r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9254
Expires: Thu, 09 Feb 2023 13:55:53 GMT
Date: Thu, 09 Feb 2023 11:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11037
Expires: Thu, 09 Feb 2023 14:25:36 GMT
Date: Thu, 09 Feb 2023 11:21:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4216
Expires: Thu, 09 Feb 2023 12:31:55 GMT
Date: Thu, 09 Feb 2023 11:21:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 10:36:48 GMT
content-type: application/json
age: 2691
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S6P6IRMwFACgm6r2TVgqEK6BiUcDrmT+fKgrTmhYGT/o1iQtFuRNcR4hoqhJ+T7lm0GCNVc9bfY=
x-amz-request-id: CGD0J38DM8PZ5J5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 10:46:22 GMT
age: 2117
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
alcoholrehabcorona.com/
74.220.207.114301 Moved Permanently 251 B IP 74.220.207.114:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash afa88fa0a3b0dd38db65870cb321706f
2ef4b81e2ac3aefea9b40603f213bb58618a04c2
e671874652e425acb405d8f9519cf86690f3be04c600d96e33bbd69e7156c50b
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
GET / HTTP/1.1
Host: alcoholrehabcorona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 11:21:39 GMT
Server: Apache
Location: https://rehab.amhealth.com/alcohol-spartan/
Cache-Control: max-age=300
Expires: Thu, 09 Feb 2023 11:26:39 GMT
Content-Length: 251
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:21:39 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 11:14:53 GMT
age: 407
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c56ee0d567967552f7f37dd6b886c452
ca9e310be7b3503e529277cfd7f0d3c1d151ffba
615f67ecabb14f42c011fc85bbc4849a4fa73b6be1c42bbadb9339b6353e211d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163293
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:39 GMT
Etag: "63e4b220-117"
Expires: Sat, 11 Feb 2023 08:43:12 GMT
Last-Modified: Thu, 09 Feb 2023 08:43:12 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10183
Expires: Thu, 09 Feb 2023 14:11:23 GMT
Date: Thu, 09 Feb 2023 11:21:40 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.87.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.87.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WDJhAF8vL9poNyCWN+OsyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V5Qiv/573wrZP5RYYuucQdlb/CA=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c56ee0d567967552f7f37dd6b886c452
ca9e310be7b3503e529277cfd7f0d3c1d151ffba
615f67ecabb14f42c011fc85bbc4849a4fa73b6be1c42bbadb9339b6353e211d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=163293
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:40 GMT
Etag: "63e4b220-117"
Expires: Sat, 11 Feb 2023 08:43:13 GMT
Last-Modified: Thu, 09 Feb 2023 08:43:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
rehab.amhealth.com/alcohol-spartan/
141.193.213.11200 OK 33 kB URL HTTP/2 rehab.amhealth.com/alcohol-spartan/
IP 141.193.213.11:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (27542), with CRLF, LF line terminators
Hash c4b389ed80bfe10d825f828cbaaa2a5b
e0402b281e08a0ac1a4ad030d21adf3ff12477e6
9ca3d9fdaa69673bd27f2e0a9f84aa0e1193144fca118e8dec181892efc3d2ee
GET /alcohol-spartan/ HTTP/1.1
Host: rehab.amhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-powered-by: WP Engine
set-cookie: utm_source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
utm_medium=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
utm_term=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
utm_content=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
utm_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
gclid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
handl_original_ref=https%3A%2F%2Falcoholrehabsavannah.com.; expires=Sat, 11-Mar-2023 11:14:49 GMT; Max-Age=2592000; path=/; domain=.rehab.amhealth.com
handl_landing_page=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F; expires=Sat, 11-Mar-2023 11:14:49 GMT; Max-Age=2592000; path=/; domain=.rehab.amhealth.com
handl_ip=213.24.130.98; expires=Sat, 11-Mar-2023 11:14:49 GMT; Max-Age=2592000; path=/; domain=.rehab.amhealth.com
handl_ref=https%3A%2F%2Falcoholrehabsavannah.com.; expires=Sat, 11-Mar-2023 11:14:49 GMT; Max-Age=2592000; path=/; domain=.rehab.amhealth.com
handl_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F; expires=Sat, 11-Mar-2023 11:14:49 GMT; Max-Age=2592000; path=/; domain=.rehab.amhealth.com
email=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
username=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.rehab.amhealth.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
link: <https://rehab.amhealth.com/wp-json/>; rel="https://api.w.org/", <https://rehab.amhealth.com/wp-json/wp/v2/pages/268>; rel="alternate"; type="application/json", <https://rehab.amhealth.com/?p=268>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 2
x-cache-group: normal
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zk3NLyykJZzE9E9TVEyLkdSd%2BS6tqhPoyFqOJJ%2Fuod7LBqn9ROJ%2B8nlhbmTrEtt8cDrmdt9m97pq%2FHOnLdxWlyyUhwMvHHnVjsay5tonHHZ%2BFlbre5R3Vmkgw%2FSwRNyULURzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c3909efc6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-05MXXS0HZM
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-05MXXS0HZM
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 48cafaba5cef04b3ee1a20802e9ab502
e34505bb7f79f2360b3f6ac358bf71962ca7545b
7849d8aa2ab9662432743b60690f9963fce0f98a6857df430f4b9f2922c7ff90
GET /gtag/js?id=G-05MXXS0HZM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:21:40 GMT
expires: Thu, 09 Feb 2023 11:21:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
scripts.iconnode.com/94167.js?ver=6.1.1
54.230.111.63200 OK 7.7 kB URL HTTP/2 scripts.iconnode.com/94167.js?ver=6.1.1
IP 54.230.111.63:0
File type Unicode text, UTF-8 text, with very long lines (46916), with no line terminators
Hash 0a7df9aec9ab2eda2cc5154723438344
b332c2c3a5c8f1d4f0ae5760a2ecbf355252493b
07e99604a98e374092c5915a1bccb28153bed4fc6f0f5ee61beda63975a42f14
GET /94167.js?ver=6.1.1 HTTP/1.1
Host: scripts.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7727
last-modified: Wed, 15 Jun 2022 20:51:51 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 09 Feb 2023 02:23:27 GMT
cache-control: max-age=0
etag: "0a7df9aec9ab2eda2cc5154723438344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5TXRLUOf1pL4j-LCwFMpRHcLiPVFDI-yYDyVad4RtJ80tlUa5p1dvQ==
age: 32293
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-193464030-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-193464030-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 890e43e059bdad437a62967464daaa9c
ff7a0520f43cd7c614cf588ad80e9287db21ddf4
b12bdabe830b615a798a6383683efb97e18d310a8e2b3fdb172834af35831147
GET /gtag/js?id=UA-193464030-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:21:40 GMT
expires: Thu, 09 Feb 2023 11:21:40 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-417740078
142.250.74.168200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-417740078
IP 142.250.74.168:0
File type ASCII text, with very long lines (12440)
Hash d3e2cf626e3080c7fe03e808a093ed66
b0c85a7c537e6dc5c140444a740124b47331c7d5
31351319f92526632c95593d7b8148bc98d8fe5b0b26253f093ffccf6059a9c7
GET /gtag/js?id=AW-417740078 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:21:40 GMT
expires: Thu, 09 Feb 2023 11:21:40 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70218
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 2.1 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash df2874e6af42e6eeb04e6ec48acd25c7
593e089e46f746389310fba2aedd5ecdb05446c6
ec46ee9baed6717bb7c7641aba7873b9d520fcdb3deea865f9c1602c6a08b7af
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 11:21:40 GMT
Last-Modified: Thu, 09 Feb 2023 10:26:54 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ui5TSNkj2_uxh5R67hTsmRdvxZC3EvktXQWTEc_YuKUIDCbmcEz-Fg==
Age: 3286
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-N7WK4V9
142.250.74.168200 OK 59 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N7WK4V9
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (65398)
Hash f3a3672b022dedd59c8bf8cd69f9f7b3
795fbc0049dd1a43e452c63f9f1442c4568da05f
c22e8873df86aec35572dea222ba7bf5f377133f7b48d3b3c1ee28cb251aeaf0
GET /gtm.js?id=GTM-N7WK4V9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:21:41 GMT
expires: Thu, 09 Feb 2023 11:21:41 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-N3NMTZP
142.250.74.168200 OK 55 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N3NMTZP
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 30afc46a762b279d26d2e0e4339053e0
0e0ebb6bb3bda2da68d6d6c084c5b7a1ad17eb3d
361daf3548d5a014e7224a9dc8fc103243dc35d0f4b2552f4dcd589e9d23e285
GET /gtm.js?id=GTM-N3NMTZP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:21:41 GMT
expires: Thu, 09 Feb 2023 11:21:41 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 54618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 12 kB IP 142.250.74.3:0
Hash af2d8734fbcb489ff6f14e9000b51015
68024a7350ed7f5c3fca1923271ec5d4a45b1e96
2f2c85817360c80d5eab5c9aad35ea12b73756b9ea703d6853266c7a0851be5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 3.9 kB IP 142.250.74.3:0
Hash 474fd9066d41dfcb0aebe9b240535d79
82d89402342dee2bc5bb70a071392725a34b81ad
bc7a29d4e829aed3976955667d5c59374ae7c049c9887475c7d1aa719186b908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzRBoIR-BRgA.woff2
142.250.74.35200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzRBoIR-BRgA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 38704, version 1.0\012- data
Hash 2f5a03ca8ec07d6fdc99b6cb74245b9b
1442ea127e03cd911b65ec9df7b0d005d4cd749e
82b9589cd602101bcc95397d7b14745bf4e049ae89ea3b492efd482fa0c9f1aa
GET /s/taviraj/v11/ahccv8Cj3ylylTXzRBoIR-BRgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 01:57:02 GMT
expires: Wed, 07 Feb 2024 01:57:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:16:37 GMT
content-type: font/woff2
age: 206679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Hash bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 04:56:08 GMT
expires: Wed, 07 Feb 2024 04:56:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
age: 195933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 27520, version 1.1\012- data
Hash cd247306809a5a4ddcfee4e2681aa03b
1aaa3efe7fc2cf5ccd75d4c67e1bf05e5041af3b
925be42fa3c0ca5ea75cd203804c3f6c717407e44010e1b63ed2c951bacc1849
