pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102f9b543fb9508b1b31e87f58e422&n=tune&cid=2_wwscpostinflammquiz112322&mid=2_wwscpostinflammquiz112322&AFFID=477232&subid=2_wwscpostinflammquiz112322&partner_id=2
3.69.136.55200 OK 16 kB URL HTTP/1.1 pages.upwellness.com/inflammation-quiz/?offer=77&session_id=102f9b543fb9508b1b31e87f58e422&n=tune&cid=2_wwscpostinflammquiz112322&mid=2_wwscpostinflammquiz112322&AFFID=477232&subid=2_wwscpostinflammquiz112322&partner_id=2
IP 3.69.136.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16939), with CRLF, LF line terminators
Hash 847af23bff23da06c5e298a8f70c8d19
b1ab0eba738e5404b4cfde516e9e4b325a9345d6
db7386ca9b8e8d1ebda7f9f351a4741e7f5f5a6bcc0ee33438a3be252ab84ae8
GET /inflammation-quiz/?offer=77&session_id=102f9b543fb9508b1b31e87f58e422&n=tune&cid=2_wwscpostinflammquiz112322&mid=2_wwscpostinflammquiz112322&AFFID=477232&subid=2_wwscpostinflammquiz112322&partner_id=2 HTTP/1.1
Host: pages.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 24 Nov 2022 05:05:10 GMT
content-type: text/html; charset=utf-8
content-length: 15611
set-cookie: ubvs=7563ca6f-efd7-4840-9415-a9cc3c3bca48; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=7563ca6f-efd7-4840-9415-a9cc3c3bca48; Max-Age=259200; Domain=upwellness.com; Path=/; SameSite=Lax
ubpv=ac%2Cce51cc0b-0e94-443c-a27a-24c78d18f232; Max-Age=15897600; Path=/inflammation-quiz/; SameSite=Lax
content-location: http://pages.upwellness.com/inflammation-quiz/
etag: "ac:7563ca6fefd748409415a9cc3c3bca48"
link: <http://pages.upwellness.com/inflammation-quiz/>; rel="canonical"
x-unbounce-pageid: ce51cc0b-0e94-443c-a27a-24c78d18f232
x-unbounce-variant: ac
x-unbounce-visitorid: 7563ca6f-efd7-4840-9415-a9cc3c3bca48
content-encoding: gzip
x-proxy-backend: page-server
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7012
Expires: Thu, 24 Nov 2022 07:02:02 GMT
Date: Thu, 24 Nov 2022 05:05:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: max-age=110935
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:54:05 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 04:18:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2775
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7769
Expires: Thu, 24 Nov 2022 07:14:39 GMT
Date: Thu, 24 Nov 2022 05:05:10 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:05:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XPhcMfnXw6lGBmngEI4VW6/w34C8uSN+Nt3BS4Feef+eXnREyzcDnXgFf9b8NOrvD561YAjRh/w=
x-amz-request-id: 7NQ6YDMP91PY5S9D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 04:43:16 GMT
age: 1314
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.14200 OK 2.9 kB URL HTTP/1.1 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.14:0
File type ASCII text, with very long lines (15017)
Hash 4458a4d76a70cb207bcc34d6bc6f872f
f484b0b1737f7de59ca699e6cc3169d234e8f6a8
0825f8972704bc1b84e30170cd77f5ecde2d6a7dbf9e43be96c6809c2c5228d7
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2902
Connection: keep-alive
Date: Tue, 30 Aug 2022 02:28:13 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:32 GMT
ETag: "4458a4d76a70cb207bcc34d6bc6f872f"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dhuH8Cpdc_YLRgHkUOCTRJpP_0hzLhibWd4rAKDbPUnrJCQWh6w5Nw==
Age: 7439818
builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
54.230.111.14200 OK 2.0 kB URL HTTP/1.1 builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
IP 54.230.111.14:0
File type ASCII text, with very long lines (6270), with no line terminators
Hash 758360a4c8250a0350ab8677cac77c18
7746bff27c8dcbe68388596c1c8365a420df5b37
c0b2abade08b928af1b95e2d2be51df4325bb68bbaa435252e0105ffb0ddca83
GET /published-js/jquery-shims.bundle-aa41391.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1991
Connection: keep-alive
Date: Thu, 01 Sep 2022 01:20:53 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:26 GMT
ETag: "758360a4c8250a0350ab8677cac77c18"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: sk.555KwUlgsW126duQj1Mt5wNtK5cRV
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kfmM-2dwO9O1vfd23zAO1ohafJT5TTYS7ACnqjNWyRjWcK62z9cMJw==
Age: 7271058
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d54e2cd8e1ceab1370f3eca6d1f3f793
6337f404b41c2a8fff1dadb3bf009f971fad469f
367ae1618327ffdfdadb398d5088a44494034c3b6741bb27d2cdba9c9263d8d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2602
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Etag: "637e96bf-116"
Last-Modified: Thu, 24 Nov 2022 04:21:48 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-458254939
142.250.74.168200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-458254939
IP 142.250.74.168:0
File type ASCII text, with very long lines (7857)
Hash eacf0312ef73bd4932205a8a70ff03ab
3f110a2efe4d30a7f0565a6eccb2ba571275a244
0bdf8008cd5d4a8730318b833006eb434ff6b5178cf3f487729dc9395649513d
GET /gtag/js?id=AW-458254939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:05:10 GMT
expires: Thu, 24 Nov 2022 05:05:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-624541243
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-624541243
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 46b267af9b926705263d386a7099a0bc
6dc34f03e91f73365217cdf33bedeb2af9b92cfe
a5cfe63e63c4d1b21c51fdb24c7fb23ca5b11769ce1b999962e71aa06dbe0712
GET /gtag/js?id=AW-624541243 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:05:10 GMT
expires: Thu, 24 Nov 2022 05:05:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
104.21.47.12200 OK 498 kB URL HTTP/2 cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
IP 104.21.47.12:0
File type Unicode text, UTF-8 text, with very long lines (60034), with no line terminators
Size 498 kB (497733 bytes)
Hash 0426397a9b31146729ac86c5be8595d3
953342b7defc23d1c552eba63f42bb915aae90f3
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
GET /proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1 HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:10 GMT
content-type: application/javascript
content-length: 497733
x-amz-id-2: XfamGhBMjZBo/sWrg3mxYdwUMUL0rpYArqF2RUd2t+2nxyqUognVNx+1xnHz8Eg7hGncdCbH6WA=
x-amz-request-id: RVX6E6XRK17ASENB
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "0426397a9b31146729ac86c5be8595d3"
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
cf-cache-status: HIT
age: 50113109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuR%2FHdsg3YhgzH%2Bz6aGplsRe3KoSglwPIkEmvpnO0gc6XDJrN49bwqDp9ZThFaPOuWC0umMG25mPxRIgOYr7hQDO3JuA1qmh97ytCO0hd4Olgm3yV%2B0DVy4Ezgif%2BvPx5FZm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef9baa4b720b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-10838597190
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10838597190
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 69989f28bc035dd93dcb5b98d2afbf93
f7b7bd0ff85a9ae9806630ca578d06fe1473c8b2
7c59efc5fc3af4044ae36963ce9a0911fd3f7e55cfd338e58f5960bb907c370c
GET /gtag/js?id=AW-10838597190 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:05:10 GMT
expires: Thu, 24 Nov 2022 05:05:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-862759327
142.250.74.168200 OK 70 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-862759327
IP 142.250.74.168:0
File type ASCII text, with very long lines (5236)
Hash 6928ad522449a28bcf31607b7c332102
7fdfeb0d8f8d448f47ddfa0276e5c6a171e25772
6029e8e52de9ded5f1b77a2398fb8e125b5172406c3a06fffccf4cde4a103dab
GET /gtag/js?id=AW-862759327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:05:10 GMT
expires: Thu, 24 Nov 2022 05:05:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
151.101.85.131200 OK 12 kB URL HTTP/1.1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
IP 151.101.85.131:0
File type ASCII text, with very long lines (11879), with no line terminators
Hash b08aad2ef1dfef1576d4cbddd3ddd8fd
25e799f9b661b4cb2bd3c8c70455d1c928caa2d7
af8e0cdb45f6d957d59370dd3bbc96e2b3808be1c264569338784e4010d3ae10
GET / HTTP/1.1
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Type: application/json
x-amz-apigw-id: cFw9FFWXjoEFcuA=
X-Amz-Cf-Pop: ARN56-P2
X-Backend-Region: eu_west_1
Date: Thu, 24 Nov 2022 05:05:10 GMT
Age: 0
X-Cache: Miss from cloudfront, MISS
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, must-revalidate
Vary: Accept-Encoding, Referer
ETag: c1a25e1d6816d6d62e7914c952b1818c-v0.179.2
transfer-encoding: chunked
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fedf02e02822f274551679adbe9f25fe
c7c7d2af70819668e8d7f508c1a5c372b83a903d
0a5fb597e01a3320f2fe2ab2be224712bb09b9169530cc5adacd2d17a3db807d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A5FB597E01A3320F2FE2AB2BE224712BB09B9169530CC5ADACD2D17A3DB807D"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1639
Expires: Thu, 24 Nov 2022 05:32:29 GMT
Date: Thu, 24 Nov 2022 05:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 753477ed3266064347eede3f9180e2ac
036099020a988b15f1392c7fd3e4d9d919cc29de
31e19818169a6317c288131fadf40bd671aa7acfc5559943b6dde9e3681d4b52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31E19818169A6317C288131FADF40BD671AA7ACFC5559943B6DDE9E3681D4B52"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3848
Expires: Thu, 24 Nov 2022 06:09:18 GMT
Date: Thu, 24 Nov 2022 05:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50e18bc3c320590115d0a70f1cfd914d
9b177aa986e68e2a24f3381976b75cbbd1b80724
f79a562cb32fa803f6f4635b25d9232213b59bf432cdfabbe4fda914cc04eb51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F79A562CB32FA803F6F4635B25D9232213B59BF432CDFABBE4FDA914CC04EB51"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1675
Expires: Thu, 24 Nov 2022 05:33:05 GMT
Date: Thu, 24 Nov 2022 05:05:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
54.196.21.139200 OK 251 B URL HTTP/2 store.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
IP 54.196.21.139:0
File type ASCII text, with CRLF line terminators
Hash e6735c6f608ee64c784286185e5ec194
fc90f684a019712ed8bba84418bd7aee5e691bb9
5a74dbf85d18206e84e65be38b869a0a2cc8bc71ac8adeb26321ccc5ef1411e2
GET /cgi-bin/UCInvisibleLink?merchantId=UPWEL HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:11 GMT
content-type: text/javascript; charset=utf-8
content-length: 251
set-cookie: AWSALB=nrQgDUHoJyxCbkkwXZB6DFILWxiRuw3Vq8jjKAJVZZGxs6y0Yw6emqM++t1g6SssA1bAKnHnlXtNmbVjAb4oTd2itMt/mDKEGXVMbUdu22Lyb98msYBK+ABEhyG2; Expires=Thu, 01 Dec 2022 05:05:10 GMT; Path=/
AWSALBCORS=nrQgDUHoJyxCbkkwXZB6DFILWxiRuw3Vq8jjKAJVZZGxs6y0Yw6emqM++t1g6SssA1bAKnHnlXtNmbVjAb4oTd2itMt/mDKEGXVMbUdu22Lyb98msYBK+ABEhyG2; Expires=Thu, 01 Dec 2022 05:05:10 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
54.196.21.139200 OK 744 B URL HTTP/2 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
IP 54.196.21.139:0
File type ASCII text, with CRLF line terminators
Hash 3110f39a7f2fe9edef25454e9b7a57c2
