84)
X-Cache: HIT
Content-Length: 279
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
104.26.8.162204 No Content 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
IP 104.26.8.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/tracking/property/the-alternative-daily/website-popup HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://pages.upwellness.com/
Origin: http://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 23 Nov 2022 01:01:10 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZpCwQ6rw0O6i6NzTHC2jQpQ%2B7vsQOSQG0ACJOPHFaJD1hEAHxMAQmof%2Bktu6eMN51kBCPkzCAfKJA2NuqAnYaz%2FTg%2BGXq5tLqmy4NnMw8fn%2FhHrR3WOz7PpT5D5PbPfECaTt4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8da0c6fb51b-OSL
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&seg=inflammation-quiz
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&seg=inflammation-quiz
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/smart/a/?c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&seg=inflammation-quiz HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:10 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-cgkct:cc-nginx-c76b96594-cgkct
x-requestid: 73aa98f9-49ae-419f-a7c7-bda0712e5cfc
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GyU%2FrM1H7xC6wDnLlE4KKD3nUY8ChIaoiBVaPVz1NP%2FuVrzmLbaltzRAjBnml1QIxPUVo9RkrEYTPX28ffGDwoil%2FcqSTXDAGbKW67Ln6%2FL7oroEveLz8tznaW%2B413dUljrEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8ddcf0fb515-OSL
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
104.26.8.162500 Internal Server Error 31 kB URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
IP 104.26.8.162:0
Hash 7365e1a6aed0d7caca63dd8f0b54c77a
d8a1e48ee45f17d6c4b1b51247ddf747fc60c9c7
a5b4d40385771b8ff658bf220ea6ed9c40e7091d293837533a955ac271d8fd85
POST /api/v1/tracking/property/the-alternative-daily/save HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 243
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: application/json
x-powered-by: PHP/7.2.23
set-cookie: PHPSESSID=29e1ee42b476fb0b24aa4cbbdbf1119e; expires=Wed, 07-Dec-2022 01:01:10 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control: max-age=0, must-revalidate, private
expires: Wed, 23 Nov 2022 01:01:10 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization,Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwAXJJjrzZCnuAuf7KYOxJBTiJNTSIEv1jUXBTzi%2F6%2FMIJPiADkaHTQP2f0P1WfhUa6dhU9ugZ4oSfeWPOeijmOdhk8ThOsu%2BmHCiKqZXhIGyQBu3qs%2BvcvcOy8yWcV2tYlfEow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8dd9e6ab51b-OSL
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
104.26.8.162200 OK 3.0 kB URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
IP 104.26.8.162:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ee93d3fda4a318eecd589b905a2a4da9
6a33cbeb3f7f17692d9ce889ac358aa5df9b641a
95897af97da3c2d64b5bde5dac5085351d393289beb4b051b5a9580587ad4c2e
GET /api/v1/tracking/property/the-alternative-daily/website-popup HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:11 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.2.23
set-cookie: PHPSESSID=aaeb5d3a1cc44ad8903c80994c5f0849; expires=Wed, 07-Dec-2022 01:01:10 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control: max-age=0, must-revalidate, private
expires: Wed, 23 Nov 2022 01:01:10 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization,Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfjUYfsT1TD33OWSsDxWGCmEbO8xHVBjNmPPpzGoPQE9mMNO%2F%2FyFa9WVMN2TqUoCGZ9RGwR2RbrZSGuIY27D01wG1piLwYlk%2By85RR%2BQ03Oih5rFybbDi5rYrzEL2mTMAiRSdlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8de8eebb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
54.230.245.144200 OK 7.6 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
IP 54.230.245.144:0
File type JPEG image data, baseline, precision 8, 216x216, components 3\012- data
Hash e3f1dbb540892e17d5db8c78f7d25dac
182caca2f4ac3187480a2f31944cf9866846b144
cddbd04fb6a2bc681de9bd4558b7062169322c73e095466a592152ea9e6fad8f
GET /pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 7563
Connection: keep-alive
Date: Wed, 09 Nov 2022 14:34:49 GMT
Last-Modified: Wed, 09 Nov 2022 10:47:21 GMT
ETag: "e3f1dbb540892e17d5db8c78f7d25dac"
Cache-Control: max-age=31557600
x-amz-version-id: tTiRn0cWmt8FCcq8iYNxVydurx3yu0HI
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G79s4BkWBm_VD7Ds1jonRiyzhwSWc4bXExLcbgadomAoZL0ot6Mmag==
Age: 1160783
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 6.0 kB IP 188.125.94.206:0
Hash 66623406e043663a860a8b4c588e39f1
b77a5b7e8b7c2c6d15aace8c2125ba568b95298a
44da1066535460994a43241c30c2abc975e4b98d64adce9de2122a621d3325ad
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Z+aesbzH2MeVyIapV6+neCWIbNF7qo4RBMyHOQL4JTbARC38r3utwRoOfOWVVzfxsYigpUl/40w=
x-amz-request-id: H1PPM5Y3KFR368PA
date: Wed, 23 Nov 2022 00:46:32 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 879
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25221c0848e4-fbf2-464b-981e-66cc1767bb6b%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102dcdcd5191696cc12aa05ae1bca8%2526n%253Dtune%2526cid%253D2_dmtbwinflammquiz112222%2526mid%253D2_dmtbwinflammquiz112222%2526AFFID%253D477232%2526subid%253D2_dmtbwinflammquiz112222%2526partner_id%253D2%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102dcdcd5191696cc12aa05ae1bca8%2526n%253Dtune%2526cid%253D2_dmtbwinflammquiz112222%2526mid%253D2_dmtbwinflammquiz112222%2526AFFID%253D477232%2526subid%253D2_dmtbwinflammquiz112222%2526partner_id%253D2%2522%257D