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:09:33 GMT
expires: Wed, 07 Feb 2024 14:09:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:58 GMT
content-type: font/woff
age: 162728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Hash 90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:24:41 GMT
expires: Thu, 08 Feb 2024 18:24:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
age: 61020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100
142.250.74.138200 OK 972 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100
IP 142.250.74.138:0
Hash 4b8299532a6c966dc79620643bd1dd81
fbcb42337c0db3d8a5d6915a3eb493331ac6e49f
406cd3089f8df3ed52ad154f7d11fca28ec1173577f9200b5d2b0601d27d731e
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 11:21:40 GMT
date: Thu, 09 Feb 2023 11:21:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP 142.250.74.35:0
Hash 991549018ea7009eb4a0dce0d826bcb5
4831108977489efe94de28b1557ef6f5fdc16ae1
e42c41761bc2bc92dc2afa695468dc398af45a5e49728f4112a18f87e80ce451
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 00:52:29 GMT
expires: Wed, 07 Feb 2024 00:52:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
age: 210552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkA.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17860, version 1.0\012- data
Hash 30779f9c1639655398917337166a4284
ace37b86c5e84903a10fae563f9dddf2d48522db
cc0770f5a2d562ea5334bed0b1bc9b487903997c8087e9690c2ba132ff219987
GET /s/abeezee/v22/esDR31xSG-6AGleN2tukkA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 00:34:57 GMT
expires: Fri, 09 Feb 2024 00:34:57 GMT
cache-control: public, max-age=31536000
age: 38804
last-modified: Tue, 19 Apr 2022 18:45:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzREIJR-BRgA.woff2
142.250.74.35200 OK 37 kB URL HTTP/2 fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzREIJR-BRgA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 36928, version 1.0\012- data
Hash bad69ff7c53c4013e441c3d408b99887
165a92f6f655be02f723d2268b7ac1badf8ca972
5d91dcf9ebe9f4be36343e4eafbaeb5c8408027b8055ef997a13de9ae6b58b1d
GET /s/taviraj/v11/ahccv8Cj3ylylTXzREIJR-BRgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:36:42 GMT
expires: Tue, 06 Feb 2024 17:36:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:57:56 GMT
content-type: font/woff2
age: 236699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash be14694e7f96a85182a244e2eeb34df4
90f303f541fd50c8b63d8aeead20f475e9776cb1
741631c632dc903083160029405ba5ea3969697e37ba580575932261f8c2f060
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 11:21:41 GMT
Last-Modified: Thu, 09 Feb 2023 11:08:59 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OJkF_jziDtCn94N_xt2w-vlBwsphK9dDKtlDIkcVuJnS59x-ovvegg==
Age: 762
amhealthrehab.wpengine.com/wp-content/uploads/2022/02/AmHealth-Logo-For-Site.png
34.75.26.110200 OK 6.8 kB URL HTTP/2 amhealthrehab.wpengine.com/wp-content/uploads/2022/02/AmHealth-Logo-For-Site.png
IP 34.75.26.110:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 214 x 57, 8-bit/color RGB, non-interlaced\012- data
Hash 77004f95159cac3b3b7fbd8766857d55
10653ec918fe4e1b1198ef3b38b71899714aee62
78deb1feb7cfe9fa0469a151b05226e9cc2a4989d65524c9a228f3ee9b307a65
GET /wp-content/uploads/2022/02/AmHealth-Logo-For-Site.png HTTP/1.1
Host: amhealthrehab.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: image/png
content-length: 6815
last-modified: Tue, 15 Feb 2022 15:40:30 GMT
etag: "620bc96e-1a9f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Cigna-Logo.png
34.75.26.110200 OK 12 kB URL HTTP/2 tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Cigna-Logo.png
IP 34.75.26.110:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash 121efb7f1b07bb4f72285aa524b674dc
6ee90885cd8b846b7f23155f3508226308a62418
cef398a7d9da2dc08136d8e2ba42d0715cda8c40fdd64ed9a54b78620c15a948
GET /wp-content/uploads/2021/10/Cigna-Logo.png HTTP/1.1
Host: tdcgethelp.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: image/png
content-length: 11712
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
etag: "61b0782a-2dc0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
process.iconnode.com/google-ads/
76.223.116.242200 OK 7.3 kB URL HTTP/2 process.iconnode.com/google-ads/
IP 76.223.116.242:0
Hash 9d6faf32a084de1a88467b27e2938a33
f828b31e98318d61cff2e161a4c453dfc98e9807
64a8511d5c6946a7ad486a485e73f2aea66e30c5d043727e6fed3b2555b2df47
POST /google-ads/ HTTP/1.1
Host: process.iconnode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://rehab.amhealth.com
access-control-allow-credentials: true
access-control-max-age: 86400
X-Firefox-Spdy: h2
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Humana-Logo.png
34.75.26.110200 OK 3.6 kB URL HTTP/2 tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Humana-Logo.png
IP 34.75.26.110:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 80f186bb5749b3e84e2cbb07fa6207b1
17962b582951745c8b1fb455e4f9e87d4076af8f
a87793464db4c29591450d8c074fb7d230d6974f7517244815ccd1ea1ea5d44d
GET /wp-content/uploads/2021/10/Humana-Logo.png HTTP/1.1
Host: tdcgethelp.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: image/png
content-length: 3579
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
etag: "61b0782a-dfb"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Aetna-Logo.png
34.75.26.110200 OK 14 kB URL HTTP/2 tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Aetna-Logo.png
IP 34.75.26.110:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c5fa17cd1cd860cabc76147092b2166
81e1fe450a4e97a7ad851adff78ae08eea2bf000
0bbfea67bf64ffbba2b799fb5c06d653450e649b9618812b1d0c6d3da222cc13
GET /wp-content/uploads/2021/10/Aetna-Logo.png HTTP/1.1
Host: tdcgethelp.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: image/png
content-length: 13831
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
etag: "61b0782a-3607"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e29e2abf99b2cea464f539c9afbde5cc
6b2cef1c8648125137cea38119f138780c62cce7
5462b028070bb6be11a2b3be0f770d4fa0c52337c3beebd8fb0786f1b9980ab8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1571
Cache-Control: max-age=130625
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:41 GMT
Etag: "63e42c63-116"
Expires: Fri, 10 Feb 2023 23:38:46 GMT
Last-Modified: Wed, 08 Feb 2023 23:12:35 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/BCBS-Logo.png
34.75.26.110200 OK 24 kB URL HTTP/2 tdcgethelp.wpengine.com/wp-content/uploads/2021/10/BCBS-Logo.png
IP 34.75.26.110:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 300 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash a94009ee73d565525db472cef1aa52d2
7d67cf180305e558060bb60e6d245764b9a69deb
2e1d0c48d0707545aa1bf9ed05a709962720e94a42a0870bf077325dc8124cb9
GET /wp-content/uploads/2021/10/BCBS-Logo.png HTTP/1.1
Host: tdcgethelp.wpengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: image/png
content-length: 23892
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
etag: "61b0782a-5d54"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2cb28a3607e1b007bb419efbc6315a94
405635c97a537ae2e1188c6df55dfa5804da3ed3
73c4c3bd858967c41be2294fc41dd9c31c522e40da0f0f8cbf9eddf41aa86bbe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92162
Date: Thu, 09 Feb 2023 11:21:41 GMT
Etag: "63e38ad4-1d7"
Expires: Fri, 10 Feb 2023 12:57:43 GMT
Last-Modified: Wed, 08 Feb 2023 11:43:16 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fRX7pvhL7Fe2prUkDe989biqMj127rLPw2Brq0RAOIJhN4oDw2M48w==
Age: 4467
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12548
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 11:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12548
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 11:21:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8ZayLRkBd16PmZsswU0N4ZLVFphVFlgPRloMdqF_U6WMcyvZptmpA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:46 GMT
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
age: 48955
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 81613
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce710ab5746832fe637fada3e6d63abf
d545c85d4a8cf92dc8b88db0a056623d1ef7a943
40bae4a2fb9dd60e9339d15ad0838f3ca83b5b6275c35cd22878b6783fcd6247
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac74c9c-b95e-40f4-a5ca-7180c40cc241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 7e2b1875-ecf9-4ee9-8d5a-a911fdd28d16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AColKGwOIAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e42153-097b982244d3ad7b6f49a392;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 22:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uvdg9MhYDsR9aC-s_chZDKp7_5RzhQfTwXZ0epZVW7TUVdrdADUEfQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 03:49:25 GMT
age: 27136
etag: "d545c85d4a8cf92dc8b88db0a056623d1ef7a943"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b42802dc628e38e9631a01b6320040a
c83355f0828815ecbff47d8195d2deed8077e368
d0f093b1769b568a5d68ada359eadfd1ab3360488a20e1deeb99b0a51b649441
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc04429b-38db-4e0a-96bf-5a6d2bc7e8cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11256
x-amzn-requestid: fc079b98-a94a-4945-8e51-9b5941fda799
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8SEOMIAMFomA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb381-72b83330325d280821ecf4c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8BUL5SSz4_Jh8-i92w6IGXQEnW6RH2580LbDBIul4S45Mtji53ieTw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:06:10 GMT
age: 47731
etag: "c83355f0828815ecbff47d8195d2deed8077e368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:53 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 48948
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFPF2xZJ9QIqJbOEjTi5gt2aflnM9HVaWp8FpRAIIeDf59cJzbp6kw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:46:36 GMT
age: 48905
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b7112df48aade818b1b29405bf6a4e7f
8c9e999940491859317ed8c06af1b65f18bb519d
65c32cf04f8f599c3e1dc1b1b4b132e20cbb76462924c41b1c52385916fbba95
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 11:21:41 GMT
Last-Modified: Thu, 09 Feb 2023 10:41:26 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XmgJdupIhtQ9f4pp55idieR77pChC50edcVrMGx8Il0nmBBiGrUaWg==
Age: 2416
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6cce4b2f1d505b2ac243f3ab96fe8265
43861adba8132bf873fde5b8f02fe1e625a2f330