273c540727af9f5f57cf7f0164d8eb43c56c1b71
b6591997ffdba5b81c1af7fa96a8f6cf26597eb4046d64f91301eb1000a54853
GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:11 GMT
content-type: text/javascript; charset=utf-8
content-length: 744
set-cookie: AWSALB=9CCFjakaBSuRtJcx3Ba6ThfLJ6fYy0aZmrpUHh+6kyRlqEZdN3ZuZRsXn3yF+wgEPovirhNegY5Hhme2D8u3RgNUAhtdLjbxA5pCFPKvNcK805I1Uo0xMhfpQTaE; Expires=Thu, 01 Dec 2022 05:05:10 GMT; Path=/
AWSALBCORS=9CCFjakaBSuRtJcx3Ba6ThfLJ6fYy0aZmrpUHh+6kyRlqEZdN3ZuZRsXn3yF+wgEPovirhNegY5Hhme2D8u3RgNUAhtdLjbxA5pCFPKvNcK805I1Uo0xMhfpQTaE; Expires=Thu, 01 Dec 2022 05:05:10 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash d02dfe24b0202f2dfd0e9c7f9c0ac39c
2b1726db6a478ba4be534962023d6ea040ef97f2
e5c8e22666f4a56b30ee24e7ac6e67398c2dcaf3a4a5b290389ab4356d110694
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120642
Date: Thu, 24 Nov 2022 05:05:11 GMT
Etag: "637e24d1-1d7"
Expires: Fri, 25 Nov 2022 14:35:53 GMT
Last-Modified: Wed, 23 Nov 2022 13:49:05 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IvsjBUjcpgEdeLxp5TFidfTT5el1pO7ik36fW3YDME_55kruaPxzTA==
Age: 2808
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 3240
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4421
Cache-Control: max-age=105323
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:11 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:20:34 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
live.upwellness.com/services/scripts/jquery/jquery.min.js
3.93.168.254200 OK 31 kB URL HTTP/2 live.upwellness.com/services/scripts/jquery/jquery.min.js
IP 3.93.168.254:0
File type ASCII text, with very long lines (65451)
Hash 346421de1b2d0b42b9098297df9b0287
718304242a080db4faa40313fb2bae89834b4ae4
a43ae26ba6234159413f4434bfd25a77c0c2c0324bf9a52cdadfa741c636f2b2
GET /services/scripts/jquery/jquery.min.js HTTP/1.1
Host: live.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:05:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Sep 2022 09:48:00 GMT
vary: Accept-Encoding
etag: W/"63298c50-15d84"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
52.218.133.33200 OK 28 kB URL HTTP/1.1 lq3-production01.s3.amazonaws.com/lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js
IP 52.218.133.33:0
File type ASCII text, with very long lines (28306), with no line terminators
Hash bf8c92f4a904bf7ccb9db7e40b62f0ad
735ec2ef8e292a12edeb7c73fd7aef4a69366e07
8bd55783c0aca7aa373d3a4b2376241642237874208def4a8425fa00b26e80a4
GET /lead_quizzes_3.0/tracking/js/properties/yauvnbjuvs5jog.js HTTP/1.1
Host: lq3-production01.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: G17GBwAFAw1secQ7kkxWOHRy1HLW8vtukEVigzo6UtO1CUiqj9ZGYS/MiRZSYsoAHesCb2SIRF0=
x-amz-request-id: XP0HCFCTDBXB1KM9
Date: Thu, 24 Nov 2022 05:05:12 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 06 Oct 2022 10:31:27 GMT
ETag: "b7077df2940f510c81e6397ff9820c3e-1"
Cache-Control: no-cache
Expires: 0
x-amz-version-id: zFhGAhdmW2dU3vn822lWyH7TXQcD4SE8
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 28306
store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.28882258759552626&r=&u=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
54.196.21.139200 OK 0 B URL HTTP/1.1 store.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.28882258759552626&r=&u=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
IP 54.196.21.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/UCAffiliateNetworkPixel?t=0.28882258759552626&r=&u=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2 HTTP/1.1
Host: store.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Cookie: ubvt=7563ca6f-efd7-4840-9415-a9cc3c3bca48; AWSALB=3QtEb2ch3k4uYLLQ0GpVDDCrP1qxJM5XPB9N/mb4ZmdEk1PRwbjH0Fl3vSs83/2gtdlEmPmOUlECpLJ77h95kcT9NLu75Yxlxt1SBoRkkECjQdCFspWycy+j1jWC; UltraCartShoppingCartID=67854DC404A7D80184A806886A1FB500; ucacid=256011925.039973; ucacid=256011925.039973; JSESSIONID=abc-UJyVRYRNapJzloCu6; LBJSESSIONID=abc-UJyVRYRNapJzloCu6.n223
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:05:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=/qpxor7H30bx9NzB3oUPr8Vy0qahNLkcmpSmOmpt03buuQFUUSRloL+xH/4TMVeRAMh+7vB5h9UZOeHqkKTfWSa9OyIIqadArwEKh6BljJhc9uLBZFCLMWWe+uKj; Expires=Thu, 01 Dec 2022 05:05:11 GMT; Path=/
AWSALBCORS=/qpxor7H30bx9NzB3oUPr8Vy0qahNLkcmpSmOmpt03buuQFUUSRloL+xH/4TMVeRAMh+7vB5h9UZOeHqkKTfWSa9OyIIqadArwEKh6BljJhc9uLBZFCLMWWe+uKj; Expires=Thu, 01 Dec 2022 05:05:11 GMT; Path=/; SameSite=None
UPWEL-ANP=6141; domain=store.upwellness.com; path=/; expires=Fri, 24-Nov-2023 05:05:11 GMT; HttpOnly
Server: Apache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6l0KVO7Nlja4qlkFr2wLWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u/ZnRYrmud9bLx0pcx8LIyIH4LI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 87fdc18fdfda2faf62246f4de4ce67bd
239c4cc5a9e314a95120e3a032aaf0c3580bbae8
b70c6aefed53103999fa830a20fc3c629a5f7272318b4cce4436a729d482f1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B70C6AEFED53103999FA830A20FC3C629A5F7272318B4CCE4436A729D482F1FE"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7589
Expires: Thu, 24 Nov 2022 07:11:40 GMT
Date: Thu, 24 Nov 2022 05:05:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash e2fc4405736f30737b9c77b7997ce5c9
6519def4d44564ceaaa245cb49c5bb8dc5a96980
eb1bf715712587d22acab53c518621af63aa2fbd87b67a834ea6c6016025718a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99805
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:11 GMT
Etag: "637dde64-2d7"
Expires: Fri, 25 Nov 2022 08:48:36 GMT
Last-Modified: Wed, 23 Nov 2022 08:48:36 GMT
Server: nginx
Content-Length: 727
h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
52.205.62.94200 OK 49 B URL HTTP/1.1 h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
IP 52.205.62.94:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1467ad668080ed4ab50a1408a712cdcc
e0e5faa2d11a93edc33ee27f07885e0dd48110b4
7d7d1c1b75be5d8b716b9c137e025932f6f2e8391c978f08620b6ad892775096
GET /v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking HTTP/1.1
Host: h.upwellnessfeed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 24 Nov 2022 05:05:11 GMT
Content-Type: text/plain;charset=utf-8
Content-Length: 49
Connection: keep-alive
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Front-End-Https: off
www.thealternativedaily.com/wp-content/uploads/2016/07/getmyscorebtn.jpg
23.23.204.175200 OK 6.0 kB URL HTTP/2 www.thealternativedaily.com/wp-content/uploads/2016/07/getmyscorebtn.jpg
IP 23.23.204.175:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 289x59, components 3\012- data
Hash b2eac170298e451424d2b6abc47e2111
3e9fa9dd5501979e451fae80859c932582351927
008a49b472b118119bb608c77a2548e473338a1ebcba56942253a6c056b8c1aa
GET /wp-content/uploads/2016/07/getmyscorebtn.jpg HTTP/1.1
Host: www.thealternativedaily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:11 GMT
content-type: image/jpeg
content-length: 5953
server: Pagely-ARES/1.10.15
x-gateway-request-id: 2e41f5d2bb85d4480c2eb7a6b9a5bd28
last-modified: Fri, 23 Sep 2022 21:18:49 GMT
etag: "1741-5e95eb9628cbb"
expires: Fri, 23 Dec 2022 08:04:05 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.thealternativedaily.com|||/wp-content/uploads/2016/07/getmyscorebtn.jpg
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 05c4af622be1226c15bb6bb6f6f431d6
d23c989df550993820675156521b59cf2c20e9ed
b69240f438f7b8cd110c7b60a29b4a2cd9dc00199262c398b68198f7a4c1fb52
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156681
Date: Thu, 24 Nov 2022 05:05:11 GMT
Etag: "637ea784-1d7"
Expires: Sat, 26 Nov 2022 00:36:32 GMT
Last-Modified: Wed, 23 Nov 2022 23:06:44 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gUlZftVHnzUBGyy-2ZTAylvf8N6DyNBv3g2vPiQ5t1fqj8nkIJH_Sg==
Age: 5388
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 3d4d2030c51392799b52bfe5e9e6e573
e0ddad082f280562e02188fbd8db7402ae5f28d6
e3ae19f2cd8dfa140f3e396676e2a27f8fa3bb21c86150530dc4d4ee380f3927
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141324
Date: Thu, 24 Nov 2022 05:05:12 GMT
Etag: "637e6b06-1d7"
Expires: Fri, 25 Nov 2022 20:20:36 GMT
Last-Modified: Wed, 23 Nov 2022 18:48:38 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t1-XkBUrVPo1SmUchGiT9SxrtjcxMnLhdq12ICwET5hTFtvxUCAijg==
Age: 5518
cdn.useproof.com/proxy/index.html
104.21.47.12200 OK 325 B URL HTTP/2 cdn.useproof.com/proxy/index.html
IP 104.21.47.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash f92252b1f21fd30ac52b59395971ecdb
ecb588481454091dcfea3c925c83577425497626
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
GET /proxy/index.html HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:12 GMT
content-type: text/html
content-length: 325
x-amz-id-2: EdZcjMyQkZPPJWRBgaF75Ls08R0/QU7tnipz6AWaCSaKnTo+SEemf45Ipp77AMdf6J8Cdmvi/Ho=
x-amz-request-id: TYRH7R4J8K04DMTY
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Clr%2BeNdxhJ%2F%2BmNZnMi%2BDYUSiwyByjLh2jkMteZhzBoKv%2BtjG%2F8Ao8O7NVjFuOM1kp4sbtzOgdMy2zhppCPVJdnIDJsjoJALIUB0lxcM3RITJGOpe8ZmACplBGRboSW4s5z2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb0de010b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.useproof.com/proxy/proxy.js
104.21.47.12200 OK 114 kB URL HTTP/2 cdn.useproof.com/proxy/proxy.js
IP 104.21.47.12:0
File type Unicode text, UTF-8 text, with very long lines (65514), with no line terminators
Size 114 kB (114404 bytes)
Hash 9f4d60f4f2b143cadacb2b8b3a901401
8c25b07f5122f9875920498c20ede6045320f479
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
GET /proxy/proxy.js HTTP/1.1
Host: cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/proxy/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:12 GMT
content-type: application/javascript
content-length: 114404
cache-control: public, max-age=315360000, no-transform
cf-bgj: minify
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
x-amz-id-2: yoAjzcyRlZUSIcodHaLndl6c776jIrkHPBSIgiDtxS12xvdyq2MKSDzEETmCnivt0ELZRmo4dWc=
x-amz-request-id: YH3Z1CT1HCFY0HSJ
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
cf-cache-status: HIT
age: 48912610
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r77U9GVlsDjAp1mGwhe2%2BqEdRYUUzdhHq89YSfhBSZIEv1HInLEIRY4WtBvU%2FYQD3zU356WOMUxUV4oWM%2FMzSyG1GuYqkzGZUKYy7vjKyTYdD0iNtkqQDOKTakpCUhDpqnOt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef9bb3ff2c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/4.5.0/firebase.js
142.250.74.163200 OK 116 kB URL HTTP/2 www.gstatic.com/firebasejs/4.5.0/firebase.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (16738)
Size 116 kB (116073 bytes)
Hash 0ff319bf584fbc1049438249c206242d
2adccf821c87d51efbc577cc3f091d6f254f0a35
2571c05e9c76a275e38235dc4b7256c971cccd9c1a40367b8d2f8fc9a14b4efb
GET /firebasejs/4.5.0/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 116073
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:31:51 GMT