172.67.180.171200 OK 63 B URL HTTP/2 analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25221c0848e4-fbf2-464b-981e-66cc1767bb6b%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102dcdcd5191696cc12aa05ae1bca8%2526n%253Dtune%2526cid%253D2_dmtbwinflammquiz112222%2526mid%253D2_dmtbwinflammquiz112222%2526AFFID%253D477232%2526subid%253D2_dmtbwinflammquiz112222%2526partner_id%253D2%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102dcdcd5191696cc12aa05ae1bca8%2526n%253Dtune%2526cid%253D2_dmtbwinflammquiz112222%2526mid%253D2_dmtbwinflammquiz112222%2526AFFID%253D477232%2526subid%253D2_dmtbwinflammquiz112222%2526partner_id%253D2%2522%257D
IP 172.67.180.171:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fe8eaafa8393eef37df1189c46400e25
64ffb83ec17cb2a870d9aa24d3a51655283134fa
a33a881c872e4e1d29f9e0b677b9b7830f5f544a59edc807fb33c8feb44e3839
GET /track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25221c0848e4-fbf2-464b-981e-66cc1767bb6b%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102dcdcd5191696cc12aa05ae1bca8%2526n%253Dtune%2526cid%253D2_dmtbwinflammquiz112222%2526mid%253D2_dmtbwinflammquiz112222%2526AFFID%253D477232%2526subid%253D2_dmtbwinflammquiz112222%2526partner_id%253D2%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102dcdcd5191696cc12aa05ae1bca8%2526n%253Dtune%2526cid%253D2_dmtbwinflammquiz112222%2526mid%253D2_dmtbwinflammquiz112222%2526AFFID%253D477232%2526subid%253D2_dmtbwinflammquiz112222%2526partner_id%253D2%2522%257D HTTP/1.1
Host: analytics.proofapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
etag: W/"3f-vRTqXMq+CAlyG5kzrHf7KhJNCOU"
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWT5quYLYvTFqYpthUVQ60AWXpyA3%2FXFt5hUOY7WNhi9PP9DBsaJbEy6u2NwzN%2FHGS6OEM5B9Y%2Fev6gaYbsS9zKe78V6eNxdB2YVl1glIVTBetCa2shZG4qFyXMdOnnzJYVKgu%2B7HP1U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8dc388c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl/firstVisit
54.80.192.176200 OK 0 B URL HTTP/1.1 io.v2.customerlabs.co/cl/firstVisit
IP 54.80.192.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl/firstVisit HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 486
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Wed, 23 Nov 2022 01:01:11 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
bat.bing.com/action/0?ti=27015508&Ver=2&mid=2a2ee95f-aff0-4faa-84c8-c8f69e31cdb8&sid=514504206aca11ed829ac5e882c3ec5d&vid=514520b06aca11eda25f85fca277cec5&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&r=<=1531&evt=pageLoad&sv=1&rn=761908
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27015508&Ver=2&mid=2a2ee95f-aff0-4faa-84c8-c8f69e31cdb8&sid=514504206aca11ed829ac5e882c3ec5d&vid=514520b06aca11eda25f85fca277cec5&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&r=<=1531&evt=pageLoad&sv=1&rn=761908
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27015508&Ver=2&mid=2a2ee95f-aff0-4faa-84c8-c8f69e31cdb8&sid=514504206aca11ed829ac5e882c3ec5d&vid=514520b06aca11eda25f85fca277cec5&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&r=<=1531&evt=pageLoad&sv=1&rn=761908 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=250F711514C36A6C1A65637015946B8C; domain=.bing.com; expires=Mon, 18-Dec-2023 01:01:11 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8428AD85553649C8AAEA473B3CEFD9D3 Ref B: OSL30EDGE0314 Ref C: 2022-11-23T01:01:11Z
date: Wed, 23 Nov 2022 01:01:10 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fab2cb3bd48a955d89176110d75459e4
8e642591b32f0095b8302d23b2aa3d4849352c56
71e3ae0dd72335874bd1e42e216d72a6185fb21786e55efbf3012ee0094692a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1938648208.1669165270&jid=2144610498&gjid=30638482&_gid=849846218.1669165270&_u=YGBAiEABBAAAAEAAI~&z=600493748
142.250.150.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1938648208.1669165270&jid=2144610498&gjid=30638482&_gid=849846218.1669165270&_u=YGBAiEABBAAAAEAAI~&z=600493748
IP 142.250.150.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1938648208.1669165270&jid=2144610498&gjid=30638482&_gid=849846218.1669165270&_u=YGBAiEABBAAAAEAAI~&z=600493748 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://pages.upwellness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/624541243/?random=1669165268578&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1695410626&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/624541243/?random=1669165268578&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1695410626&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1669165268578&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1695410626&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10838597190/?random=1669165268588&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3196782816&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10838597190/?random=1669165268588&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3196782816&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1669165268588&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3196782816&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/458254939/?random=1669165268616&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1190756462&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/458254939/?random=1669165268616&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1190756462&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1669165268616&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1190756462&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/675938688/?random=1669165268692&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1944749724&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/675938688/?random=1669165268692&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1944749724&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1669165268692&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1944749724&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/862759327/?random=1669165268597&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4150040808&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1669165268597&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4150040808&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1669165268597&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4150040808&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/27015508.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27015508.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27015508.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=17C63B43CB0F691E1F262926CA58686A; domain=.bing.com; expires=Mon, 18-Dec-2023 01:01:11 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1C8950532F04308AAB366CFC2F68C56 Ref B: OSL30EDGE0314 Ref C: 2022-11-23T01:01:11Z