479e1ecfd655b5d65f9610f474525d53ad97b38b668dfcebc5b53fc950c72582
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 11:21:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 09 Feb 2023 02:00:01 GMT
Expires: Thu, 16 Feb 2023 02:00:00 GMT
Etag: "43861adba8132bf873fde5b8f02fe1e625a2f330"
Cache-Control: max-age=570498,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796c391089690b69-OSL
moderate2.cleantalk.org/pixel/4122c22b42fe75fb7a2ed45a6bff0a01.gif
167.71.167.197200 OK 43 B URL HTTP/1.1 moderate2.cleantalk.org/pixel/4122c22b42fe75fb7a2ed45a6bff0a01.gif
IP 167.71.167.197:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pixel/4122c22b42fe75fb7a2ed45a6bff0a01.gif HTTP/1.1
Host: moderate2.cleantalk.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 11:21:42 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 50ce693d76cb35a7afb424dfa41e2e8c
5a0decf3f9dc6ff065d8f01d0456f3f8f75146a8
19ea0d88dd4b5d65a01724289a975e02eb8c6b145110c303bedd963ababc48dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Etag: "63e41062-117"
Last-Modified: Thu, 09 Feb 2023 10:08:13 GMT
Server: ECS (amb/6B8D)
X-Cache: HIT
Content-Length: 279
184079.t.hyros.com/v1/lst/universal-script?ph=0d2f59805414ae6c1594cbe0c765f069d6b5531b4658e828f101a79d4c2a14fe&tag=!clicked
52.4.228.223200 OK 36 kB URL HTTP/2 184079.t.hyros.com/v1/lst/universal-script?ph=0d2f59805414ae6c1594cbe0c765f069d6b5531b4658e828f101a79d4c2a14fe&tag=!clicked
IP 52.4.228.223:0
File type ASCII text, with very long lines (35498), with no line terminators
Hash 04cb8b7b38dfe9d0902b78e636fe7837
20f9b6239eabef14adb798bebbcaffe49fb5d52a
4f7113fb3bff7e7699181d224c61447992b98ef401a13d64dd607c8d34080602
GET /v1/lst/universal-script?ph=0d2f59805414ae6c1594cbe0c765f069d6b5531b4658e828f101a79d4c2a14fe&tag=!clicked HTTP/1.1
Host: 184079.t.hyros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: text/javascript;charset=ISO-8859-1
content-length: 35498
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-max-age: 86400
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-05MXXS0HZM>m=45je3280&_p=1173148870&gdid=dZGIzZG&cid=1024384083.1675941760&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675941760&sct=1&seg=0&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&dt=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-05MXXS0HZM>m=45je3280&_p=1173148870&gdid=dZGIzZG&cid=1024384083.1675941760&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675941760&sct=1&seg=0&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&dt=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-05MXXS0HZM>m=45je3280&_p=1173148870&gdid=dZGIzZG&cid=1024384083.1675941760&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675941760&sct=1&seg=0&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&dt=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rehab.amhealth.com
date: Thu, 09 Feb 2023 11:21:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
159642.tctm.co/t.js
54.230.111.116200 OK 178 kB IP 54.230.111.116:0
Size 178 kB (177850 bytes)
Hash 4a0b292fdcd93ffd39e84ce72d1d4254
3154a2f21614c755511a4f1908c7d42b946fd3ba
8392495dad54b30ee68831b87fc193b0ace4fe37affc7f19db600081b7127b7f
GET /t.js HTTP/1.1
Host: 159642.tctm.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Thu, 09 Feb 2023 11:21:41 GMT
set-cookie: ct159642=63e4d74500026f9a145d457d; path=/; HttpOnly; SameSite=None; Secure
etag: W/63e4d74500026f9a145d457d-159642
last-modified: Thu, 09 Feb 2023 11:21:41 GMT
cache-control: no-cache, no-store, must-revalidate
server: ctm
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fz2ah6ecSN7wRnA5EWLdMvd7r0NakyGa5JkOIkMOJd1KolSxBwzxpA==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2cb28a3607e1b007bb419efbc6315a94
405635c97a537ae2e1188c6df55dfa5804da3ed3
73c4c3bd858967c41be2294fc41dd9c31c522e40da0f0f8cbf9eddf41aa86bbe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 11:21:42 GMT
Etag: "63e38ad4-1d7"
Last-Modified: Thu, 09 Feb 2023 11:04:14 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 14Mp48ABaHemsBJCDdikSWl3LX4XA92UGNcW9w9movOLaUKm27oe3w==
Age: 1048
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6d5882eafc87e0fd208339050fb4a553
11505fa91a1395b6639120faef4d4350087af794
bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2275
Cache-Control: max-age=167698
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Etag: "63e4ba75-1d7"
Expires: Sat, 11 Feb 2023 09:56:40 GMT
Last-Modified: Thu, 09 Feb 2023 09:18:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
salesiq.zoho.com/widget?plugin_source=wordpress
136.143.191.67200 35 kB URL HTTP/1.1 salesiq.zoho.com/widget?plugin_source=wordpress
IP 136.143.191.67:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f4a2ea400ed7091af0997f59bae653f1
ea3ced58107aacf2b2c7b9f9cf590e67ecee5b4a
580b7e143de3791f0bdea876b3d5e64c2f515aa9c9907ead79d5c7e340fb4526
GET /widget?plugin_source=wordpress HTTP/1.1
Host: salesiq.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 09 Feb 2023 11:21:42 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: 663a60c55d=2fe2c37ca410599c916d14b1e018bf3e; Path=/
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Pragma:
Expires: Thu, 09 Feb 2023 11:26:42 GMT
ETag: W/8ba284e78c33d88515805d542a018574d6dbe5cbfebf7c40aee39a49172c6ecc
vary: accept-encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 09 Feb 2023 09:44:09 GMT
expires: Thu, 09 Feb 2023 11:44:09 GMT
cache-control: public, max-age=7200
age: 5853
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A8262922A914E9BA9363840EC4DCBCC Ref B: OSL30EDGE0319 Ref C: 2023-02-09T11:21:42Z
date: Thu, 09 Feb 2023 11:21:42 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hF10pHChepmJwtrndGtUwFc9FUhQ2fbVcptHmSrX/OOZEAwprwNQu+azJyRVBFNdvw58+iic8p454NLj5oWoVg==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 09 Feb 2023 11:21:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/417659142/?random=1675941760396&cv=11&fst=1675941760396&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.2200 OK 918 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/417659142/?random=1675941760396&cv=11&fst=1675941760396&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (1983), with no line terminators
Hash f546da5bca46ce9b1659d63138ec5d99
8fa62589a460be4965362dcd60ff7a9961b140fb
ebe04072c3f7b99d785ba3f9c269ce71ba1e2ed381bf56087597a74fce6b261e
GET /pagead/viewthroughconversion/417659142/?random=1675941760396&cv=11&fst=1675941760396&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 918
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 11:36:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6d5882eafc87e0fd208339050fb4a553
11505fa91a1395b6639120faef4d4350087af794
bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2275
Cache-Control: max-age=167698
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Etag: "63e4ba75-1d7"
Expires: Sat, 11 Feb 2023 09:56:40 GMT
Last-Modified: Thu, 09 Feb 2023 09:18:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1675941760362&cv=11&fst=1675941760362&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.2200 OK 917 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1675941760362&cv=11&fst=1675941760362&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (1983), with no line terminators
Hash e22d6e5b7d6cb5f05d2ddacaf264bfc9
3ea1716c06d9ee017f7b3f1a281f809982a07df6
c65ada4d42576aaab34e6f07dbc330cbced400c38da715a3c3621616467b11fb
GET /pagead/viewthroughconversion/417740078/?random=1675941760362&cv=11&fst=1675941760362&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 917
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 11:36:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1675941760347&cv=11&fst=1675941760347&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.2200 OK 921 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1675941760347&cv=11&fst=1675941760347&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (1983), with no line terminators
Hash 9c897e6b299025120e81d4317f4144a9
5fe52f77f5b46195a280b5d790128c523d2bdc09
e2e1c26fb8165c812d61e0ee81ca8caf780422ee3f8c3dc6b2c45eb2174f5f5d
GET /pagead/viewthroughconversion/417740078/?random=1675941760347&cv=11&fst=1675941760347&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 921
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 09-Feb-2023 11:36:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
salesiq.zoho.com/visitor/v2/channels/website?widgetcode=7dc1aaef8d06e4ba63ad0c627ac0707147a82823e91d724b40c1eecd4600a861a2a3f131620804bc0d2fbe12fbf9c93b&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Frehab.amhealth.com&pagetitle=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&include_fields=avuid
136.143.191.67200 8.6 kB URL HTTP/1.1 salesiq.zoho.com/visitor/v2/channels/website?widgetcode=7dc1aaef8d06e4ba63ad0c627ac0707147a82823e91d724b40c1eecd4600a861a2a3f131620804bc0d2fbe12fbf9c93b&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Frehab.amhealth.com&pagetitle=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&include_fields=avuid
IP 136.143.191.67:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (20898), with no line terminators
Hash 86eb97d95246b73a649cf6c7940854c0
608b835186a725fadcf47b51a943c151c4b2e62b
46d7e432e810d852d1a5c37a3215d54e1f0dc3e31133e5b4d453fd1348466813
GET /visitor/v2/channels/website?widgetcode=7dc1aaef8d06e4ba63ad0c627ac0707147a82823e91d724b40c1eecd4600a861a2a3f131620804bc0d2fbe12fbf9c93b&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Frehab.amhealth.com&pagetitle=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&include_fields=avuid HTTP/1.1
Host: salesiq.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 09 Feb 2023 11:21:43 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
Encoding: UTF-8
X-XSS-Protection: 1
Set-Cookie: 663a60c55d=6d1e74808acfcf5f05891ca0fa319340; Path=/
LS_CSRF_TOKEN=a187b916-2ee9-44cd-a34d-a68479737b45;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=a187b916-2ee9-44cd-a34d-a68479737b45;path=/;SameSite=Strict;Secure;priority=high
uesign=e92ab77258d7efb10cffe7c1a548dacaccde86e1cbee8287407b3861fdf63ad63a24af4b36775a93e054e3c3474e7506;Max-Age=2592000;Path=/;Secure;SameSite=None;priority=high
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel
Access-Control-Allow-Origin: https://rehab.amhealth.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Content-Language: en-US
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
184079.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F