expires: Thu, 23 Nov 2023 08:31:51 GMT
cache-control: public, max-age=31536000
age: 74001
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&ndclid=&rf=&sem=&tm=0
44.226.57.100204 No Content 0 B URL HTTP/2 flask.nextdoor.com/pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&ndclid=&rf=&sem=&tm=0
IP 44.226.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=77b5f184-78b6-4a8f-8547-6b081e5774db&ev=PAGE_VIEW&pl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&ndclid=&rf=&sem=&tm=0 HTTP/1.1
Host: flask.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 05:05:12 GMT
server: istio-envoy
context-id: b74c93df-12c8-485e-88de-6c491deee2c0
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css
52.92.130.248200 OK 4.8 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css
IP 52.92.130.248:0
File type Unicode text, UTF-8 text, with very long lines (4780), with no line terminators
Hash 3ef6a357ce69dfdbd0fc95cd908b7211
069e499e6cb0cfd87a63d6efd03ed45e0ee72c78
189d627cc048280c5d155a07a318138f662df0d1ffced3eb687024f5345175a4
GET /lq3-production01/lead_quizzes_3.0/tracking/css/global-tracking.css HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OWDgYuf66/F+tiZiFg4FiFXvuRn9FsZ2ISX8vSn1lMnN/zHFU+rOJ6xcEz2Fmh9BuCFmTUaXZIU=
x-amz-request-id: TYRSGP7Y5WW6F0MK
Date: Thu, 24 Nov 2022 05:05:13 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 11 Apr 2022 15:45:24 GMT
ETag: "3ef6a357ce69dfdbd0fc95cd908b7211"
Expires: 1970-01-01T00:00:00.000Z
x-amz-version-id: .zZcEAkgY2IsHf8uyG3CwBul3v9vUK1V
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 4781
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
54.230.111.14200 OK 34 kB URL HTTP/1.1 builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
IP 54.230.111.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1825a0c47b2e38b6cf30a4072987bce1
1710545a9d62ae8aaf4b1dd415ffd910df671839
0b4478d998fd8dc7dd45411ac1d80c70e89194ec993a6ef4c53676ba92ab1282
GET /published-js/main.bundle-384ff03.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 33495
Connection: keep-alive
Date: Tue, 30 Aug 2022 01:41:30 GMT
Last-Modified: Mon, 04 Jul 2022 16:47:26 GMT
ETag: "1825a0c47b2e38b6cf30a4072987bce1"
Cache-Control: max-age=31536000
Content-Encoding: gzip
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: frdFX5m2WeGc2x4cMqFa8P7fVl-5UAvRyy7LZNS7F6n9N2DXxFhs3Q==
Age: 7442623
b-code.liadm.com/a-057g.min.js
143.204.55.112200 OK 11 kB URL HTTP/1.1 b-code.liadm.com/a-057g.min.js
IP 143.204.55.112:0
File type Unicode text, UTF-8 text, with very long lines (30660)
Hash 3bdfe2b549bbfa5b5dce1937218d8b36
b9f8d4fe4733852e7c5f081ad4b404d9a35d7412
531e882dd4fcfc78b565e45eaf28a56282b9107faaf5dc37f6bd8d06176a3ab2
GET /a-057g.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 23 Nov 2022 06:48:22 GMT
Cache-Control: "public, max-age=86400"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sSnMBccFsEwjiiHHlXHuK7ileia1gR4skYImn_FBLZuWnyU-chBoAA==
Age: 80210
d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
54.230.111.39200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
IP 54.230.111.39:0
Hash f6420c864830b5860bfaadd47a2bb21b
935d2ed35f43eb0f1aea9b0642df0d7f4770def7
6f36d2d4b4b9df950fd0dd0d57e0eacb7c4217e8086b4ef940cbd6e526930462
GET /ub.js?1618514269 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1856
date: Mon, 29 Aug 2022 01:57:45 GMT
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
etag: "f6420c864830b5860bfaadd47a2bb21b"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dPVfS4_Uo9VUDzLcFyMQNSompphcPagpbwn8fkHaMXtbQV86F1NcHg==
age: 7528048
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 24 Nov 2022 05:25:12 GMT
Date: Thu, 24 Nov 2022 05:05:12 GMT
Content-Length: 5276
Connection: keep-alive
ads.nextdoor.com/public/pixel/ndp.js
44.226.57.100200 OK 14 kB URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP 44.226.57.100:0
File type Unicode text, UTF-8 text, with very long lines (45606), with no line terminators
Hash ec9227b8978c34434799b9711221c655
96aea19b0cc94f158e737fc6fe38665de311f3af
d52f9d9b128a61a37ea7a67559fd3ae3c79bac108017a45a63915d67e752070a
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:12 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Mon, 21 Nov 2022 21:46:16 GMT
vary: Accept-Encoding
etag: W/"637bf1a8-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 04:41:08 GMT
expires: Thu, 24 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 1444
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Last-Modified: Thu, 24 Nov 2022 03:52:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.1 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1669266311841&cv=11&fst=1669266311841&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1669266311841&cv=11&fst=1669266311841&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2251), with no line terminators
Hash 8ca4d8f8a3bc119800049024c8a34086
d23f9f65678ec1eb30b8acbd03be02594c15fbbc
166522d4fd1728bef5175704e42a0fd8de525309db1f8305e9e0b893161e9c42
GET /pagead/viewthroughconversion/675938688/?random=1669266311841&cv=11&fst=1669266311841&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 05:20:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1669266311691&cv=11&fst=1669266311691&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 972 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/624541243/?random=1669266311691&cv=11&fst=1669266311691&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2251), with no line terminators
Hash e9847ab1a998fbe41f7fe1d33a189f68
5750e0ca1d1959da77a7f30fc1951b21389e5c8c
59e056508373171193ab5b4bf25fc13f43eadadf72d1addef74c62c5d397cd83
GET /pagead/viewthroughconversion/624541243/?random=1669266311691&cv=11&fst=1669266311691&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 972
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 05:20:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Avj1IhT9XHzUGjKke+wa+bhcYEVHUFdKNzn8zYZ9QMmeI2idE/H8Ue7CPsDUPf+FdGT3MCZJ9Ysp26GspH1CXw==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:05:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669266311751&cv=11&fst=1669266311751&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 973 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1669266311751&cv=11&fst=1669266311751&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2249), with no line terminators
Hash 29ca5d3e2d37f435aad6fd20e84ac4d9
0f42f6168b43a1249fe6372e9b3875e484e2767b
9b2589698f34e979c00cfa0fcd1ab97f03e65664d2ff6c1af4744bdb4e66fec4
GET /pagead/viewthroughconversion/862759327/?random=1669266311751&cv=11&fst=1669266311751&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 973
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 05:20:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1669266311730&cv=11&fst=1669266311730&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/458254939/?random=1669266311730&cv=11&fst=1669266311730&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2249), with no line terminators
Hash 4b6a6aff7b75e92f0deb4643caa863fb
99f9c8afc72837b2b4c1e112f9ed78f9a6391608
3a1a55d75c1027bbb84cec40ec5fbc1bd051b9de9cbec059cc459c2c87837031
GET /pagead/viewthroughconversion/458254939/?random=1669266311730&cv=11&fst=1669266311730&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 05:20:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1d84743ed168f384392a0ca190509a9c
f0652f26c7a363073fa32b234be6dddd571d2829
216be66351922bd99025dbacb92fd779984bd27a3939a3adfcf609d2a9cda9dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99816
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Etag: "637dde70-116"
Expires: Fri, 25 Nov 2022 08:48:48 GMT
Last-Modified: Wed, 23 Nov 2022 08:48:48 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1d84743ed168f384392a0ca190509a9c
f0652f26c7a363073fa32b234be6dddd571d2829
216be66351922bd99025dbacb92fd779984bd27a3939a3adfcf609d2a9cda9dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=99816
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Etag: "637dde70-116"
Expires: Fri, 25 Nov 2022 08:48:48 GMT
Last-Modified: Wed, 23 Nov 2022 08:48:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1669266311706&cv=11&fst=1669266311706&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.162200 OK 977 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10838597190/?random=1669266311706&cv=11&fst=1669266311706&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2255), with no line terminators
Hash 172375cee1b04bec45a4bcb43a014bdc
a48d813ad1dea84271616858e08a9f232d37a2d2
e02edfd33f16551803de70e813580ff23fb93d64abb3133f818bee6504ae9b7a
GET /pagead/viewthroughconversion/10838597190/?random=1669266311706&cv=11&fst=1669266311706&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&auid=314958094.1669266312&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 977
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 05:20:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1225872/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/1.1 cdn.taboola.com/libtrc/unip/1225872/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58488)
Hash cba749de2564af41c25142b52b1a9254
e089b2dc346c754fa6e5e0e50a0345ea18451ba9
e6e99427e313b68c6d3f27864a13a23169f5fbee3f59d2f78bd097df5982864c
GET /libtrc/unip/1225872/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17946
x-amz-id-2: qpT2YeNsswasDSXp4oIEw2V6wynzthrbYTOC8bhFiL4qCH6hg/qqHSFkKTZ/Zrxf7zlOUwqUpsU=
x-amz-request-id: 33PYZ55ZGB9SHA15
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 20 Nov 2022 11:20:49 GMT
ETag: "529c36a298268cdab3b94c05d8d39bfc"
x-amz-version-id: 1ISsJshg78FFwoPyGORj_DGaRAfZZEpP
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Thu, 24 Nov 2022 05:05:12 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1681-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1669266313.575406,VS0,VE204
Cache-Control: private,max-age=14401
Vary: Accept-Encoding
abp: 15
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Last-Modified: Thu, 24 Nov 2022 03:52:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:05:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:51 GMT
age: 25101
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 25554
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.js.customerlabs.co/cl4975ot4arrr6.js
143.204.42.24200 OK 7.5 kB URL HTTP/1.1 cdn.js.customerlabs.co/cl4975ot4arrr6.js
IP 143.204.42.24:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /cl4975ot4arrr6.js HTTP/1.1
Host: cdn.js.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 191202
Connection: keep-alive
Date: Thu, 24 Nov 2022 05:05:13 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
Access-Control-Expose-Headers: ETag, x-amz-meta-custom-header
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 21 Nov 2022 21:23:13 GMT