date: Wed, 23 Nov 2022 01:01:10 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
70.42.32.127200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
IP 70.42.32.127:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 01:01:11 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 5012515968bea70497ac01a5ecd2418b
content-encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
104.21.47.12200 OK 195 B URL HTTP/2 api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
IP 104.21.47.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f0966bcdc32abc4fb34cd203e3e8c95
f5951d34a8011062b6c358330ce05726104ad903
19c7f33c2d515b1429ffd91d77bd760adfa3420fecb227aadadf35e787a65a0e
GET /pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2 HTTP/1.1
Host: api.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:09 GMT
content-type: application/json; charset=utf-8
x-amzn-requestid: 2ea63355-5f8f-4a82-9e3e-8e9a091596b6
access-control-allow-origin: *
surrogate-control: no-store
x-amzn-remapped-content-length: 178
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: cB6RbEg5oAMF4-A=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
pragma: no-cache
x-amzn-remapped-date: Wed, 23 Nov 2022 01:01:09 GMT
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9ArW0HGaateJwz3OZKvPMWZ7T0un8-bWOcjzEcEL9fFa8mnyiEiFZg==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhzsVWh38SEYYX%2FtM4b%2BfsX7%2FdSO9IX54SizU7AUnTsVmY2v%2F5jntEeAsEomRSRuk%2F36QQp1b3CAQY%2BNss1WZ80UoGqESQcNU57rUMKVxAlDSSA2XQdeZAI9mJvMKUiqvrPz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8d67fb0b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9ef11a2d1e232b4b45e40ff0c29fa8b0
0966963f13e3b149e3e3c8c2c81e7986d1d8a07b
9ce8b9ab5f1dfdc0686d1660ed64c6eff5cc3d1492d82aa769ac58e3a159dd1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-795540.js?sv=6
143.204.55.37200 OK 2.3 kB URL HTTP/2 static.hotjar.com/c/hotjar-795540.js?sv=6
IP 143.204.55.37:0
File type ASCII text, with very long lines (3789)
Hash 9d69f9eb592aacedba91615d33137d5b
0da732b3e01562a3037d5f5cf0b8ed9901905a5a
48b6f59c44b559b8eeacf07440275ce3031ac9e95b48eb0067e7034fabfd63ae
GET /c/hotjar-795540.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 01:01:10 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/aef38fa51dfff9236fbc949c70ee8cb9
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hOihzXZnU35d9qdq9zMZZ9jhNFLvpk64bbtda-sT4Mkp5pxCzsC6sA==
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10175858.json
188.125.94.206200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10175858.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ad716787c5ee7f50ab6806a8dfac76d
31d18a36b7472a44913f9871c1ea0d3530f17060
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
GET /wi/config/10175858.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BbHCxRmZLwhmMWMRD9PlAhQYARqjpgoCk5xojVHAKFeqEuKhf40ncYp7cYwex4J5kq4KjXPaHnA=
x-amz-request-id: DQMAM7XX5YW269DC
date: Wed, 23 Nov 2022 01:01:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 14 Jan 2022 20:54:46 GMT
x-amz-expiration: expiry-date="Sun, 19 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: fa2aBktS.tlgTipU0DLTD9VeWF6_YTMO
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
age: 0
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c
104.26.3.122302 Found 42 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c
IP 104.26.3.122:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&partner_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&seg=inflammation-quiz
x-frontend: cc-nginx-c76b96594-78xwd:cc-nginx-c76b96594-78xwd
x-requestid: 635a8668-c62d-4297-b4e0-6d0c43c32223
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P62fwYVnfa3qWqsLNQicDeCRRfuJI%2BKcn5806Rz53F0sHegiOH9otvx6bIl2yVDSzEpzqB8WhoWRfH4gHy%2Bp2skmQ3dyyi0ZuOKfIXqpYaSkxeNGcIfBajLLFHuVgB%2FEEY7aLPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8dbff89fac0-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/624541243/?random=1669165268578&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1695410626&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/624541243/?random=1669165268578&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1695410626&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1669165268578&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1695410626&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/458254939/?random=1669165268616&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1190756462&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/458254939/?random=1669165268616&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1190756462&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1669165268616&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1190756462&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10838597190/?random=1669165268588&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3196782816&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10838597190/?random=1669165268588&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3196782816&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1669165268588&cv=11&fst=1669165200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3196782816&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