52.4.228.223200 OK 0 B URL HTTP/2 184079.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F
IP 52.4.228.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/lst/gusid?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F HTTP/1.1
Host: 184079.t.hyros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: product-id
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:43 GMT
content-length: 0
access-control-allow-origin: https://rehab.amhealth.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: product-id
access-control-max-age: 86400
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=56352144&Ver=2&mid=5af8d521-2244-445c-ad79-b08ee1fd4d4c&sid=11676880a86c11ed9d41753a68bcc81d&vid=11676050a86c11ed96fe7f07dc333fc6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&p=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&r=<=1988&evt=pageLoad&sv=1&rn=84511
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=56352144&Ver=2&mid=5af8d521-2244-445c-ad79-b08ee1fd4d4c&sid=11676880a86c11ed9d41753a68bcc81d&vid=11676050a86c11ed96fe7f07dc333fc6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&p=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&r=<=1988&evt=pageLoad&sv=1&rn=84511
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=56352144&Ver=2&mid=5af8d521-2244-445c-ad79-b08ee1fd4d4c&sid=11676880a86c11ed9d41753a68bcc81d&vid=11676050a86c11ed96fe7f07dc333fc6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&p=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&r=<=1988&evt=pageLoad&sv=1&rn=84511 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1BE6CC7706DD662F1342DEC4078A67A9; domain=.bing.com; expires=Tue, 05-Mar-2024 11:21:43 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C40A4BD565084E3B8249C8D0149A6077 Ref B: OSL30EDGE0319 Ref C: 2023-02-09T11:21:43Z
date: Thu, 09 Feb 2023 11:21:42 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 36 kB IP 142.250.74.3:0
Hash 10857e7de014e4d6cd12f07d014e97a3
9a1b8b041ce84b76e609901866f23a060e2f20fe
c1593fa0d62a309aa7ee6c500e2bcc9de93d99980992a1b90d104b5c8431a974
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/417740078/?random=1675941760362&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1297621001&rmt_tld=0&ipr=y
142.250.74.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/417740078/?random=1675941760362&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1297621001&rmt_tld=0&ipr=y
IP 142.250.74.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/417740078/?random=1675941760362&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1297621001&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/417740078/?random=1675941760347&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3155375502&rmt_tld=0&ipr=y
142.250.74.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/417740078/?random=1675941760347&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3155375502&rmt_tld=0&ipr=y
IP 142.250.74.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/417740078/?random=1675941760347&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3155375502&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/417740078/?random=1675941760362&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1297621001&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/417740078/?random=1675941760362&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1297621001&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/417740078/?random=1675941760362&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1297621001&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=56352144&Ver=2&mid=9786e75a-99b1-42cb-8095-9e75fb59d32b&sid=11676880a86c11ed9d41753a68bcc81d&vid=11676050a86c11ed96fe7f07dc333fc6&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&p=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&r=<=1988&evt=pageLoad&sv=1&rn=765703
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=56352144&Ver=2&mid=9786e75a-99b1-42cb-8095-9e75fb59d32b&sid=11676880a86c11ed9d41753a68bcc81d&vid=11676050a86c11ed96fe7f07dc333fc6&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&p=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&r=<=1988&evt=pageLoad&sv=1&rn=765703
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=56352144&Ver=2&mid=9786e75a-99b1-42cb-8095-9e75fb59d32b&sid=11676880a86c11ed9d41753a68bcc81d&vid=11676050a86c11ed96fe7f07dc333fc6&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&p=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&r=<=1988&evt=pageLoad&sv=1&rn=765703 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=339E71FAF13A618801AE6349F06D6058; domain=.bing.com; expires=Tue, 05-Mar-2024 11:21:43 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55BA76B75F394C84AE03B7C09A18C0BC Ref B: OSL30EDGE0319 Ref C: 2023-02-09T11:21:43Z
date: Thu, 09 Feb 2023 11:21:42 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/417659142/?random=1675941760396&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3464505287&rmt_tld=0&ipr=y
142.250.74.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/417659142/?random=1675941760396&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3464505287&rmt_tld=0&ipr=y
IP 142.250.74.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/417659142/?random=1675941760396&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3464505287&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/417740078/?random=1675941760347&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3155375502&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/417740078/?random=1675941760347&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3155375502&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/417740078/?random=1675941760347&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3155375502&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/417659142/?random=1675941760396&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3464505287&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/417659142/?random=1675941760396&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3464505287&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/417659142/?random=1675941760396&cv=11&fst=1675940400000&bg=ffffff&guid=ON&async=1>m=45be3280&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&tiba=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3464505287&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 11:21:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
184079.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F
52.4.228.223200 OK 0 B URL HTTP/2 184079.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F
IP 52.4.228.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/lst/gusid?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F HTTP/1.1
Host: 184079.t.hyros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Product-ID: 184079
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:43 GMT
content-length: 0
access-control-allow-origin: https://rehab.amhealth.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-max-age: 86400
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
etag: HB-ET_3ffdbba4d171e43377eafcba0389b40bcb177a70bf0f9d368f6349ed51c6a6e1
set-cookie: true;SameSite=None;Secure
HB-ET_3ffdbba4d171e43377eafcba0389b40bcb177a70bf0f9d368f6349ed51c6a6e1;SameSite=None;Secure
session-id: HB-ET_3ffdbba4d171e43377eafcba0389b40bcb177a70bf0f9d368f6349ed51c6a6e1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/56352144.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/56352144.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/56352144.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E778313ED86409BB503E62C396D33F6 Ref B: OSL30EDGE0319 Ref C: 2023-02-09T11:21:43Z
date: Thu, 09 Feb 2023 11:21:42 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f65ba226e8a0c6b9ba1565bbca9d79da
009b16330f7f558ca6030355b570feeb92eb775a
b2e6df5d4113ebcd8ec3b05442c9463cac74ed7f5aa68fda6f2a93a98207639b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 11:21:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 15:09:29 GMT
Expires: Mon, 13 Feb 2023 15:09:28 GMT
Etag: "009b16330f7f558ca6030355b570feeb92eb775a"
Cache-Control: max-age=358664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796c392008080b69-OSL
js.zohocdn.com/salesiq/js/floatbutton8_8b049cf75daff6f6ca0a457c65b5d922_.js
185.20.209.147200 OK 11 kB URL HTTP/2 js.zohocdn.com/salesiq/js/floatbutton8_8b049cf75daff6f6ca0a457c65b5d922_.js
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (32979), with no line terminators
Hash bf39c807689a1743dba0a3b50cd83f25
ea023fce608cd503605264c81a00d65f42c695ce
20f81a094a8ab1ef2e3d0c1df3e0f318ebb0ba49e5622a981effde76f21d600f
GET /salesiq/js/floatbutton8_8b049cf75daff6f6ca0a457c65b5d922_.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: application/javascript;charset=UTF-8
content-length: 10735
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "bf39c807689a1743dba0a3b50cd83f25"
content-language: en-US
last-modified: Fri, 03 Feb 2023 09:35:52 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 82b457e7760c9c56bc1460ac67e56caa
z-origin-id: ex1-7c9f1520686e4d438c59e937d14e7446
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
104.26.9.50302 Found 24 kB URL HTTP/2 a.clickcertain.com/px/ta/?ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
IP 104.26.9.50:0
File type Web Open Font Format (Version 2), TrueType, length 23704, version 1.0\012- data
Hash 3d4a6df8d47f0085c3bf7bd90563e9eb
f0d96d332787d0a8604f2b99dde7f3b947942cf5
d00bea31ec0d15e0e6013225b870d1f39fa2e26663d192c8520494c6156c0569
GET /px/ta/?ccid=8c6a01e2-0ca2-4302-8976-7556284b0160 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=1; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: text/html
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:43 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-xchwx:cc-nginx-64dcbdf744-xchwx
x-requestid: 3d1a2ff7-e0a7-4340-9789-da665b45929c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBGdZMrRxHYfs%2B8i1sWNp3uIvjM7Ld3gZQFdc9uN4sn4PjBhy47%2FkpTPbLe%2FNl215FEZlVxay2QGiLgEADImQiSWLsslwg9u3epIoKIuQdXb%2FIssK0y6n04P2%2F7kQfA9sEucvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c391fbde0b4f7-OSL
X-Firefox-Spdy: h2
184079.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&fbp_id=874753729204982&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