ETag: "9bc0790bc835c816132d6d632d1fe678"
Cache-Control: max-age=60
x-amz-version-id: C1DASnfA0sWthFzaWaR0QLMU9MXInfPn
Accept-Ranges: bytes
Server: AmazonS3
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: icaJfi3Eob3yFGqEflEYFwcCOKUuYo_R7v6tOytooVmOTyPBtSWyOg==
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:04 GMT
age: 26168
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34bb0e5fa5833e8a7b4d0a69564e6257
44df77bd8988136e44abd3cbead7404417a1d9e2
397ee078a4d76a1274959075c6f875a6f9ee61cce732327dddc0140816ee676d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "397EE078A4D76A1274959075C6F875A6F9EE61CCE732327DDDC0140816EE676D"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=998
Expires: Thu, 24 Nov 2022 05:21:50 GMT
Date: Thu, 24 Nov 2022 05:05:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:05:12 GMT
Connection: keep-alive
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:40:39 GMT
expires: Fri, 17 Nov 2023 21:40:39 GMT
cache-control: public, max-age=31536000
age: 545073
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:05:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 34bb0e5fa5833e8a7b4d0a69564e6257
44df77bd8988136e44abd3cbead7404417a1d9e2
397ee078a4d76a1274959075c6f875a6f9ee61cce732327dddc0140816ee676d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "397EE078A4D76A1274959075C6F875A6F9EE61CCE732327DDDC0140816EE676D"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14133
Expires: Thu, 24 Nov 2022 09:00:45 GMT
Date: Thu, 24 Nov 2022 05:05:12 GMT
Connection: keep-alive
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:49:28 GMT
expires: Thu, 23 Nov 2023 21:49:28 GMT
cache-control: public, max-age=31536000
age: 26144
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash eaf55d1d3b7c4a30203d2d5226c49b6d
11b63b740965603ef544f261ef036d24e6bb1fb5
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
GET /s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:28:19 GMT
expires: Thu, 23 Nov 2023 19:28:19 GMT
cache-control: public, max-age=31536000
age: 34613
last-modified: Wed, 27 Apr 2022 16:19:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:14:57 GMT
expires: Wed, 22 Nov 2023 17:14:57 GMT
cache-control: public, max-age=31536000
age: 129015
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 129291
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
104.26.8.162204 No Content 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
IP 104.26.8.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/tracking/property/the-alternative-daily/save HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://pages.upwellness.com/
Origin: http://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 05:05:12 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFaTlquRkB9SZRMxE8rE9j2xo5FtktSrs3CjY3wvBJyv7zB5GuT1HnxGAjrt7oVdhVBntpXUWjalgUa8F0gl4n2RQ2mufyq41SoHsmn%2FZZXb2ToC9DQ8%2FjamGLpgSKMoa3g1eeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb6ebb8b509-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:22:09 GMT
age: 78183
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
104.26.8.162204 No Content 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
IP 104.26.8.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/tracking/property/the-alternative-daily/website-popup HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://pages.upwellness.com/
Origin: http://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 05:05:12 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5ynuUzvSPqo6qwTYmweSqd3cKJDL5bQr6snryXqt5MxzbWNPeTghaOjtPqIRcKIIS8YU0d86Whp0RJSoPF0Kd8Voi%2Bd%2FUuDb4lotD8iMUcYP5Rk2TYQLhGUpKmDAUF9tYTcObU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb6ebb9b509-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0dfc05d73111c498bb0e844105a02f6
10a988580bb7a1be72be5dd50d2aef9789f36b62
3852f331fe12a0a8e6007409f043da6aabadbb8f2883e87ae72ca8d70d31727f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10667
x-amzn-requestid: 985ed1c6-49ed-4851-8a79-f700bbe027c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsGkSIAMFvDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-260dc99256e117e85643b441;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _fs5EfJzWkPQB-Ur7_YVmCHySMj_WXiHUCK8w2nWYvrJSkDaquq37g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:50:57 GMT
etag: "10a988580bb7a1be72be5dd50d2aef9789f36b62"
content-type: image/jpeg
age: 26055
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
23.23.204.175200 OK 8.6 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
IP 23.23.204.175:0
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash b5dc3661602dcf8810766c01556df41b
a84687898568cf8ae0ba6c4b35886b3ee4dfbd17
91e84a8da7499abc9388eed1192e8363c8dfe07e28e6300c69ee25be1a4eb994
GET /wp-content/uploads/2016/08/apple-touch-icon-144x144.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:12 GMT
content-type: image/png
content-length: 8622
server: Pagely-ARES/1.10.15
x-gateway-request-id: e18ae72d0d4f04dd022e78e303f9cfd8
last-modified: Fri, 23 Sep 2022 23:01:07 GMT
etag: "21ae-5e960272eb24c"
expires: Wed, 21 Dec 2022 08:04:16 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2016/08/apple-touch-icon-144x144.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
23.23.204.175200 OK 18 kB URL HTTP/2 www.upwellness.com/wp-content/uploads/2015/10/favicon-152.png
IP 23.23.204.175:0
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash d094840fd6b5b489b25f18a22a493822
29a59e8c0250e81421609d5c7c25f20776fdaa4a
c0647c9ef6024399a19f5043445d5063bf899fcae9d33d64bb3b8b2708d28421
GET /wp-content/uploads/2015/10/favicon-152.png HTTP/1.1
Host: www.upwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: image/png
content-length: 18176
server: Pagely-ARES/1.10.15
x-gateway-request-id: 3a8c6f55164123bb113628a5914ce111
last-modified: Fri, 23 Sep 2022 23:00:59 GMT
etag: "4700-5e96026c123c4"
expires: Wed, 21 Dec 2022 08:04:16 GMT
cache-control: max-age=2592000
x-gateway-cache-key: 0||https|www.upwellness.com|||/wp-content/uploads/2015/10/favicon-152.png
x-gateway-cache-status: HIT
x-gateway-skip-cache: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
54.230.111.39200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP 54.230.111.39:0
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Wed, 31 Aug 2022 03:46:21 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b3DWRol_Qy6Fbt89sOgKm7ICrwDcdh9KLV9COTlUC9paG80ktI-0uQ==
age: 7348732
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
54.230.245.21200 OK 7.6 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg
IP 54.230.245.21:0
File type JPEG image data, baseline, precision 8, 216x216, components 3\012- data
Hash e3f1dbb540892e17d5db8c78f7d25dac
182caca2f4ac3187480a2f31944cf9866846b144
cddbd04fb6a2bc681de9bd4558b7062169322c73e095466a592152ea9e6fad8f
GET /pages.upwellness.com/inflammation-quiz/a9e28f4e-meetthedoctor-josh-01-1_106j08a06006000000601o.jpg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 7563
Connection: keep-alive
Date: Wed, 09 Nov 2022 14:34:49 GMT
Last-Modified: Wed, 09 Nov 2022 10:47:21 GMT
ETag: "e3f1dbb540892e17d5db8c78f7d25dac"
Cache-Control: max-age=31557600
x-amz-version-id: tTiRn0cWmt8FCcq8iYNxVydurx3yu0HI
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hpl6YQOVcvHPQ3wiUppVeiHNYX-D-q8faKuaQWKZ5m76hMdwg_YzDg==
Age: 1261825
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
54.230.245.21200 OK 3.0 kB URL HTTP/1.1 d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/inflammation-quiz/5ba00849-whiteupwellnesslogo_105d027000000000000028.png
IP 54.230.245.21:0
File type PNG image data, 193 x 79, 8-bit colormap, non-interlaced\012- data
Hash 88263fec2db483b6e115f831a65022a9
590c662dd75e717c6fdb22b3cf96a7516fd8117b
b9e0c749babae72a68409ddb333e46a70bedad02c976fc1b2dcf176be530fdc8
GET /pages.upwellness.com/inflammation-quiz/5ba00849-whiteupwellnesslogo_105d027000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2981
Connection: keep-alive
Date: Thu, 08 Sep 2022 14:06:32 GMT
Last-Modified: Wed, 24 Aug 2022 14:45:52 GMT
ETag: "88263fec2db483b6e115f831a65022a9"
Cache-Control: max-age=31557600
x-amz-version-id: iSYdNSU8oImuZrC9XHqMx5_63P2O.55i
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yQdWd3tiUEfUbvfCd1X_sBiivAN_SMzJejYtVqdBi9Uf13oX2KmqLw==
Age: 6620322
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fcde710e9043bc4502e7505006104d6a
da75e0a33cc84cc814597ac091426d82531ddac1
d71a55b0cf26c9fa1b90aa9dade3bfa0de603947c95d0d81f182e92a60be2242
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2597
Cache-Control: max-age=156783
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Etag: "637eb2d3-116"
Expires: Sat, 26 Nov 2022 00:38:16 GMT
Last-Modified: Wed, 23 Nov 2022 23:54:59 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 278
s.pinimg.com/ct/lib/main.9a94ee76.js
23.38.200.197200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=27015508&Ver=2&mid=165d7c87-37b8-431b-9505-b52affb2d3dc&sid=93662f106bb511edbdd3377b26ff9278&vid=93663e106bb511edaeff2df3b955db5e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&r=<=1688&evt=pageLoad&sv=1&rn=675612
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27015508&Ver=2&mid=165d7c87-37b8-431b-9505-b52affb2d3dc&sid=93662f106bb511edbdd3377b26ff9278&vid=93663e106bb511edaeff2df3b955db5e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&r=<=1688&evt=pageLoad&sv=1&rn=675612
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27015508&Ver=2&mid=165d7c87-37b8-431b-9505-b52affb2d3dc&sid=93662f106bb511edbdd3377b26ff9278&vid=93663e106bb511edaeff2df3b955db5e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&r=<=1688&evt=pageLoad&sv=1&rn=675612 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=366962BC19EF62F135C770DA181A63C9; domain=.bing.com; expires=Tue, 19-Dec-2023 05:05:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC2A44E4595545E78F2FAF7AE9822C42 Ref B: OSL30EDGE0216 Ref C: 2022-11-24T05:05:13Z
date: Thu, 24 Nov 2022 05:05:13 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/624541243/?random=1669266311691&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3010243128&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/624541243/?random=1669266311691&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3010243128&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1669266311691&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3010243128&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/624541243/?random=1669266311691&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3010243128&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/624541243/?random=1669266311691&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3010243128&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/624541243/?random=1669266311691&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3010243128&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/675938688/?random=1669266311841&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3093490607&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/675938688/?random=1669266311841&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3093490607&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1669266311841&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3093490607&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