104.26.8.162204 No Content 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
IP 104.26.8.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/tracking/property/the-alternative-daily/announcement-bar HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://pages.upwellness.com/
Origin: http://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 23 Nov 2022 01:01:11 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzpNUBA3dueRii8j91vUE9JvJ3FCJViN1ZmKaVPk1axOEYhb4zALhEz6Fnbobr0OEiXFkoakwXEPGwoI7kDTuyHMXeNb5mFiG%2BF3Fw3rso%2BA9qrctBbotVOLvvC88grMlGk%2B8T4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e06808b51b-OSL
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1669165270716&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=fe09ac07-e72f-4c0b-9590-a993c702c95d&dtm=1669165270715&vp=1280x939&ds=1268x2925&vid=1&sid=a9cfda22-01b4-401e-b98b-91b2757fd2f7&duid=9c60047e-b2b4-4de7-91fe-e8c254eccfeb&uid=5412132f-a800-4515-b8d1-72819caf44cc&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYWMiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
44.199.30.13200 OK 43 B URL HTTP/1.1 events.ub-analytics.com/i?stm=1669165270716&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=fe09ac07-e72f-4c0b-9590-a993c702c95d&dtm=1669165270715&vp=1280x939&ds=1268x2925&vid=1&sid=a9cfda22-01b4-401e-b98b-91b2757fd2f7&duid=9c60047e-b2b4-4de7-91fe-e8c254eccfeb&uid=5412132f-a800-4515-b8d1-72819caf44cc&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYWMiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
IP 44.199.30.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1669165270716&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=fe09ac07-e72f-4c0b-9590-a993c702c95d&dtm=1669165270715&vp=1280x939&ds=1268x2925&vid=1&sid=a9cfda22-01b4-401e-b98b-91b2757fd2f7&duid=9c60047e-b2b4-4de7-91fe-e8c254eccfeb&uid=5412132f-a800-4515-b8d1-72819caf44cc&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYWMiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 01:01:11 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: akka-http/10.0.9
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0726d02b9224aae7ebffaa93f8e982a2
3bf62f2bff3f37ff32e1dec5f45905a58cf7c2f0
7ca531380a9c5013b66d3b314d8b3f48a6384228d0826db6f8355d4fa92dd05a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: max-age=102785
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Etag: "637c4ac6-1d7"
Expires: Thu, 24 Nov 2022 05:34:16 GMT
Last-Modified: Tue, 22 Nov 2022 04:06:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 616c5681be942fb2871a7056581e8f97
e8eb6e46ba737f5990edab23c625adf69475c67a
f43581d6294ec1ea760b8172a3fc8d611d5b68fec723f9f25ec038ddd3a0a030
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165271
Date: Wed, 23 Nov 2022 01:01:11 GMT
Etag: "637d4ad4-1d7"
Expires: Thu, 24 Nov 2022 22:55:42 GMT
Last-Modified: Tue, 22 Nov 2022 22:19:00 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ih2_mrAzHzUsfsnCxi8DpFKiGhWjrsG6KG6C84XCEgdEtfF_d6gdkw==
Age: 2202
pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:11 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669165271426;Expires=Sun, 22 Jan 2023 01:01:11 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=fb52b2d9-4f12-4677-baff-2a9fadde3346;Expires=Sun, 22 Jan 2023 01:01:11 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0726d02b9224aae7ebffaa93f8e982a2
3bf62f2bff3f37ff32e1dec5f45905a58cf7c2f0
7ca531380a9c5013b66d3b314d8b3f48a6384228d0826db6f8355d4fa92dd05a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: max-age=102785
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 01:01:11 GMT
Etag: "637c4ac6-1d7"
Expires: Thu, 24 Nov 2022 05:34:16 GMT
Last-Modified: Tue, 22 Nov 2022 04:06:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive/check?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:11 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669165271466;Expires=Sun, 22 Jan 2023 01:01:11 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=31a05280-1837-485f-9685-da1cf9c86bdc;Expires=Sun, 22 Jan 2023 01:01:11 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Sun, 22 Jan 2023 01:01:11 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=31a05280-1837-485f-9685-da1cf9c86bdc
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
3.223.51.75302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
IP 3.223.51.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:11 GMT
content-length: 0
trace-id: 703907aa6e529a6a
vary: Origin
location: /j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true
set-cookie: lidid=26346ac4-a7b9-4630-ac43-292d788e2a39; Max-Age=63072000; Expires=Fri, 22 Nov 2024 01:01:11 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&id=cl4975ot4arrr6&uid=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&t=0&sc=1280%20x%201024
54.80.192.176200 OK 512 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&id=cl4975ot4arrr6&uid=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&t=0&sc=1280%20x%201024
IP 54.80.192.176:0
File type JSON data\012- , ASCII text, with very long lines (512), with no line terminators
Hash 44947b20754d38025228d639106a79d2
4bb78d3767197a949e6c45cb2db2df1ae0d4638a
dca1152d032473eea2e2daf55e307577f2c5728bc8b531f46e679abbd5136aa4
GET /externalIds?customerlabs_user_id=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&id=cl4975ot4arrr6&uid=cl4975ot4arrr6ff22bdc5-86d0-425b-817c-c14e690d5a3c&t=0&sc=1280%20x%201024 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Wed, 23 Nov 2022 01:01:11 GMT
Server: nginx/1.12.1
Content-Length: 512
Connection: keep-alive