52.4.228.223200 OK 0 B URL HTTP/2 184079.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&fbp_id=874753729204982&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
IP 52.4.228.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/lst/pc?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&fbp_id=874753729204982&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0 HTTP/1.1
Host: 184079.t.hyros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:43 GMT
content-length: 0
access-control-allow-origin: https://rehab.amhealth.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-max-age: 86400
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?seg=trupathrecovery&c=24bee1aa8b49a9f
104.26.9.50302 Found 1.5 kB URL HTTP/2 a.clickcertain.com/px/smart/a/?seg=trupathrecovery&c=24bee1aa8b49a9f
IP 104.26.9.50:0
Hash 1856e2a49a6d70891f880fce4f5d9614
d1ee0f243b21fc0d00fe4d53378d1f74965353fc
9518375938e846a77c071e8b59883991285f49e8126f8babc0fc0dc9c9ff96ae
GET /px/smart/a/?seg=trupathrecovery&c=24bee1aa8b49a9f HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:42 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24bee1aa8b49a9f
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:42 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-xchwx:cc-nginx-64dcbdf744-xchwx
x-requestid: 322ab20d-825e-435f-b391-eb043004db49
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8DNlww5ILdgCyXpmWNqa85WaZ%2BrD1nG0hH7X2wNOIoA8RsguvKG%2BMnnY4AhzCh2AK6AA%2FkbuKzo%2F6n39oPoPniVD1ROvq5gYF0os8QULnVlkQUesprA5CzMiKbZpnbE7IgiZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c39164fc8b4f7-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d8e47e5ce2ece65d774de5c6672fc88
88be08f79969b21f13e6087ae73617a49380ac47
2d10fef5f0d5ece0e9989ba0b3db68f229ed8a1bb9ff2ec6a1916d4826686357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Last-Modified: Thu, 09 Feb 2023 09:43:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f65ba226e8a0c6b9ba1565bbca9d79da
009b16330f7f558ca6030355b570feeb92eb775a
b2e6df5d4113ebcd8ec3b05442c9463cac74ed7f5aa68fda6f2a93a98207639b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 11:21:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 15:09:29 GMT
Expires: Mon, 13 Feb 2023 15:09:28 GMT
Etag: "009b16330f7f558ca6030355b570feeb92eb775a"
Cache-Control: max-age=358664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796c39201e2cb527-OSL
css.zohocdn.com/salesiq/styles/floatbutton8_bcec4e14e8db71f366b2ef221dd8ef3f_.css
185.20.209.147200 OK 4.6 kB URL HTTP/2 css.zohocdn.com/salesiq/styles/floatbutton8_bcec4e14e8db71f366b2ef221dd8ef3f_.css
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (19905), with no line terminators
Hash ded83d5e97e83fc7eb4137082d6cf663
36df0683359b38c0590cee9db802eb3abf96a1aa
d098e6540e2c4d69c9b8e607e720094c8301aac5f8074743cb8cf6bc07d60381
GET /salesiq/styles/floatbutton8_bcec4e14e8db71f366b2ef221dd8ef3f_.css HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: text/css;charset=UTF-8
content-length: 4633
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "ded83d5e97e83fc7eb4137082d6cf663"
content-language: en-US
last-modified: Sat, 17 Dec 2022 09:35:36 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: ac10a45a189f60567d4b65f3e0ade4d4
z-origin-id: ex1-33fcf46019fc47a0b025aeb5c2b9b70c
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:43 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1675941703915;Expires=Mon, 10 Apr 2023 11:21:43 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=f3d2af88-ffb3-42a7-8934-81daab2a6e82;Expires=Mon, 10 Apr 2023 11:21:43 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d8e47e5ce2ece65d774de5c6672fc88
88be08f79969b21f13e6087ae73617a49380ac47
2d10fef5f0d5ece0e9989ba0b3db68f229ed8a1bb9ff2ec6a1916d4826686357
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:43 GMT
Last-Modified: Thu, 09 Feb 2023 09:43:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive/check?partner_id=3318&partner_device_id=8c6a01e2-0ca2-4302-8976-7556284b0160&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:43 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1675941703954;Expires=Mon, 10 Apr 2023 11:21:43 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=e3d2fc29-ee04-4ad9-b2ab-c9d89b71fee1;Expires=Mon, 10 Apr 2023 11:21:43 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Mon, 10 Apr 2023 11:21:43 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=e3d2fc29-ee04-4ad9-b2ab-c9d89b71fee1
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
184079.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&fbp_id=874753729204982&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
52.4.228.223200 OK 117 B URL HTTP/2 184079.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&fbp_id=874753729204982&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
IP 52.4.228.223:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3987102a2908fa3a4083a1c954ddf03b
7c8e43d7b5d4db4b087494e1daa4b9f751cd57d6
8a42d243e875b81f1f863a7b405cbdad01e4ccd563066c544966fef917b7ed31
GET /v1/lst/pc?ref_url=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&fbp_id=874753729204982&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0 HTTP/1.1
Host: 184079.t.hyros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-type: application/json; charset=utf-8
Session-ID: HB-ET_3ffdbba4d171e43377eafcba0389b40bcb177a70bf0f9d368f6349ed51c6a6e1
Product-ID: 184079
Origin: https://rehab.amhealth.com
Connection: keep-alive
Cookie: HB-ET_3ffdbba4d171e43377eafcba0389b40bcb177a70bf0f9d368f6349ed51c6a6e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: application/json;charset=UTF-8
content-length: 117
access-control-allow-origin: https://rehab.amhealth.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-max-age: 86400
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f8ccc184fe2f64016c52739bf92019fa
f603ae800c951548ef427d32f0896c0e0fb16928
b1d08c63524a7bec48e7fa5786254a6f5d029b3c3689d2807a81fe4dbeab19df
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 11:21:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 19:59:42 GMT
Expires: Wed, 15 Feb 2023 19:59:41 GMT
Etag: "f603ae800c951548ef427d32f0896c0e0fb16928"
Cache-Control: max-age=548876,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796c3921a9aa0b69-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a162510967cfc11bcab0a1a7474f7642
a9b7794bc61fda2d68be62d31c4bda31b68ed7a9
50a629fd32d97ac1d821435d7c94954907dec99fb0ca4caf18f86a66241e4718
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 11:21:44 GMT
Last-Modified: Thu, 09 Feb 2023 10:16:57 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 42aSNTYC9q0bTA3IeJf16nNSnP4G8zqXu8ttWIh9iRk-12YUeWo0Yg==
Age: 3887
a.clickcertain.com/px/ta/?done=true&ta_id=e3d2fc29-ee04-4ad9-b2ab-c9d89b71fee1
104.26.9.50204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=e3d2fc29-ee04-4ad9-b2ab-c9d89b71fee1
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=e3d2fc29-ee04-4ad9-b2ab-c9d89b71fee1 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=1; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 09 Feb 2023 11:21:44 GMT
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:44 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-xchwx:cc-nginx-64dcbdf744-xchwx
x-requestid: 5eefd992-e340-4e3f-bf7a-275a66f148ab
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7n%2FHKr%2BdB0PviKf%2BlIyGHn5GCepBKs%2BNhZROCq%2B4ysFl7svgpk%2BFjPPq4l5uY%2FQJ4I4BluHAIZU3mO24PUJkOdYxHfSCKD8ZJHchz0gIFSl4A6WvWhGi4sHJuWs3X0xRhOkF6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c3921e8d1b4f7-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 458e00513d123208ed9a15bcc0ff99d8
3bdddf43c0d54e0f8517fdaba8ae51842b6527da
b82e81538bfb2ad133efdbf2528a56e0e865b9d30d21f9a8808cbb22b31e06ad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136319
Date: Thu, 09 Feb 2023 11:21:44 GMT
Etag: "63e4309f-1d7"
Expires: Sat, 11 Feb 2023 01:13:43 GMT
Last-Modified: Wed, 08 Feb 2023 23:30:39 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HY8YwsqPjwEwfPHukRVu9-rhitNF-NAiyJ3Wda-rrLCrU0oIGh01Tg==
Age: 6184
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 41f4d61081c2f9c3d418db7df21575df
ab3cf13ac1bbe7f52a729dc09065a95572e6e0aa
b6d88cda1fea5264e6d5ecd4393f8040f61260b0e19e2c75772bc04ca0e19490
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169402
Date: Thu, 09 Feb 2023 11:21:44 GMT
Etag: "63e4c175-1d7"
Expires: Sat, 11 Feb 2023 10:25:06 GMT
Last-Modified: Thu, 09 Feb 2023 09:48:37 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fFWkTRIlBeqGiHhC_zNMjiLOdn3zK0JAtKiEWKOVE9EBUI_KXMSGKA==
Age: 2189
i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID
3.222.76.44303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID
IP 3.222.76.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 09 Feb 2023 11:21:44 GMT
Content-Length: 0
Connection: keep-alive
Location: /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&_li_chk=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&previous_uuid=7d7d8ca63a304865a91d3ae083be0ce0
Set-Cookie: lidid=7d7d8ca6-3a30-4865-a91d-3ae083be0ce0; Max-Age=63072000; Expires=Sat, 08 Feb 2025 11:21:44 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
vts.zohopublic.com/watchws?x-e=trupathrecovery&x-s=trupathrecovery&cpage=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&ptitle=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=695626000000002054&lang_embed=en&con_id=1675941762377&connection_count=1
136.143.191.144101 Switching Protocols 0 B URL HTTP/1.1 vts.zohopublic.com/watchws?x-e=trupathrecovery&x-s=trupathrecovery&cpage=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&ptitle=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=695626000000002054&lang_embed=en&con_id=1675941762377&connection_count=1
IP 136.143.191.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watchws?x-e=trupathrecovery&x-s=trupathrecovery&cpage=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&ptitle=Alcohol%20Treatment%20%26%20Detox%20Center%20-%20AmHealth%20-%20Rehab&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=695626000000002054&lang_embed=en&con_id=1675941762377&connection_count=1 HTTP/1.1
Host: vts.zohopublic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rehab.amhealth.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pb8ndjKtOU5q/C+w5GEwvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Strict-Transport-Security: max-age=15768000
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I6VRxTeO1LhdxDlzpFgcP2FnaU0=