104.26.8.162204 No Content 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
IP 104.26.8.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/tracking/property/the-alternative-daily/announcement-bar HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://pages.upwellness.com/
Origin: http://pages.upwellness.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 24 Nov 2022 05:05:13 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7oDR8A1O5I9%2FinmitbkqWbQNgBj03ZBILFiLIzpx8%2Bq1Yu9FqYeWKdPt8aDlclb%2F3n3%2BZDLZqtSHIR6PRIFWOjtKidPVIngkfsGrAF7cnvShEu7nzf6V6agpoiDNXQgRmDYryk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb9ad99b509-OSL
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10838597190/?random=1669266311706&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1023900254&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10838597190/?random=1669266311706&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1023900254&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1669266311706&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1023900254&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/458254939/?random=1669266311730&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=479734685&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/458254939/?random=1669266311730&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=479734685&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1669266311730&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=479734685&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10838597190/?random=1669266311706&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1023900254&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10838597190/?random=1669266311706&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1023900254&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10838597190/?random=1669266311706&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1023900254&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1184755127.1669266313&jid=452133994&gjid=2025487313&_gid=2082673397.1669266313&_u=YGBAiEABBAAAAEAAI~&z=429202469
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1184755127.1669266313&jid=452133994&gjid=2025487313&_gid=2082673397.1669266313&_u=YGBAiEABBAAAAEAAI~&z=429202469
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28307243-3&cid=1184755127.1669266313&jid=452133994&gjid=2025487313&_gid=2082673397.1669266313&_u=YGBAiEABBAAAAEAAI~&z=429202469 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://pages.upwellness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/862759327/?random=1669266311751&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=994235520&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/862759327/?random=1669266311751&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=994235520&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1669266311751&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=994235520&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/458254939/?random=1669266311730&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=479734685&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/458254939/?random=1669266311730&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=479734685&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/458254939/?random=1669266311730&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=479734685&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
64.202.112.223200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
IP 64.202.112.223:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:05:13 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 3eb00c3345fb16e98fb9b1660ce11d96
content-encoding: gzip
www.google.com/pagead/1p-user-list/862759327/?random=1669266311751&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=994235520&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/862759327/?random=1669266311751&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=994235520&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/862759327/?random=1669266311751&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=994235520&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 87 kB IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash 2e18f7196166c5abcf221e83d7bd7dba
405e9213b956c5d24bf492d65f351168e0cf0ffd
d33c025cd8e7c4ecb55e89e445b87ef6d3a7f603ce582de6b2c3cf25cf11eba1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151643
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Etag: "637ea8e4-116"
Expires: Fri, 25 Nov 2022 23:12:36 GMT
Last-Modified: Wed, 23 Nov 2022 23:12:36 GMT
Server: nginx
Content-Length: 278
www.google.no/pagead/1p-user-list/675938688/?random=1669266311841&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3093490607&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/675938688/?random=1669266311841&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3093490607&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/675938688/?random=1669266311841&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3093490607&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&optOut=false&bust=05467345323798258&referrer=
64.202.112.223200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&optOut=false&bust=05467345323798258&referrer=
IP 64.202.112.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00e83052a71a1dff3bc62d5d40765808fc&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&optOut=false&bust=05467345323798258&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:05:13 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: b4d6fb102f2d2ef15005062ad32d182b
content-encoding: gzip
bat.bing.com/p/action/27015508.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27015508.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27015508.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1F185392DB546C2D11A941F4DAA16D3F; domain=.bing.com; expires=Tue, 19-Dec-2023 05:05:13 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44A5A712D9DA4B27ABB03851D0A85E84 Ref B: OSL30EDGE0216 Ref C: 2022-11-24T05:05:13Z
date: Thu, 24 Nov 2022 05:05:13 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/config/10056129.json
188.125.94.204200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10056129.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc5f6676b4f2531b36b8c7120da6ecca
e7ddbe9b016bc7594e9d5f3a7bf960b56226d5de
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
GET /wi/config/10056129.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T1EIW3PR4N+PsmCrbe4YeaDdjYgdKUW61JyUxU0iBq+dmNTGKOW8JFc+HumFXj8aXI1hEzLpqz8=
x-amz-request-id: RA8JCJ8B3F2XYXXW
date: Thu, 24 Nov 2022 05:05:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 27 Sep 2022 22:00:05 GMT
x-amz-expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2rRdRVYlbk84_TZOhKVDmB8X1gW3WGzs
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "fc5f6676b4f2531b36b8c7120da6ecca"
age: 0
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fcde710e9043bc4502e7505006104d6a
da75e0a33cc84cc814597ac091426d82531ddac1
d71a55b0cf26c9fa1b90aa9dade3bfa0de603947c95d0d81f182e92a60be2242
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2597
Cache-Control: max-age=156783
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Etag: "637eb2d3-116"
Expires: Sat, 26 Nov 2022 00:38:16 GMT
Last-Modified: Wed, 23 Nov 2022 23:54:59 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
s.yimg.com/wi/config/10175858.json
188.125.94.204200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10175858.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ad716787c5ee7f50ab6806a8dfac76d
31d18a36b7472a44913f9871c1ea0d3530f17060
abfa88f1779dab4ebc144e49e4ed3b01567d93441a93dd09ed0099652aa08a2e
GET /wi/config/10175858.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8ZSrDjVJsTec9rpUB6vnszDqMF6Po0ulvXOTknYES2B9mRP1RpbNXOulOKNUrY1LljBjjTkiSOM=
x-amz-request-id: RA8ZS8N6377GNP6A
date: Thu, 24 Nov 2022 05:05:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 14 Jan 2022 20:54:46 GMT
x-amz-expiration: expiry-date="Sun, 19 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: fa2aBktS.tlgTipU0DLTD9VeWF6_YTMO
accept-ranges: bytes
content-type: application/octet-stream
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "7ad716787c5ee7f50ab6806a8dfac76d"
age: 0
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1669266313029&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=8164c994-de9a-4f29-912d-cf69a4eb51f4&dtm=1669266313028&vp=1280x939&ds=1268x2906&vid=1&sid=6a120d19-303e-4d33-b65f-ed3c5d7951dc&duid=5dbc8f7f-0deb-4010-b63c-4b1f151d0bae&uid=7563ca6f-efd7-4840-9415-a9cc3c3bca48&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYWMiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
44.199.30.13200 OK 43 B URL HTTP/1.1 events.ub-analytics.com/i?stm=1669266313029&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=8164c994-de9a-4f29-912d-cf69a4eb51f4&dtm=1669266313028&vp=1280x939&ds=1268x2906&vid=1&sid=6a120d19-303e-4d33-b65f-ed3c5d7951dc&duid=5dbc8f7f-0deb-4010-b63c-4b1f151d0bae&uid=7563ca6f-efd7-4840-9415-a9cc3c3bca48&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYWMiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19
IP 44.199.30.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1669266313029&e=pv&url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=8164c994-de9a-4f29-912d-cf69a4eb51f4&dtm=1669266313028&vp=1280x939&ds=1268x2906&vid=1&sid=6a120d19-303e-4d33-b65f-ed3c5d7951dc&duid=5dbc8f7f-0deb-4010-b63c-4b1f151d0bae&uid=7563ca6f-efd7-4840-9415-a9cc3c3bca48&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2U1MWNjMGItMGU5NC00NDNjLWEyN2EtMjRjNzhkMThmMjMyIiwidmFyaWFudElkIjoiYWMiLCJldmVudFR5cGUiOiJ2aXNpdCIsImV2ZW50TWV0YWRhdGEiOltdLCJyb3V0aW5nU3RyYXRlZ3kiOiJ3ZWlnaHRlZCJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:05:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: akka-http/10.0.9
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ac4a14fdb8a8ac0bb56636c74d06965f
326a1fd45c01f55e54c1be6b7a971e2ea3660e60
1d7137634292f05911421b7f0abfe291dbafee2795720e6ecab8d1c0ef130cde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169720
Date: Thu, 24 Nov 2022 05:05:13 GMT