s.yimg.com/wi/config/10056129.json
188.125.94.206200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10056129.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc5f6676b4f2531b36b8c7120da6ecca
e7ddbe9b016bc7594e9d5f3a7bf960b56226d5de
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
GET /wi/config/10056129.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pqg0lVv+Nhms90KtZVvv81xA61H8aWQ+ibi2x4eq/FydRl4l/IrzGM4A8LAl1EcOYS1vdrnEiw4=
x-amz-request-id: DQMFQ2DV6CC89YWQ
date: Wed, 23 Nov 2022 01:01:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 0
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&rl=&if=false&ts=1669165270910&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669165270907.1464776350&it=1669165269863&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&rl=&if=false&ts=1669165270910&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669165270907.1464776350&it=1669165269863&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=146844809012010&ev=ViewContent&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&rl=&if=false&ts=1669165270910&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669165270907.1464776350&it=1669165269863&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Nov 2022 01:01:11 GMT
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?done=true&ta_id=31a05280-1837-485f-9685-da1cf9c86bdc
104.26.9.50204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=31a05280-1837-485f-9685-da1cf9c86bdc
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=31a05280-1837-485f-9685-da1cf9c86bdc HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 23 Nov 2022 01:01:11 GMT
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:11 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-cgkct:cc-nginx-c76b96594-cgkct
x-requestid: e85f51a0-755d-448c-aff9-2f08863e85fd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edcLatIIbEOE%2B7imTDrSTZe8At3%2BHaB5NbOOSZw5PW%2F2cy0NotoLSGyu7qK1qobTrVeFW97cDgOoGHiTJwNeSluAPnA7fMV4ZFTdLAojFVBgr%2F%2BfhGE%2FXqmcenpVCcuj6z3IOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e2d9e6b515-OSL
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669165270723
23.38.200.197200 OK 86 kB URL HTTP/2 ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669165270723
IP 23.38.200.197:0
File type gzip compressed data, from Unix\012- data
Hash 832b81302ec4f46835c0bdd174c9438f
88a6309babf56273e2b42a7d172ebc82c427dc1e
108e1fd6695f398f4ac4aa218ecab8669af60248b68bb448544b7ef7dcfa144a
GET /v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669165270723 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1208375730699560
date: Wed, 23 Nov 2022 01:01:11 GMT
akamai-grn: 0.274f2417.1669165271.a22556b
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669165270722&dep=2%2CPAGE_LOAD
23.38.200.197200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669165270722&dep=2%2CPAGE_LOAD
IP 23.38.200.197:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669165270722&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVpUSTVPV05sWlRrdE1EQTBOaTAwWXpWbUxXSXpNbVV0TVRCaE1UZzBOMkZqTldWaA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: http://pages.upwellness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 373
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 7076915082828465
date: Wed, 23 Nov 2022 01:01:11 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669165271.a2255a1
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&rl=&if=false&ts=1669165270916&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669165270907.1464776350&it=1669165269863&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&rl=&if=false&ts=1669165270916&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669165270907.1464776350&it=1669165269863&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&rl=&if=false&ts=1669165270916&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669165270907.1464776350&it=1669165269863&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Nov 2022 01:01:11 GMT
X-Firefox-Spdy: h2
a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
104.26.9.50200 OK 1.9 kB URL HTTP/2 a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
IP 104.26.9.50:0
File type ASCII text, with very long lines (2807)
Hash 63a3fb028cef525f70a20fc575ef546e
c9a34cc4c196f27e729d177fb1836b0ee5c8a0c8
443a5f2f10aadb22e7bb0ce36552748c3cdd95108daee0f9b88a2143fb7a14d9
GET /px/?c=24a3d6f0fe7dd9c HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:10 GMT
content-type: text/javascript
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:10 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx=24a3d6f0fe7dd9c; Expires=Thu, 23 Nov 2023 01:01:10 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_24a3d6f0fe7dd9c=1; Expires=Thu, 23 Nov 2023 01:01:10 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-nhdmc:cc-nginx-c76b96594-nhdmc
x-requestid: 61171f98-9283-4c0a-aa10-590e618a8ac0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8pr9vz1SJtiOqKgNjQqs54N4HlwXXO8ssMAaWuZv64x5kGVGEJTCDHnioXZEKg5MPcGCdjIGzBonyRXJLZ7VwKuqzsUg6VL2jSOqP4AMvr8uGgwZ6KXmOX08IY3m5N%2FjIvNUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8debf9ab515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash e5ebfebd12e4eda40262a1b931426bdb
3a7bf4529429d5f20f8715f8d261ac3e7b650774
88832aca4a3ee2ab8a9f44cb68990a8efab1b95a4f0399db5df341c9537a136a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86437
Date: Wed, 23 Nov 2022 01:01:11 GMT
Etag: "637c0a20-1d7"
Expires: Thu, 24 Nov 2022 01:01:48 GMT
Last-Modified: Mon, 21 Nov 2022 23:30:40 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uyh1hLbrNB7AWMdHUOIvn6ro12bt-j9CI23mjItnY_W65qJ5dN6MLQ==
Age: 5468
rp.liadm.com/j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true
3.223.51.75200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true