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&id=cl468714yf3uz9&uid=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf
54.227.236.41200 OK 178 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&id=cl468714yf3uz9&uid=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf
IP 54.227.236.41:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 63bd44e35c0d54a967075f7b28d05c63
7b1e59322e4796ff116327054a4b0dab3c0374b4
9312c5676ee2a914bd0af0e88ec8b815c57057e90ae911f1fa642340e6a42169
GET /externalIds?customerlabs_user_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&id=cl468714yf3uz9&uid=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Thu, 09 Feb 2023 11:21:44 GMT
Server: nginx/1.12.1
Content-Length: 178
Connection: keep-alive
a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO
104.26.9.50304 Not Modified 0 B URL HTTP/2 a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=2; _ccpx=24bee1aa8b49a9f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
If-None-Match: W/"OGM2YTAxZTJnMGNhMmc0MzAyZzg5NzZnNzU1NjI4NGIwMTYwLXow"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 09 Feb 2023 11:21:44 GMT
etag: W/"OGM2YTAxZTJnMGNhMmc0MzAyZzg5NzZnNzU1NjI4NGIwMTYwLXow"
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:44 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-gjhrg:cc-nginx-64dcbdf744-gjhrg
x-requestid: e8720c03-c1e5-4d16-832a-ed0846a078e4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYW8PjUt9l%2FxBCp245c3jhLZX1tOJXicDYAechCRK1KUe4jAU1QPqv9hw5DU2PoWvw%2Fu7Yt4VOX60vvEGuOZwEwn9gOnso0qJLTfWVueXu1uKtE%2FHEMohq8jKL5ezixliWhqKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c39232a58b4f7-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cf49eabf6c39227090fe9c84259813a3
af588e3b99547bf1b73111ad7021194470040614
5fbee01dfdae355f394e11104227264533acc86778df34f37715d37c601a9721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763129&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763129&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763129&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 11:21:44 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=874753729204982&ev=website_session_start&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763133&cd[start_time]=2023-02-09T11%3A22%3A43.056Z&cd[customerlabs_user_id]=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&sw=1280&sh=1024&v=2.9.95&r=stable&ec=2&o=28&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&eid=cl468714yf3uz982609af7-36fa-41d7-9302-13743e3c2d28&tm=2&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=874753729204982&ev=website_session_start&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763133&cd[start_time]=2023-02-09T11%3A22%3A43.056Z&cd[customerlabs_user_id]=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&sw=1280&sh=1024&v=2.9.95&r=stable&ec=2&o=28&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&eid=cl468714yf3uz982609af7-36fa-41d7-9302-13743e3c2d28&tm=2&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=874753729204982&ev=website_session_start&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763133&cd[start_time]=2023-02-09T11%3A22%3A43.056Z&cd[customerlabs_user_id]=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&sw=1280&sh=1024&v=2.9.95&r=stable&ec=2&o=28&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&eid=cl468714yf3uz982609af7-36fa-41d7-9302-13743e3c2d28&tm=2&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 11:21:44 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763131&sw=1280&sh=1024&v=2.9.95&r=stable&ec=1&o=28&cs_est=true&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&eid=cl468714yf3uz9a58b357f-2b1c-4200-b5f2-08ac14f195eb&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763131&sw=1280&sh=1024&v=2.9.95&r=stable&ec=1&o=28&cs_est=true&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&eid=cl468714yf3uz9a58b357f-2b1c-4200-b5f2-08ac14f195eb&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frehab.amhealth.com%2Falcohol-spartan%2F&rl=&if=false&ts=1675941763131&sw=1280&sh=1024&v=2.9.95&r=stable&ec=1&o=28&cs_est=true&fbp=fb.1.1675941763128.176488633&it=1675941762047&coo=false&eid=cl468714yf3uz9a58b357f-2b1c-4200-b5f2-08ac14f195eb&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 09 Feb 2023 11:21:44 GMT
X-Firefox-Spdy: h2
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&_li_chk=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&previous_uuid=7d7d8ca63a304865a91d3ae083be0ce0
3.222.76.44303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&_li_chk=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&previous_uuid=7d7d8ca63a304865a91d3ae083be0ce0
IP 3.222.76.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&_li_chk=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&previous_uuid=7d7d8ca63a304865a91d3ae083be0ce0 HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 09 Feb 2023 11:21:44 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d8c6a01e2%252d0ca2%252d4302%252d8976%252d7556284b0160%2526anx_uId%253d%2524UID&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
Set-Cookie: _li_ss=CggKBgiSARCkFA; Max-Age=2592000; Expires=Sat, 11 Mar 2023 11:21:44 GMT; SameSite=None; Path=/s; Secure
lidid=ee22c4f9-801c-4afc-8013-48cf354c40ce; Max-Age=63072000; Expires=Sat, 08 Feb 2025 11:21:44 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 2
Strict-Transport-Security: max-age=31536000; includeSubDomains
www.googleadservices.com/pagead/conversion/417740078/wcm?cc=ZZ&dn=8337512923&cl=43bkCO3wmvIDEK7qmMcB&ct_eid=2
142.250.74.34302 Found 0 B URL HTTP/2 www.googleadservices.com/pagead/conversion/417740078/wcm?cc=ZZ&dn=8337512923&cl=43bkCO3wmvIDEK7qmMcB&ct_eid=2
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/conversion/417740078/wcm?cc=ZZ&dn=8337512923&cl=43bkCO3wmvIDEK7qmMcB&ct_eid=2 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://www.google.no/pagead/attribution/wcm?cc=ZZ&dn=8337512923&cl=43bkCO3wmvIDEK7qmMcB
access-control-allow-origin: https://rehab.amhealth.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 11:21:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
54.227.236.41200 OK 0 B IP 54.227.236.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 692
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://rehab.amhealth.com
Date: Thu, 09 Feb 2023 11:21:44 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.usbrowserspeed.com/cs?puid=ee41e3a3-ffe8-578c-ad8b-2912643a408c&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d
44.238.30.180302 Found 119 B URL HTTP/2 a.usbrowserspeed.com/cs?puid=ee41e3a3-ffe8-578c-ad8b-2912643a408c&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d
IP 44.238.30.180:0
File type HTML document, ASCII text
Hash bd4614ea774db2b9d0045c8f17f1e3da
25d10601e7759c09102728e498251997034c8758
e2ee30efc283b0f2e4f36d6fa1ac050ef3f6f55f401933e7882df321a1c5c19e
GET /cs?puid=ee41e3a3-ffe8-578c-ad8b-2912643a408c&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP/1.1
Host: a.usbrowserspeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: text/html; charset=utf-8
content-length: 119
location: https://a.clickcertain.com/px/t/?done=true&uid=99205c33-10d5-4c2d-9038-0b22389735d8&hem=
set-cookie: tuid=99205c33-10d5-4c2d-9038-0b22389735d8; Path=/; Domain=a.usbrowserspeed.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
css.zohocdn.com/salesiq/styles/floatbuttonpostload_f1daead55b49fcabb9471fb11cae2c94_.css
185.20.209.147200 OK 15 kB URL HTTP/2 css.zohocdn.com/salesiq/styles/floatbuttonpostload_f1daead55b49fcabb9471fb11cae2c94_.css
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 63a8eec1dc4f2237e024f74bde55515d
2f28180f22a576611464f33b11829f4017b9de42
4980d6aa25fb25bd04713645fee69b0b4cb17b382bba030280c4cf84efa764d8
GET /salesiq/styles/floatbuttonpostload_f1daead55b49fcabb9471fb11cae2c94_.css HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: text/css;charset=UTF-8
content-length: 14697
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "63a8eec1dc4f2237e024f74bde55515d"
content-language: en-US
last-modified: Wed, 25 Jan 2023 13:21:30 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 78f1e1cc968780f4f71c6b0ec4671c42
z-origin-id: ex1-29e92787b3894afab7b773226b994518
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
css.zohocdn.com/salesiq/styles/newembedtheme_be0d6f4684164319cacf8f8129f547ff_.css
185.20.209.147200 OK 53 kB URL HTTP/2 css.zohocdn.com/salesiq/styles/newembedtheme_be0d6f4684164319cacf8f8129f547ff_.css
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7772669d61fd7c0f0bbfa636e3780655
cfc9534e3d6c9b516256bacdc21a8ad86df1cf06
5589ba7d4acc89c169c8b918a84149fb4fbd9244492d1da5899263c8a107b834
GET /salesiq/styles/newembedtheme_be0d6f4684164319cacf8f8129f547ff_.css HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: text/css;charset=UTF-8
content-length: 53123
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "7772669d61fd7c0f0bbfa636e3780655"
content-language: en-US
last-modified: Wed, 25 Jan 2023 13:21:25 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: f6535c222fc18efc31f2659881e2af9d
z-origin-id: ex1-717fd0063cd142ee819cd0b66e3be8ad
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
js.zohocdn.com/ichat/js/Jan_23_2023_3_wmsliteapi.js
185.20.209.147200 OK 7.4 kB URL HTTP/2 js.zohocdn.com/ichat/js/Jan_23_2023_3_wmsliteapi.js
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (20962)
Hash ddae09011b9fc7f930324d8d894f8a82
1d7b8154d4ae10ea8da82337b2d330de5bfd1ef6
078313045ede57df87c99b49c25454bd9128c4d964769dbeafaaea1a2c412529
GET /ichat/js/Jan_23_2023_3_wmsliteapi.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: application/javascript;charset=UTF-8
content-length: 7400
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "ddae09011b9fc7f930324d8d894f8a82"
content-language: en-US
last-modified: Mon, 23 Jan 2023 12:46:13 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: b8545601ccb6928b057f0bcf175684c5
z-origin-id: ex1-79cd2aec6970464f859b240a7f6a7ef1
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
a.clickcertain.com/px/t/?done=true&uid=99205c33-10d5-4c2d-9038-0b22389735d8&hem=
104.26.9.50204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/t/?done=true&uid=99205c33-10d5-4c2d-9038-0b22389735d8&hem=
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/t/?done=true&uid=99205c33-10d5-4c2d-9038-0b22389735d8&hem= HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=2; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 09 Feb 2023 11:21:44 GMT