Etag: "637edfdf-1d7"
Expires: Sat, 26 Nov 2022 04:13:53 GMT
Last-Modified: Thu, 24 Nov 2022 03:07:11 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WyWUSKCg_qhJPXZEbQrUy-1zJKRuc3hpDJ-ksMi4LHbtdZeHzR8MYA==
Age: 4002
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ac4a14fdb8a8ac0bb56636c74d06965f
326a1fd45c01f55e54c1be6b7a971e2ea3660e60
1d7137634292f05911421b7f0abfe291dbafee2795720e6ecab8d1c0ef130cde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171320
Date: Thu, 24 Nov 2022 05:05:13 GMT
Etag: "637edfdf-1d7"
Expires: Sat, 26 Nov 2022 04:40:33 GMT
Last-Modified: Thu, 24 Nov 2022 03:07:11 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WwVD0FIaNshUO0IgWKdsbT55HS1JO_LWpbiaZ2lQCvngvmHxj3G0BA==
Age: 5602
io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&id=cl4975ot4arrr6&uid=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
35.171.180.200200 OK 178 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&id=cl4975ot4arrr6&uid=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
IP 35.171.180.200:0
File type JSON data\012- , ASCII text, with no line terminators
Hash af31006de699805640a2928ec8fed5b7
4d53a29674a30e0df7f1c12c1a60879baa9c2b52
1ef219f0bf4726c5f2238857414d13804b98cabc83a4615861ae39902d14782f
GET /externalIds?customerlabs_user_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&id=cl4975ot4arrr6&uid=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Thu, 24 Nov 2022 05:05:13 GMT
Server: nginx/1.12.1
Content-Length: 178
Connection: keep-alive
api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
104.21.47.12200 OK 135 B URL HTTP/2 api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
IP 104.21.47.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 09bb20bd6492433aeefd6e0bc58d2535
87bde4e112d461ccaba288f695eeee602b18c87e
2bb51a241e778ff0916e4feda43afe9dbb1567568d5a7150d526a13bb52bc26a
GET /pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=http:%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2 HTTP/1.1
Host: api.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: application/json; charset=utf-8
x-amzn-requestid: 0386d575-89bf-4c9f-9c85-ee2a9420f221
access-control-allow-origin: *
surrogate-control: no-store
x-amzn-remapped-content-length: 178
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: cFw9bGecoAMFo-A=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
pragma: no-cache
x-amzn-remapped-date: Thu, 24 Nov 2022 05:05:13 GMT
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g4-SjXnGiaPr71GZEbMvkh5xRTp5OSak6K7IIXgdnWbd_PrJG2hjIA==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BoUQtLMKg1o7zfkl36OXJsuEW7SiMCEElfsKUU0XlftRrMdJpnd8EJEujEO2Qf5CvVOPZOgCQkZ0oBYZdWJpuAV5dYFWb0%2F9yLDUuoIZpoY8jHjnwfYRIINlild15uBBiSP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb65cbb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
104.26.8.162200 OK 27 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/announcement-bar
IP 104.26.8.162:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e95c370d207a300a0e88aee7bb1b6279
284bc5f1e7d0109378ddc654eb30400fcc906f56
0ee4a0fe518160d48732c8a160ea61e26f23a13429d8bc94038d334fb6a657f1
GET /api/v1/tracking/property/the-alternative-daily/announcement-bar HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.2.23
set-cookie: PHPSESSID=ac791dc137fbade3fa271a0476e87b99; expires=Thu, 08-Dec-2022 05:05:13 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control: max-age=0, must-revalidate, private
expires: Thu, 24 Nov 2022 05:05:13 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization,Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHXeUszh2DYRyNhgM1fEnMY31RvdwPGHMvN7Z8qaFzNmMmXIaO8VR1nR0UGZHyqzg3VZ9BnjMzluDstG1kqbinC6QqcJ2ET58bqvkEHF%2FKMPQRMzPRquLeNXHX2SHQmVxYvuFjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bbace4cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
172.67.69.73302 Found 278 B URL HTTP/2 a.remarketstats.com/px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
IP 172.67.69.73:0
Hash af76de5ba2f126671181bfd7feb983a4
dfbc96e29c652e94e1a208898da8ef49c13cce16
8a14ae43952cfa26d0f85634564898d46cbf3c7d032a26971a13d6f909bfd3a4
GET /px/smart/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1 HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
x-frontend: cc-nginx-c76b96594-tkmkw:cc-nginx-c76b96594-tkmkw
x-requestid: 6c387bdb-36d6-4a7f-9fe4-0363b0d5061c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr8Z1t3E9xlUeuNRECVnmXhaD7CY0oN91neWgg5Hurw1PuFY6ydsk%2FJQxR7mkaJXo4BYY0hHuvQt1%2B9B9nk5rrni9nK5aaeY16l9vOrdEzvYTMJ8Q%2FjN%2B%2BnLkMbBKohfaWvLWVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bbb2a81b515-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 119469b2a64de1f027696a209c950cf3
6c886a32268ea68445edf0ccff472cebe307d25a
6c30793fcac70823915393a3fddad79e61f23b88af191e7341680f4281e83e66
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152150
Date: Thu, 24 Nov 2022 05:05:13 GMT
Etag: "637e9c5a-1d7"
Expires: Fri, 25 Nov 2022 23:21:03 GMT
Last-Modified: Wed, 23 Nov 2022 22:19:06 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lSoIglMZteqNJz7hwQMoM_xTJjFK4CkYSVKlg-buh1xf7-qdTMvYeQ==
Age: 3717
io.v2.customerlabs.co/cl
35.171.180.200200 OK 0 B IP 35.171.180.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 989
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 05:05:13 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313253&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=146844809012010&ev=ViewContent&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313253&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=146844809012010&ev=ViewContent&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313253&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 05:05:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313271&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&exp=c0&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313271&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&exp=c0&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=146844809012010&ev=LPVisit_InflQuiz&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313271&sw=1280&sh=1024&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&exp=c0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 05:05:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=146844809012010&ev=LPVisit&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313262&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=146844809012010&ev=LPVisit&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313262&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=146844809012010&ev=LPVisit&dl=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&rl=&if=false&ts=1669266313262&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669266313249.1482081415&it=1669266312585&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Nov 2022 05:05:13 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0aeaa6dc0bd230dfc4ae544145edadf2
67291309e811d0ceb12e5a65dd247fa795389e51
617c197b127786a91d1f659623f2cb21555ad5cda75452e765ec7033f44ef5f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3896
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:13 GMT
Last-Modified: Thu, 24 Nov 2022 04:00:17 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669266313144&dep=2%2CPAGE_LOAD
151.101.84.84200 OK 373 B URL HTTP/2 ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669266313144&dep=2%2CPAGE_LOAD
IP 151.101.84.84:0
File type JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Hash 7c95bf1e7580e7dfa7f4f5c10b0addd9
a1e3954cd6a0d4a5fc0a6c344d91e6c24504722b
1f8cb83a1e4eedc470a6d0c6acc5f5ff13fa65639378a8a14d5db82e288b2e17
GET /user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1669266313144&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU16azVPV0ppWm1ZdE4yUXdOaTAwWldRMUxXSmhaRFV0WTJFMVpEZ3daamcwTnpkbA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: http://pages.upwellness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 5
referrer-policy: origin
x-pinterest-rid: 1485654514665621
date: Thu, 24 Nov 2022 05:05:13 GMT
x-cdn: fastly
content-length: 373
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669266313147
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669266313147
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1669266313147 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 6362806623831406
date: Thu, 24 Nov 2022 05:05:13 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
34.225.174.126302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-
IP 34.225.174.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:13 GMT
content-length: 0
trace-id: d8ba4f1a825e3e43
vary: Origin
location: /j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true
set-cookie: lidid=4cf9c4b6-a52b-4458-9cb4-765d758bd570; Max-Age=63072000; Expires=Sat, 23 Nov 2024 05:05:13 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2024%20Nov%202022%2005%3A05%3A13%20GMT&n=0&.yp=10056129&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2024%20Nov%202022%2005%3A05%3A13%20GMT&n=0&.yp=10056129&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Thu%2C%2024%20Nov%202022%2005%3A05%3A13%20GMT&n=0&.yp=10056129&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
expires: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBIn7fmMCEDT7jNkURySaJbRGY-YQnAsFEgEBAQFNgGOIYwAAAAAA_eMAAA&S=AQAAAo8u8XYS5JTOXB-0IrfGmz8; Expires=Fri, 24 Nov 2023 11:05:13 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&.yp=10175858&f=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
expires: Thu, 24 Nov 2022 05:05:13 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBIn7fmMCEBKt-n6E6jR-btLafO-YAYcFEgEBAQFNgGOIYwAAAAAA_eMAAA&S=AQAAAu3T00cReRJprqD2BvUEA4A; Expires=Fri, 24 Nov 2023 11:05:13 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl/firstVisit
35.171.180.200200 OK 0 B URL HTTP/1.1 io.v2.customerlabs.co/cl/firstVisit
IP 35.171.180.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl/firstVisit HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 486
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 05:05:13 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
io.v2.customerlabs.co/cl
35.171.180.200200 OK 0 B IP 35.171.180.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 987
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 05:05:14 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
rp.liadm.com/j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true
34.225.174.126200 OK 13 B URL HTTP/2 rp.liadm.com/j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true
IP 34.225.174.126:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