IP 3.223.51.75:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1669165269807&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjh01gnm52p9z6b21a9cxpea&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Referer: http://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:11 GMT
content-type: application/json
content-length: 13
trace-id: 160269cda24a1c86
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: d250db61-1da0-4754-ab99-c33d2757d913
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 237c4cb275e88c708adb2f0d3b0c3885
928bc79057b051d81cfb0c6d1b16d26c9ecd46aa
967c16f3c6a52d2deb8ead76da34a4c2fe92102dcb372a3250e7b8d462dc11d4
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111417
Date: Wed, 23 Nov 2022 01:01:11 GMT
Etag: "637c7685-1d7"
Expires: Thu, 24 Nov 2022 07:58:08 GMT
Last-Modified: Tue, 22 Nov 2022 07:13:09 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FUe6IzlSNL_wSGgJS6YLL-iT-GAGRv7zHbMFT6rrGtcNQrgAkoxlFA==
Age: 2699
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1565&scd=32&ssd=1&est=1669165269741&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669165271308&vi=1669165269739&ri=ce6e1e826822f78c54001ff6604a2eeb&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1565&scd=32&ssd=1&est=1669165269741&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669165271308&vi=1669165269739&ri=ce6e1e826822f78c54001ff6604a2eeb&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=1565&scd=32&ssd=1&est=1669165269741&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669165271308&vi=1669165269739&ri=ce6e1e826822f78c54001ff6604a2eeb&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 01:01:11 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/ta/?ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&cn=NO
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:11 GMT
content-type: text/html
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:11 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-78xwd:cc-nginx-c76b96594-78xwd
x-requestid: 3ee46bb1-4ea3-46fd-b3ea-108feeb1e472
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlkQ1NtKvutwQYeuuEZc5UWaO4J%2B4iTXrQ3bvbviqzQe%2FITZ%2Bb1pU6DcYEbf1QuQNkLqrVRiFRx6h7AyB3kbxxjZeRSh5Na0CFd0svwA3C3%2F5qRo5LT%2FNXI53uRdckrglb%2FJbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e098d1b515-OSL
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:11 GMT
expires: Wed, 23 Nov 2022 01:01:11 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBNdwfWMCEDBXmqS7iy2tKidN3YJsi0wFEgEBAQHCfmOHYwAAAAAA_eMAAA&S=AQAAAjPKaM_B6Z_oiR7ibGI3o0Q; Expires=Thu, 23 Nov 2023 07:01:11 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
trc.taboola.com/1225872/trc/3/json?tim=1669165269745&data=%7B%22id%22%3A356%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669165269739%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669165269745%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 1.4 kB URL HTTP/2 trc.taboola.com/1225872/trc/3/json?tim=1669165269745&data=%7B%22id%22%3A356%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669165269739%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669165269745%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash d4b210f19c6349642271c5069f4a7f95
43b1a6167f7a6e7a4d88b5fb404abcbb958be38f
cb00e8104fd4f8bbe718eb9b9a69a7610840dd171efe7da9b5bdaf1b7753af36
GET /1225872/trc/3/json?tim=1669165269745&data=%7B%22id%22%3A356%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669165269739%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669165269745%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 01:01:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669165271.091387,VS0,VE103
vary: Accept-Encoding
x-vcl-time-ms: 103
X-Firefox-Spdy: h2
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d63597de7%25252d43d1%25252d47d2%25252da9ee%25252d3c0d4a14b157%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&_li_chk=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&previous_uuid=5600f95353d3447bbbc948b0b46ba4fd
3.210.106.149303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d63597de7%25252d43d1%25252d47d2%25252da9ee%25252d3c0d4a14b157%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&_li_chk=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&previous_uuid=5600f95353d3447bbbc948b0b46ba4fd
IP 3.210.106.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d63597de7%25252d43d1%25252d47d2%25252da9ee%25252d3c0d4a14b157%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&_li_chk=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&previous_uuid=5600f95353d3447bbbc948b0b46ba4fd HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Wed, 23 Nov 2022 01:01:11 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d63597de7%252d43d1%252d47d2%252da9ee%252d3c0d4a14b157%2526anx_uId%253d%2524UID&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
Set-Cookie: _li_ss=MgYIkgEQ1hM; Max-Age=2592000; Expires=Fri, 23 Dec 2022 01:01:11 GMT; SameSite=None; Path=/s; Secure
lidid=1d403908-56fe-43c1-b39d-abd094c1fa5c; Max-Age=63072000; Expires=Fri, 22 Nov 2024 01:01:11 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 2
Strict-Transport-Security: max-age=31536000; includeSubDomains
a.browserspeed.support/cs?puid=412da552-f401-565d-8b57-699685659935&pid=lc
35.82.220.221302 Found 24 B URL HTTP/2 a.browserspeed.support/cs?puid=412da552-f401-565d-8b57-699685659935&pid=lc
IP 35.82.220.221:0
File type HTML document, ASCII text
Hash cd5fa747861f510d1d45ab9dc80a16a0
90d910869fbe5e0f79b7f7e58f59f5303f46ad78
5bdd19de1ad3c04f1a88334882b16565cef8ac274902e671a72ebebdb35c697c
GET /cs?puid=412da552-f401-565d-8b57-699685659935&pid=lc HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
date: Wed, 23 Nov 2022 01:01:11 GMT