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:44 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-gjhrg:cc-nginx-64dcbdf744-gjhrg
x-requestid: 4ab75015-1635-488a-9a54-f776a7dbbe43
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55oczpgaLLqNE24ocHMzFELREcjHM5PUbbWSuJhyi3vOJ3qBkTaLYUhKcvKuK1AjjT44rLOEmP7n5fe8XFPxUqKgyTycEWW131LCwakZysZt0PDIOvJxLE7vcNwO58D4O4OMGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c3924fd5eb4f7-OSL
X-Firefox-Spdy: h2
js.zohocdn.com/salesiq/js/siqnewchatwindow_1fca3b998597bed6a76e39ebfb0012bc_.js
185.20.209.147200 OK 332 kB URL HTTP/2 js.zohocdn.com/salesiq/js/siqnewchatwindow_1fca3b998597bed6a76e39ebfb0012bc_.js
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 332 kB (332141 bytes)
Hash 5f3230aa15c9deb7453b8a306dc9c5f0
6298a5673cdb813586ecf2dfab846a75df4e553d
0c7180baa85bdba5b712f3e95fc3ca90e2920ed37ba9b1b45dc9b988b6063a42
GET /salesiq/js/siqnewchatwindow_1fca3b998597bed6a76e39ebfb0012bc_.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: application/javascript;charset=UTF-8
content-length: 332141
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "5f3230aa15c9deb7453b8a306dc9c5f0"
content-language: en-US
last-modified: Fri, 03 Feb 2023 09:36:01 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 179ad498b056110356b1561fa7fd272f
z-origin-id: ex1-e53a0ed31f9243d9b7b38ace221335c6
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
js.zohocdn.com/salesiq/js/resource/embed/resource_2acda76cf3359569e1a57dac6f99a3bd_.js
185.20.209.147200 OK 14 kB URL HTTP/2 js.zohocdn.com/salesiq/js/resource/embed/resource_2acda76cf3359569e1a57dac6f99a3bd_.js
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type Unicode text, UTF-8 text, with very long lines (47881), with no line terminators
Hash 1d80b68dd06a2ac34f29348b7bc96b32
9a2806b0d4d5ca1124bda6e59ee557062a0ee9e3
dc2657656fb008db587a057bbb26ed5f28d53f92d306a09387a4a13ffdf5b33d
GET /salesiq/js/resource/embed/resource_2acda76cf3359569e1a57dac6f99a3bd_.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: application/javascript;charset=UTF-8
content-length: 14241
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "1d80b68dd06a2ac34f29348b7bc96b32"
content-language: en-US
last-modified: Wed, 01 Feb 2023 13:08:51 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 3eecbae6e7caf408777420669d39480e
z-origin-id: ex1-9434f3f8fb344201823c62e2e2139279
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
54.227.236.41200 OK 0 B IP 54.227.236.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 693
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://rehab.amhealth.com
Date: Thu, 09 Feb 2023 11:21:44 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
css.zohocdn.com/webfonts/latoregular/font.woff
185.20.209.147200 OK 38 kB URL HTTP/2 css.zohocdn.com/webfonts/latoregular/font.woff
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type Web Open Font Format, TrueType, length 37676, version 0.0\012- data
Hash cbdddd82da22c6cbdd41ea4342266abf
080a92c0fe8ff513ee966a446be89128fa31e79a
251d58cc997156886bac2cefc52d1330129544d5f1d6c2a4722242fe3eaa7e9d
GET /webfonts/latoregular/font.woff HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rehab.amhealth.com
Connection: keep-alive
Referer: https://css.zohocdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: font/woff
content-length: 37676
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=5184000, immutable
access-control-expose-headers: *
access-control-allow-origin: *
etag: "f73a195cf160c3c1c1eaf8fcf8eabc04"
content-language: en-US
last-modified: Wed, 28 Jul 2021 14:29:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 219335c3208d277fb7b9ad2294846933
z-origin-id: ex1-05ba2e656ec341459ef5c00c4653fe79
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?done=true&ta_id=a6752deb-6f99-4531-be7e-ed7213e3833c
104.26.9.50204 No Content 0 B URL HTTP/2 a.clickcertain.com/px/ta/?done=true&ta_id=a6752deb-6f99-4531-be7e-ed7213e3833c
IP 104.26.9.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?done=true&ta_id=a6752deb-6f99-4531-be7e-ed7213e3833c HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=2; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 09 Feb 2023 11:21:44 GMT
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:44 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-vfwsf:cc-nginx-64dcbdf744-vfwsf
x-requestid: 773fcb93-eb7a-46ba-a96d-c12ac2ac1ffc
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD9eoaJaxXQc8JHeVw1QEYcKs1OtE7xFMp4GFI18AexNDN5DQxtI80eN5clkev87V1CDXoFUWKQg%2FITF3Ws4Vgubx%2BDANqyxVdSkjMABVup7pLCw6R8hgQfJyZk5eJVQ%2BpN%2F6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c3926c8fcb4f7-OSL
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&id=cl468714yf3uz9&uid=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&t=0&sc=1280%20x%201024
54.227.236.41200 OK 512 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&id=cl468714yf3uz9&uid=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&t=0&sc=1280%20x%201024
IP 54.227.236.41:0
File type JSON data\012- , ASCII text, with very long lines (512), with no line terminators
Hash 6b01fc98ef141ffa84a23d450aae59f0
8da586a200fc8969d734d9cb53714e276ab31d95
0e6d1288a4f202ca4d04f14a5ec6a5ed1868162e62c284ca5778d5b5495bdd57
GET /externalIds?customerlabs_user_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&id=cl468714yf3uz9&uid=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf&t=0&sc=1280%20x%201024 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Thu, 09 Feb 2023 11:21:44 GMT
Server: nginx/1.12.1
Content-Length: 512
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 11:21:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
google.com/pagead/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
142.250.74.78200 OK 0 B URL HTTP/2 google.com/pagead/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pagead/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1 HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 11:21:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
google.com/pagead/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
142.250.74.78200 OK 0 B URL HTTP/2 google.com/pagead/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pagead/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1 HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 11:21:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
css.zohocdn.com/salesiq/images/cw/online-chat_156f4465f7031faa672da42fb9596199_.svg
185.20.209.147200 OK 2.2 kB URL HTTP/2 css.zohocdn.com/salesiq/images/cw/online-chat_156f4465f7031faa672da42fb9596199_.svg
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ee2de94d5f69ac6e059112c523a74c8f
486cb5f112a5574e144d7b3d18f80007d3d0e1e5
b770968f420b392a9ebda4f777c8061e57f0856826de95fe358546bb61ad0323
GET /salesiq/images/cw/online-chat_156f4465f7031faa672da42fb9596199_.svg HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://css.zohocdn.com/salesiq/styles/newembedtheme_be0d6f4684164319cacf8f8129f547ff_.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:45 GMT
content-type: image/svg+xml
content-length: 2156
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "ee2de94d5f69ac6e059112c523a74c8f"
content-language: en-US
last-modified: Fri, 02 Jul 2021 08:06:15 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: a63a2973135705b52f948fc3a16a4439
z-origin-id: ex1-58cfb863b4e541caae288dbead0bcf6d
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
google.com/ccm/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
142.250.74.78204 No Content 0 B URL HTTP/2 google.com/ccm/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ccm/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1 HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rehab.amhealth.com
date: Thu, 09 Feb 2023 11:21:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
google.com/ccm/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
142.250.74.78204 No Content 0 B URL HTTP/2 google.com/ccm/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ccm/form-data/417740078?gtm=45be3280&hn=www.googleadservices.com&did=dZGIzZG&gdid=dZGIzZG&auid=2103699468.1675941760&em=tv.1 HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Origin: https://rehab.amhealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rehab.amhealth.com
date: Thu, 09 Feb 2023 11:21:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=$UID
185.89.210.180307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=$UID
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 11:21:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2-0ca2-4302-8976-7556284b0160%26anx_uId%3D%24UID
AN-X-Request-Uuid: 4738d50c-720e-4faf-bd8f-822a176e0351
Set-Cookie: uuid2=6403677820709408423; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 10-May-2023 11:21:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2-0ca2-4302-8976-7556284b0160%26anx_uId%3D%24UID
185.89.210.180302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2-0ca2-4302-8976-7556284b0160%26anx_uId%3D%24UID
IP 185.89.210.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2-0ca2-4302-8976-7556284b0160%26anx_uId%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 09 Feb 2023 11:21:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=0
AN-X-Request-Uuid: 79edcb29-39f9-49a2-a06b-fda89d717455
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d8c6a01e2%252d0ca2%252d4302%252d8976%252d7556284b0160%2526anx_uId%253d%2524UID&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
104.26.9.50302 Found 503 B URL HTTP/2 a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d8c6a01e2%252d0ca2%252d4302%252d8976%252d7556284b0160%2526anx_uId%253d%2524UID&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
IP 104.26.9.50:0
Hash 480306663a1b962b457ec422371e6791
7614a769def48880d3f171c289f5dc43adf58f9f
56106da5ba1310b5b11025fbfcfdab32a36dee2f5c084c5760b95bcbdda5b817
GET /px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d8c6a01e2%252d0ca2%252d4302%252d8976%252d7556284b0160%2526anx_uId%253d%2524UID&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=2; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160%26anx_uId%3d%24UID
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:44 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-vfwsf:cc-nginx-64dcbdf744-vfwsf