GET /j?dtstmp=1669266312515&aid=a-057g&se=e30&duid=f0f26c15fa8f--01gjm0d36a0g31edz22kf598qh&tna=v2.5.1&pu=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2&wpn=lc-bundle&c=PHRpdGxlPjwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Referer: http://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:14 GMT
content-type: application/json
content-length: 13
trace-id: a4d03c23e413b2a5
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 93f722cf-a764-4a44-803f-62c075b10ad1
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1669266313249.1482081415&customerlabs_user_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&id=cl4975ot4arrr6&uid=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&t=0&sc=1280%20x%201024
35.171.180.200200 OK 561 B URL HTTP/1.1 io.v2.customerlabs.co/externalIds?facebook___fbp=fb.1.1669266313249.1482081415&customerlabs_user_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&id=cl4975ot4arrr6&uid=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&t=0&sc=1280%20x%201024
IP 35.171.180.200:0
File type JSON data\012- , ASCII text, with very long lines (561), with no line terminators
Hash f2056a1216cc2e170e10ed9094cfd32a
66e73064c0167d4bdfc00e72478051adc4168870
85c3de88250b5ad7f377ee482f21108675c11e770db328190243582273a3bd79
GET /externalIds?facebook___fbp=fb.1.1669266313249.1482081415&customerlabs_user_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&id=cl4975ot4arrr6&uid=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1&t=0&sc=1280%20x%201024 HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json
Date: Thu, 24 Nov 2022 05:05:14 GMT
Server: nginx/1.12.1
Content-Length: 561
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50a0ba5d7f2a295844ed61663e59549a
b48dbe4fc15860a1090f153c7c03fdd21485975c
0a6f9c4cd39ecd32076fef4032ef8adebd546fc71300dd6f15da82ad384ce980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:14 GMT
Last-Modified: Thu, 24 Nov 2022 03:24:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:14 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669266314511;Expires=Mon, 23 Jan 2023 05:05:14 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=ec3a1299-54b1-4378-8aba-f72669744cfb;Expires=Mon, 23 Jan 2023 05:05:14 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50a0ba5d7f2a295844ed61663e59549a
b48dbe4fc15860a1090f153c7c03fdd21485975c
0a6f9c4cd39ecd32076fef4032ef8adebd546fc71300dd6f15da82ad384ce980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:05:14 GMT
Last-Modified: Thu, 24 Nov 2022 03:24:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive/check?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:14 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669266314550;Expires=Mon, 23 Jan 2023 05:05:14 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=02a41dc8-2f07-4468-9217-329854c0a86f;Expires=Mon, 23 Jan 2023 05:05:14 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Mon, 23 Jan 2023 05:05:14 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=02a41dc8-2f07-4468-9217-329854c0a86f
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1605&scd=32&ssd=1&est=1669266312611&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669266314219&vi=1669266312608&ri=22ffc14fb4ea824bf20ce00016c2a048&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1605&scd=32&ssd=1&est=1669266312611&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669266314219&vi=1669266312608&ri=22ffc14fb4ea824bf20ce00016c2a048&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=1605&scd=32&ssd=1&est=1669266312611&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1669266314219&vi=1669266312608&ri=22ffc14fb4ea824bf20ce00016c2a048&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 24 Nov 2022 05:05:14 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
a.clickcertain.com/px/ta/?ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
172.67.74.207302 Found 0 B URL HTTP/2 a.clickcertain.com/px/ta/?ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
IP 172.67.74.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/ta/?ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&cn=NO
Cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:14 GMT
content-type: text/html
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
set-cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; Expires=Fri, 24 Nov 2023 05:05:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-glzsf:cc-nginx-c76b96594-glzsf
x-requestid: 8718a461-981e-4311-a5ad-eb5d7b88271f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQESE1snoikviIWHh6CjTp2pY2AenHZy6hvBIcAFKPUuyilcNLzm%2FW6Gi2xX%2B4jN1mw%2BNt7Jwzp8O37QUCp0UHuGp3dmQqMwOUPZKWHzvvupL1oebQrgkMEXOWghAX1bqFjlPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bbfeb6db4f3-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2ab59c25df8b73e8b1aa4a4c8651ba3f
4574a151ee44e9253367f203cfc7fbd7f0377f61
16464a556a3bedc9dbb00688c6840c761601409fd1259874e94ce189ca51ad54
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153522
Date: Thu, 24 Nov 2022 05:05:14 GMT
Etag: "637ead1e-1d7"
Expires: Fri, 25 Nov 2022 23:43:56 GMT
Last-Modified: Wed, 23 Nov 2022 23:30:38 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oIgQgXTcumP728nZJbgo4qIoLIa0c9ug3Vmk59YD_gKc9rao7UB_ZQ==
Age: 798
a.clickcertain.com/px/r/?ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
172.67.74.207302 Found 0 B URL HTTP/2 a.clickcertain.com/px/r/?ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
IP 172.67.74.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/r/?ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=24a3d6f0fe7dd9c&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&cn=NO
Cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:14 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d6df8d8d0%25252ddc15%25252d40a4%25252d9eb6%25252dfd94d1946edc%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; Expires=Fri, 24 Nov 2023 05:05:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-t5x55:cc-nginx-c76b96594-t5x55
x-requestid: 25215f31-f3a6-4638-ba60-27eeb1537417
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzdKuLwxLBmRANB0wqhEUqtAYV6S5n1SHCDnsg%2FZsah3RUacDCdkn7FXt3fDx4HDEXBI9rgw%2FD1ZyuxUcLJBaiQV8SbMZ%2BuJLgqbMpRbYtIq5k7Ka9Ry66q6Xwkx1Qrayx88wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bbffb6fb4f3-OSL
X-Firefox-Spdy: h2
i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d6df8d8d0%25252ddc15%25252d40a4%25252d9eb6%25252dfd94d1946edc%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&_li_chk=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&previous_uuid=99e8aab763d0429fab15ddfdb1815b8e
3.229.201.1303 See Other 0 B URL HTTP/1.1 i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d6df8d8d0%25252ddc15%25252d40a4%25252d9eb6%25252dfd94d1946edc%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&_li_chk=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&previous_uuid=99e8aab763d0429fab15ddfdb1815b8e
IP 3.229.201.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d6df8d8d0%25252ddc15%25252d40a4%25252d9eb6%25252dfd94d1946edc%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&_li_chk=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&previous_uuid=99e8aab763d0429fab15ddfdb1815b8e HTTP/1.1
Host: i.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 24 Nov 2022 05:05:14 GMT
Content-Length: 0
Connection: keep-alive
Location: https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d6df8d8d0%252ddc15%252d40a4%252d9eb6%252dfd94d1946edc%2526anx_uId%253d%2524UID&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
Set-Cookie: _li_ss=MgYIkgEQ1xM; Max-Age=2592000; Expires=Sat, 24 Dec 2022 05:05:14 GMT; SameSite=None; Path=/s; Secure
lidid=8b347361-6a6f-4136-8857-d31ca55b046a; Max-Age=63072000; Expires=Sat, 23 Nov 2024 05:05:14 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
Request-Time: 2
Strict-Transport-Security: max-age=31536000; includeSubDomains
a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d6df8d8d0%252ddc15%252d40a4%252d9eb6%252dfd94d1946edc%2526anx_uId%253d%2524UID&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
172.67.74.207302 Found 509 B URL HTTP/2 a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d6df8d8d0%252ddc15%252d40a4%252d9eb6%252dfd94d1946edc%2526anx_uId%253d%2524UID&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc
IP 172.67.74.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (332), with CRLF, LF line terminators
Hash e43c63712b62cec92761e6a69faa211e
281e24b66e81953ba9790a80b8f76ab7ac5d564f
9f148fbdcd938c6e12711f48f991e461170d41ba3ccd197d1c6968797305273e
GET /px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d6df8d8d0%252ddc15%252d40a4%252d9eb6%252dfd94d1946edc%2526anx_uId%253d%2524UID&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:15 GMT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc%26anx_uId%3d%24UID
set-cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; Expires=Fri, 24 Nov 2023 05:05:15 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-qz97k:cc-nginx-c76b96594-qz97k
x-requestid: 05908857-9786-494d-b9a3-ba9b6b519b8c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IODfu0V6hL2lS0I9b8Ow7MQi0YSCp1GQ4Zxg5M%2BY%2BgAZ77kGxzHkUzXnRbEnQwZ2YHgiyvGImyBh%2BhqhkIXZgsLj3c4h%2Bp%2BAWG%2B4r%2FtVLnvdhpZDsKK8YzlGRJGAAurUu8EbBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bc4ee54b4f3-OSL
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_tc=
142.250.74.98302 Found 455 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_tc=
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 39794f1ee5985d3f80e80302bff6a979
030e0231e825e31515086bb8ffcdc09712c8cf19
a92a031edb376cabd1b39cbfb84f4a9096393700607ff7e7f80c17d3dc77c6d7
GET /pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_error=3
date: Thu, 24 Nov 2022 05:05:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ab4aa8cd05ebe516a54efd94f075c6b4
8bc560e0b6774fbfe6f296d8e27b0670342167dd
b27ddd30019022a5a18437efedc3a77e724cc07721cf16f0d220e8d1577559ab
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94071
Date: Thu, 24 Nov 2022 05:05:15 GMT
Etag: "637dc802-1d7"
Expires: Fri, 25 Nov 2022 07:13:06 GMT
Last-Modified: Wed, 23 Nov 2022 07:13:06 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AW9112XQS5viWXWf-f6ieK8PYhXxjZU6jVWGrsvT4hmYl_zjmlENIg==
a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_error=3
172.67.74.207302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_error=3
IP 172.67.74.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0%2Ddc15%2D40a4%2D9eb6%2Dfd94d1946edc%26anx_uId%3D%24UID&google_error=3 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:15 GMT
content-type: text/html
location: https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&anx_uId=$UID
x-frontend: cc-nginx-c76b96594-klksd:cc-nginx-c76b96594-klksd
x-requestid: 65c7f171-3102-4d6b-9e52-7e764b3394df