content-type: text/html; charset=utf-8
content-length: 24
location: https://a.browserspeed.support/
set-cookie: tuid=cc056ab8-701c-4fad-b738-15c7280da7e1; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157%26anx_uId%3d%24UID
216.58.207.226302 Found 509 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157%26anx_uId%3d%24UID
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (332), with CRLF, LF line terminators
Hash 08bd391c57935c784d02d416ef76923c
fa2d7fda658be1d3c9892503a5804aaa12104264
7cb2309c7398062974a6c0105dc38d52977a257bd37dac61a7cfdce1f6109091
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157%26anx_uId%3d%24UID HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_tc=
date: Wed, 23 Nov 2022 01:01:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 509
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 01:16:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.browserspeed.support/
35.82.220.221200 OK 4 B IP 35.82.220.221:0
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: tuid=cc056ab8-701c-4fad-b738-15c7280da7e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: awselb/2.0
date: Wed, 23 Nov 2022 01:01:12 GMT
content-type: application/json; charset=utf-8
content-length: 4
set-cookie: tuid=cc056ab8-701c-4fad-b738-15c7280da7e1; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_tc=
216.58.207.226302 Found 455 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_tc=
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1bdbf87a58996a68d214ede918ef4c59
68bc64d7370567bacde3ccfd4feb6bd739e71243
034a320f7e8538cebc1b489df52942659ac33dc8652bef61715f735e9c76cf6e
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_error=3
date: Wed, 23 Nov 2022 01:01:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_error=3
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_error=3
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7%2D43d1%2D47d2%2Da9ee%2D3c0d4a14b157%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:12 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&anx_uId=$UID
x-frontend: cc-nginx-c76b96594-n5g26:cc-nginx-c76b96594-n5g26
x-requestid: 09740350-c617-4fa3-afa0-d24adf44d44d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xU4xFhdu6V2%2BYFQiYdn2iRkmsQv%2F8Txbsg6CdgVCl9ONGogHwshPvcK75gUb1%2BdT18sBdDFpoAHej66G6j9sKph8bJR4FlqLWE2TixKlI189fUTOJZPPgc41x4mpKF1zrig7Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e74be9b515-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7-43d1-47d2-a9ee-3c0d4a14b157%26anx_uId%3D%24UID
37.252.171.22302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7-43d1-47d2-a9ee-3c0d4a14b157%26anx_uId%3D%24UID
IP 37.252.171.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D63597de7-43d1-47d2-a9ee-3c0d4a14b157%26anx_uId%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 23 Nov 2022 01:01:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&anx_uId=0
AN-X-Request-Uuid: 0fab52b2-312b-4a0a-9bca-c4880f52b313
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 86776344fc6dd826ff48ca2f315dec8a
23054ddd051e653c90cc3232bbe1ecb88820b29a
7a6a778b4a383d8385e3843a7fd1ad88a5e7182d5627740511dd2c83a6f264c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 01:01:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:56:48 GMT
Expires: Tue, 29 Nov 2022 13:56:47 GMT
Etag: "23054ddd051e653c90cc3232bbe1ecb88820b29a"
Cache-Control: max-age=564334,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e5f8ea8bddb509-OSL
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&anx_uId=0
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&anx_uId=0
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/bidswitch/?done=true&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:12 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&expires=5&user_group=0
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:12 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-zgx5r:cc-nginx-c76b96594-zgx5r
x-requestid: 8df202d0-1299-4df2-b722-3cb8b467517d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49PQDBkJfHQOj5n9Mt7HldbhwqAe2ETX98AbGdgbsXHrWuZCXr%2FJWgCLY6vl8Lo9WKp9g%2F8UIzUCog47hFrBdvHXTiCw781yHg2lymXXuGdfsQ1G4Sx5zhoMK%2BmmxW1zVo%2FKfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e8fcc4b515-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&expires=5&user_group=0
18.159.93.136200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&expires=5&user_group=0
IP 18.159.93.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=63597de7-43d1-47d2-a9ee-3c0d4a14b157&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:12 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
23.38.200.197200 OK 323 B IP 23.38.200.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 7125951665554827
date: Wed, 23 Nov 2022 01:01:13 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1669165273.a226740
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
54.80.192.176200 OK 0 B IP 54.80.192.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Wed, 23 Nov 2022 01:01:13 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380
52.46.128.147301 Moved Permanently 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380
IP 52.46.128.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 01:01:12 GMT
Server: Server
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380
Cache-Control: no-cache
Content-Length: 0
x-amz-rid: 0306D7HFV929DZKMCXPP
Vary: Accept-Encoding,User-Agent
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380
52.46.128.147302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380
IP 52.46.128.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Wed, 23 Nov 2022 01:01:13 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 0RRYG1PBMA0J1CY4VWDA