x-requestid: 810ca60d-8083-4715-a869-9c8e524c4fe8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hUnrKaNWhYg4YuTd9ZVTqK9I6HS5MykCuJBA%2BIZFiYOixVTlF05O1qDQbDv95aH%2BRLgsudlApswJWrdZYoyLOFikWWg%2BqomUNQW%2BYh6x99TgSZtScdVsJpCVN9dZwcZKbvsLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c39247ca6b4f7-OSL
X-Firefox-Spdy: h2
salesiq.zohopublic.com/trupathrecovery/clogo/1643811513707_770584137/photo.ls?nps=202
136.143.190.97200 7.4 kB URL HTTP/1.1 salesiq.zohopublic.com/trupathrecovery/clogo/1643811513707_770584137/photo.ls?nps=202
IP 136.143.190.97:0
File type PNG image data, 100 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash b1c398cc134f270eec52c6545df60a33
e7ab6979ed71104e5ceb1c0d005d59024e8a09d9
bf36b522fa0935f87e3955dcaed50a2e0ed0c361064302aa396ef881c2496dc8
GET /trupathrecovery/clogo/1643811513707_770584137/photo.ls?nps=202 HTTP/1.1
Host: salesiq.zohopublic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 09 Feb 2023 11:21:45 GMT
Content-Type: image/png;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Set-Cookie: 663a60c55d=929da241930a6d57e220688ec91d9583; Path=/
LS_CSRF_TOKEN=7e9b0010-f292-4548-ba34-083feaee3e92;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=7e9b0010-f292-4548-ba34-083feaee3e92;path=/;SameSite=Strict;Secure;priority=high
Cache-Control: public
Pragma:
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Feb 2022 14:18:33 GMT
Strict-Transport-Security: max-age=63072000
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=0
104.26.9.50302 Found 11 kB URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=0
IP 104.26.9.50:0
Hash 16e09f706d00343e3265b1dd7a230dd5
a36eea1eb727eeabb2936aa1e581cc544d5b780c
ad61440a00c80f500ab8428fdd354301cf6c31839c9d7a377a91923ddc69cfda
GET /px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=2; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:45 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:45 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-q4kbd:cc-nginx-64dcbdf744-q4kbd
x-requestid: d6d6cd26-4f46-42bd-9b55-7315c097bd6c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fDu4ghs1bCPkNcYDB5wkq%2BVkuuOoox%2BruZArzpdMKWEOEIOrw4Gl8PWcvnrhx75gYeVfT4yO8SpwQq08kPYeAl%2Bn6OSa2kPiTBdex8a9GlEEpfJp31LJAX2DktOcnoUaoj5ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c39295cedb4f7-OSL
X-Firefox-Spdy: h2
js.zohocdn.com/zohosecurity/v5_0/js/security-url-validator.min.js
185.20.209.147200 OK 2.6 kB URL HTTP/2 js.zohocdn.com/zohosecurity/v5_0/js/security-url-validator.min.js
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (5439)
Hash 3904d1666958afd66ede81e6a18aba4b
c42c5068a3323e151dffb66c241ee6af12c11c04
f6887368993764b1c968676bbed273e6d076b8b958f68927628a918d0f1981be
GET /zohosecurity/v5_0/js/security-url-validator.min.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rehab.amhealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 09 Feb 2023 11:21:45 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2641
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "3904d1666958afd66ede81e6a18aba4b"
content-language: en-US
last-modified: Thu, 26 Aug 2021 06:14:01 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: a1584cc3f9e0976e72e186030a80c52c
z-origin-id: ex1-8f5efca176af453280a436e1ae6110f9
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=alcohol-spartan&partner_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf
172.67.69.73302 Found 2.0 kB URL HTTP/2 a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=alcohol-spartan&partner_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf
IP 172.67.69.73:0
Hash fd671a5bad34a5a69e054ed56ec5784c
ceb670c4f5e2cd2e92ee6e86d0042945d9d49018
a7cbf10ae17e4e8e12eb4ebbc5b72c0e62302bfe16dfe5092bd666d021054355
GET /px/smart/?c=24bee1aa8b49a9f&seg=alcohol-spartan&partner_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=24bee1aa8b49a9f&seg=alcohol-spartan&partner_id=cl468714yf3uz9dfa0dad5-96f8-4c74-94d6-080cdf53c1cf
x-frontend: cc-nginx-64dcbdf744-xchwx:cc-nginx-64dcbdf744-xchwx
x-requestid: db182c05-7a46-49f6-b38d-46db0f672a7e
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SX7BiAdfwTxXqFZWQaJ3b%2BCBWbRXbxgn9ZECxhBYX5%2FKsLUROrNpouGrULA9Wl%2FN%2BOrdU2pgRqleF4%2FrAsIqGlIuS%2FFgDQnbwqTLACWzqMOJZouibzKWMFvp7d1bvKDUA2ziPyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c39204b21b512-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0
52.29.59.149302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0
IP 52.29.59.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:45 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=3eff4f9d-b06e-48e3-a03b-e242d3b57319; path=/; expires=Fri, 09-Feb-2024 11:21:45 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675941705; path=/; expires=Fri, 09-Feb-2024 11:21:45 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675941705; path=/; expires=Fri, 09-Feb-2024 11:21:45 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675941705; path=/; expires=Fri, 09-Feb-2024 11:21:45 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0
52.29.59.149200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0
IP 52.29.59.149:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=8c6a01e2-0ca2-4302-8976-7556284b0160&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:45 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb7c8b758fe17f6c06ce2bebb5008495
032d747cf20951f6ca6fd51489fefd7c09c4948d
835d89e028ec4c85a845f2835cb5eddb9653937f6736e2713b671419474608ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JpeDqbyAp9qLkVVqTKxmVy96vqBfyK4-GDiWdgkAjQlUN4Fu160VLA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:55 GMT
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
age: 48953
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
a.clickcertain.com/px/r/?ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=8c6a01e2-0ca2-4302-8976-7556284b0160
IP 104.26.9.50:0
GET /px/r/?ccid=8c6a01e2-0ca2-4302-8976-7556284b0160 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=1; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=8c6a01e2-0ca2-4302-8976-7556284b0160&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d8c6a01e2%25252d0ca2%25252d4302%25252d8976%25252d7556284b0160%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:43 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-82dq9:cc-nginx-64dcbdf744-82dq9
x-requestid: e67b21b8-e424-471e-b51a-0f5e67cb40bd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vetiF5s7LekF%2FiWwjYXVDsi5R3f9Jk%2F%2FX0eBlRv%2BnIgXMz8JuifKM%2FSHyk%2FAn470F8CKaweo%2FMeVRk3q%2F%2B6FRqGIGkw0jwrXVII%2BzHWJzIRUNRNITJ877bCemta%2BHXKMesDdzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c391fbde9b4f7-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MJMLZC6
142.250.74.168200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MJMLZC6
IP 142.250.74.168:0
GET /gtm.js?id=GTM-MJMLZC6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 11:21:40 GMT
expires: Thu, 09 Feb 2023 11:21:40 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO
104.26.9.50200 OK 0 B URL HTTP/2 a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO
IP 104.26.9.50:0
GET /px/cont/?c=24bee1aa8b49a9f&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&cn=NO HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=1; _ccpx=24bee1aa8b49a9f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 11:21:43 GMT
content-type: text/html
etag: W/"OGM2YTAxZTJnMGNhMmc0MzAyZzg5NzZnNzU1NjI4NGIwMTYwLXow"
set-cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; Expires=Fri, 09 Feb 2024 11:21:43 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-64dcbdf744-gjhrg:cc-nginx-64dcbdf744-gjhrg
x-requestid: fc9d606d-1ae2-4b72-975c-1c1a3ff62d80
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZzpJSwVkW5L825efpVNhrDkz1ReXeDghmtpSpv4shz1gBF46YFiFDkY6d0YoZJ847ECh0vg2vbI65WUwCMIsHycHSIBACabVSsSp7p%2FJpyLHIebLebvVSoaT24z341XJT%2BoDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c391eac67b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2%2D0ca2%2D4302%2D8976%2D7556284b0160%26anx_uId%3D%24UID&google_error=3
104.26.9.50302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2%2D0ca2%2D4302%2D8976%2D7556284b0160%26anx_uId%3D%24UID&google_error=3
IP 104.26.9.50:0
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D8c6a01e2%2D0ca2%2D4302%2D8976%2D7556284b0160%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=8c6a01e2%2d0ca2%2d4302%2d8976%2d7556284b0160; _ccpx_24bee1aa8b49a9f=2; _ccpx=24bee1aa8b49a9f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:44 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=8c6a01e2-0ca2-4302-8976-7556284b0160&anx_uId=$UID
x-frontend: cc-nginx-64dcbdf744-gjhrg:cc-nginx-64dcbdf744-gjhrg
x-requestid: ebc540ff-873c-4c87-8770-eced38b4d564
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RC4OZTi7FrL9lv9eop6ffBNKN8FAC2Zs%2BrF9MQNL5b%2F2kZDmwzDOqa47a1AexdY8Hiwn9BpJcYfZujf6cXIvHajfi1XIQDMy7yDjm%2B%2FPixWDchjIuYABB6EvY2xgbE7nGLXiCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c3926f96bb4f7-OSL
X-Firefox-Spdy: h2
159642.tctm.co/t.js
54.230.111.116200 OK 0 B IP 54.230.111.116:0
GET /t.js HTTP/1.1
Host: 159642.tctm.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Cookie: ct159642=63e4d74500026f9a145d457d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Thu, 09 Feb 2023 11:21:41 GMT
set-cookie: ct159642=63e4d74500026f9a145d457d; path=/; HttpOnly; SameSite=None; Secure
etag: W/63e4d74500026f9a145d457d-159642
last-modified: Thu, 09 Feb 2023 11:21:41 GMT
cache-control: no-cache, no-store, must-revalidate
server: ctm
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iuUzQRf8WtMhnIy-CfquXcQZN_XStfTW2-_5Dbz4MF-NQDS9kKXXig==
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=trupathrecovery
172.67.69.73302 Found 0 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=trupathrecovery
IP 172.67.69.73:0
GET /px/smart/?c=24bee1aa8b49a9f&seg=trupathrecovery HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rehab.amhealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 11:21:41 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?seg=trupathrecovery&c=24bee1aa8b49a9f
x-frontend: cc-nginx-64dcbdf744-vfwsf:cc-nginx-64dcbdf744-vfwsf
x-requestid: 30a2838c-3c19-4366-a0fb-9973a0998f6f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNAigPfkYDfZcPlsYTxkxj%2BwElSeAy0Sk%2FCNyLnUqTwHrYuDnWqUS9YdaKATrHx1PJQmbyy9HGTlWHBBzFJMDSsGhSEx5UH8t4%2Bc2EXmyVp7ZMO%2BOfnEusyiktNIOq1Ps8e26AE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c3913482cb512-OSL
X-Firefox-Spdy: h2