Set-Cookie: ad-id=A8lCh1kejUUusl4f7WyNOQQ|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 01:01:13 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380&dcc=t
52.46.128.147200 OK 65 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380&dcc=t
IP 52.46.128.147:0
File type HTML document, ASCII text
Hash 22fdf49482d8200e8f305bbe262eff14
f254bd4053267c2cf46675613e689016d8b7f775
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=114369825077363380&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Wed, 23 Nov 2022 01:01:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: FJ9KWN41NMPC270Y004B
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=32&ssd=1&est=1669165269741&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669165274310&vi=1669165269739&ri=ce6e1e826822f78c54001ff6604a2eeb&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=32&ssd=1&est=1669165269741&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669165274310&vi=1669165269739&ri=ce6e1e826822f78c54001ff6604a2eeb&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=32&ssd=1&est=1669165269741&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669165274310&vi=1669165269739&ri=ce6e1e826822f78c54001ff6604a2eeb&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102dcdcd5191696cc12aa05ae1bca8%26n%3Dtune%26cid%3D2_dmtbwinflammquiz112222%26mid%3D2_dmtbwinflammquiz112222%26AFFID%3D477232%26subid%3D2_dmtbwinflammquiz112222%26partner_id%3D2 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 01:01:14 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
143.204.55.69200 OK 0 B URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 143.204.55.69:0
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Sep 2022 23:09:05 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: W/"359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YYBbnrRZoE3S3HszEbhwD1AKJlJ3n7dqBfsjKGPP3qjN2ReIc7g67w==
age: 6918723
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
IP 142.250.74.10:0
GET /css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 01:01:10 GMT
date: Wed, 23 Nov 2022 01:01:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.clickcertain.com/px/r/?ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
IP 104.26.9.50:0
GET /px/r/?ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&cn=NO
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:11 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d63597de7%25252d43d1%25252d47d2%25252da9ee%25252d3c0d4a14b157%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:11 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-z85x9:cc-nginx-c76b96594-z85x9
x-requestid: 8812b78d-e7f3-4c1f-9386-55992285beb2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2bxmlKrfQBkRm%2FpRuYlzt9TTRdUEWl02WYa1PgpVjhbFCth2sYOwEqzaw2SwhBhhhchgzC01w%2BLHzX2gQeSLAFoqIVu8jTVi5r%2F%2FQrGjkcwHUW6zH27AahaUiCk2zLTS0%2BQnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e098d2b515-OSL
X-Firefox-Spdy: h2
live.upwellness.com/services/scripts/jquery/jquery.min.js
3.93.168.254200 OK 0 B URL HTTP/2 live.upwellness.com/services/scripts/jquery/jquery.min.js
IP 3.93.168.254:0
GET /services/scripts/jquery/jquery.min.js HTTP/1.1
Host: live.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 01:01:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
vary: Accept-Encoding
etag: W/"63298c50-15d84"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ads.nextdoor.com/public/pixel/ndp.js
54.71.125.186200 OK 0 B URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP 54.71.125.186:0
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:09 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Mon, 21 Nov 2022 21:46:16 GMT
vary: Accept-Encoding
etag: W/"637bf1a8-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 3
X-Firefox-Spdy: h2
a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d63597de7%252d43d1%252d47d2%252da9ee%252d3c0d4a14b157%2526anx_uId%253d%2524UID&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d63597de7%252d43d1%252d47d2%252da9ee%252d3c0d4a14b157%2526anx_uId%253d%2524UID&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157
IP 104.26.9.50:0
GET /px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d63597de7%252d43d1%252d47d2%252da9ee%252d3c0d4a14b157%2526anx_uId%253d%2524UID&ccid=63597de7-43d1-47d2-a9ee-3c0d4a14b157 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 01:01:12 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157%26anx_uId%3d%24UID
set-cookie: _ccpx_u=63597de7%2d43d1%2d47d2%2da9ee%2d3c0d4a14b157; Expires=Thu, 23 Nov 2023 01:01:11 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-nhdmc:cc-nginx-c76b96594-nhdmc
x-requestid: 46029179-248f-430c-a1f0-6c5e130d53b0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEssAwmBlEaHMhLE42VR7q3l80WLF1nhPhmglBL3nEUjODyKX0BexR0xH2PNCHNl3IbmbqSguWJf3MShe9xVYu3gmezbJm3mOkdfEw3z0SZMsb04ThzzT54eueuliRMNRg2YuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e54afbb515-OSL
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
104.26.8.162200 OK 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
IP 104.26.8.162:0
GET /api/v1/tracking/property/the-alternative-daily/announcement-bar HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 01:01:11 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.2.23
set-cookie: PHPSESSID=41ac8ad25b79e937bc74518e22da0a8b; expires=Wed, 07-Dec-2022 01:01:11 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control: max-age=0, must-revalidate, private
expires: Wed, 23 Nov 2022 01:01:11 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization,Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wghbkNSEe3eE9visnoqvJTzLgNeWnpfcX8VS7fG5nEbV8wKA7yQxijpIfwCKG5hKCLIg2HMdqNEb2VL5dT8vLVeuxi16EivUsLi93Q9Rq05SsR0hiqieJKvvTDWwKZchmhAxY9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e5f8e198adb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2