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdNrkovHV%2FBRFCMJGsLHG7KyQHUSgxOuDwqjfNkXQJzXhVoJbm3a%2B1%2FpOMCihJFUBSy2Ul2o%2BSKSr%2FxSMd7ZxT6OtUEpa1vH6bkfztP4vHMl1xh9k458CeJYbg74sPQ1d%2BTpBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bc63f53b4f3-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0-dc15-40a4-9eb6-fd94d1946edc%26anx_uId%3D%24UID
37.252.171.21302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0-dc15-40a4-9eb6-fd94d1946edc%26anx_uId%3D%24UID
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D6df8d8d0-dc15-40a4-9eb6-fd94d1946edc%26anx_uId%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 24 Nov 2022 05:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&anx_uId=0
AN-X-Request-Uuid: 3754ebea-0933-4ffe-95fd-5be96c2e68da
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
172.67.74.207200 OK 1.9 kB URL HTTP/2 a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
IP 172.67.74.207:0
File type ASCII text, with very long lines (2807)
Hash 33666162c42251b20556f22eebed80f1
8a1c65f2e8d76af255e996a34107c2c1bcccc2c7
e9155c98e5022e00bcd087057e40634169b3cbe57bfca263c443f6501486d97f
GET /px/?c=24a3d6f0fe7dd9c HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:14 GMT
content-type: text/javascript
set-cookie: _ccpx=24a3d6f0fe7dd9c; Expires=Fri, 24 Nov 2023 05:05:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; Expires=Fri, 24 Nov 2023 05:05:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_24a3d6f0fe7dd9c=1; Expires=Fri, 24 Nov 2023 05:05:14 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-qz97k:cc-nginx-c76b96594-qz97k
x-requestid: a6cbc81a-78db-4800-bc86-7d0e262af755
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmPrjV9PqXUhwEAUjlnQnlpRcmqXzG0pOCtIXtTDndjFgyyWO0yPtpHm5eURj9p4xQtICH2aX5ZmPvir61CjL%2FKHG5C3xjEqqoMF0ll5OY%2FgYDgNGv1EEb71J7VhZ0Y9xkf6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bbe2a9bb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.browserspeed.support/
35.82.220.221200 OK 4 B IP 35.82.220.221:0
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: a.browserspeed.support
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: tuid=8b1e835b-4846-4c4c-9c5c-5f361ddbb430
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: awselb/2.0
date: Thu, 24 Nov 2022 05:05:15 GMT
content-type: application/json; charset=utf-8
content-length: 4
set-cookie: tuid=8b1e835b-4846-4c4c-9c5c-5f361ddbb430; Path=/; Domain=a.browserspeed.support; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 86776344fc6dd826ff48ca2f315dec8a
23054ddd051e653c90cc3232bbe1ecb88820b29a
7a6a778b4a383d8385e3843a7fd1ad88a5e7182d5627740511dd2c83a6f264c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:05:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:56:48 GMT
Expires: Tue, 29 Nov 2022 13:56:47 GMT
Etag: "23054ddd051e653c90cc3232bbe1ecb88820b29a"
Cache-Control: max-age=463291,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ef9bca2d340b3d-OSL
a.clickcertain.com/px/img/bidswitch/?done=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&anx_uId=0
172.67.74.207302 Found 0 B URL HTTP/2 a.clickcertain.com/px/img/bidswitch/?done=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&anx_uId=0
IP 172.67.74.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/img/bidswitch/?done=true&ccid=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&anx_uId=0 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; _ccpx=24a3d6f0fe7dd9c; _ccpx_24a3d6f0fe7dd9c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:15 GMT
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&expires=5&user_group=0
set-cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; Expires=Fri, 24 Nov 2023 05:05:15 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-qz97k:cc-nginx-c76b96594-qz97k
x-requestid: 60ffd63a-f1c9-4a02-a6d6-e907b7a3cfd8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzSyCidB8exlFxM%2F79irKEJ4gZA5GNw3Nr6at%2BGZUa6XSQUYGJMTBFAgS7boo3oyMkZcPcucd0CiQSl6BLmJ00TEWE%2FBlhTQG1TW%2BQ3g19YqHaKDfW5TAjlze0jN3tCE%2B%2BbDZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bc7f88db4f3-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&expires=5&user_group=0
35.158.203.161200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&expires=5&user_group=0
IP 35.158.203.161:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=179&user_id=6df8d8d0-dc15-40a4-9eb6-fd94d1946edc&expires=5&user_group=0 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:15 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
151.101.84.84200 OK 323 B IP 151.101.84.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1202796712651990
date: Thu, 24 Nov 2022 05:05:16 GMT
x-cdn: fastly
content-length: 323
X-Firefox-Spdy: h2
io.v2.customerlabs.co/cl
35.171.180.200200 OK 0 B IP 35.171.180.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cl HTTP/1.1
Host: io.v2.customerlabs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 896
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: http://pages.upwellness.com
Date: Thu, 24 Nov 2022 05:05:16 GMT
Server: nginx/1.12.1
Content-Length: 0
Connection: keep-alive
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100
52.46.155.104301 Moved Permanently 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100
IP 52.46.155.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pages.upwellness.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 05:05:15 GMT
Server: Server
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100
Cache-Control: no-cache
Content-Length: 0
x-amz-rid: 0YV0CEQSFRVQVYNSVS4F
Vary: Accept-Encoding,User-Agent
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100
52.46.155.104302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100
IP 52.46.155.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 24 Nov 2022 05:05:16 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: WTKTJ06PK6X5TXYG75KY
Set-Cookie: ad-id=A8huXi-Lo01JqCfY9jdIOw8|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 05:05:16 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100&dcc=t
52.46.155.104200 OK 65 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100&dcc=t
IP 52.46.155.104:0
File type HTML document, ASCII text
Hash 22fdf49482d8200e8f305bbe262eff14
f254bd4053267c2cf46675613e689016d8b7f775
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
GET /iu3?d=generic&ex-fargs=%3Fid%3Dc230f4f4-2471-e083-6695-c6f3f7fc5010%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.upwellness.com/&ex-hargs=v%3D1.0%3Bc%3D593675756572392096%3Bp%3DC230F4F4-2471-E083-6695-C6F3F7FC5010&cb=953522257463461100&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 24 Nov 2022 05:05:16 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: 020Q5XH7YHTVNCH3H6QD
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=32&ssd=1&est=1669266312611&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669266317221&vi=1669266312608&ri=22ffc14fb4ea824bf20ce00016c2a048&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=32&ssd=1&est=1669266312611&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669266317221&vi=1669266312608&ri=22ffc14fb4ea824bf20ce00016c2a048&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1225872/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=32&ssd=1&est=1669266312611&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1669266317221&vi=1669266312608&ri=22ffc14fb4ea824bf20ce00016c2a048&ref=null&cv=20221117-23-RELEASE&item-url=http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 24 Nov 2022 05:05:17 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 0 B IP 188.125.94.204:0
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f8RW3sAegmY8tu5lncD55OQUWnAgDrXOZV1OYTT28JrAPodaSs3XVRtw5XQ/ujRVs6ZtrUE92YE=
x-amz-request-id: 0RXMKT16VWC1A4B0
date: Thu, 24 Nov 2022 04:22:40 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2553
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic
IP 142.250.74.10:0
GET /css?family=Lato:regular%7CMerriweather:regular,700%7COswald:300%7CSource+Sans+Pro:italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 05:05:12 GMT
date: Thu, 24 Nov 2022 05:05:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
104.26.8.162500 Internal Server Error 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/save
IP 104.26.8.162:0
POST /api/v1/tracking/property/the-alternative-daily/save HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 252
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 500 Internal Server Error
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: application/json
x-powered-by: PHP/7.2.23
set-cookie: PHPSESSID=9c2dad51d7bd9900c4cc9f642c86cbb0; expires=Thu, 08-Dec-2022 05:05:13 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control: max-age=0, must-revalidate, private
expires: Thu, 24 Nov 2022 05:05:13 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization,Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwVkgXwO1f7rozalrE05IAtfi%2BgLWlwf%2B4snWXEfdMr%2BA6MtHj%2FgjlWba%2FNfpI5Lj7hpbK71hwM6Tv9GxJvuo8rFS1c0JlnGxLUwuL3IH053X32Mg%2FlUMEULvadfLryQsFYbFiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb81c8bb509-OSL
X-Firefox-Spdy: h2
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
143.204.55.29200 OK 0 B URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 143.204.55.29:0
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Sep 2022 23:09:05 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: W/"359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a0UVbLmyJPfM864ju3jBaSAtJSpn7b-HYOYV21QUeekdmHmzte0fqA==
age: 7019766
X-Firefox-Spdy: h2
api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
104.26.8.162200 OK 0 B URL HTTP/2 api.leadquizzes.com/api/v1/tracking/property/the-alternative-daily/website-popup
IP 104.26.8.162:0
GET /api/v1/tracking/property/the-alternative-daily/website-popup HTTP/1.1
Host: api.leadquizzes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://pages.upwellness.com
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.2.23
set-cookie: PHPSESSID=bbcb595a26bdd81b0ff63273c0687369; expires=Thu, 08-Dec-2022 05:05:13 GMT; Max-Age=1209600; path=/; HttpOnly
cache-control: max-age=0, must-revalidate, private
expires: Thu, 24 Nov 2022 05:05:13 GMT
access-control-allow-origin: http://pages.upwellness.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-expose-headers: Authorization,Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptbsSHIKwOrX%2B3yNZ0x9QcXUzGR8ptJvNxOqIgAA8hdtQB5%2BCKHqVl31OBFr4W5%2Bf4q9HKopJi4Q2HXlmYp3qNAdnoy11m%2FeZkjzwm7CPCNGmW6GgzhR8%2BCbT088CeNsg7TQRwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bb82c96b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252291e25f40-fe72-4d89-ab51-4b14c9535819%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102f9b543fb9508b1b31e87f58e422%2526n%253Dtune%2526cid%253D2_wwscpostinflammquiz112322%2526mid%253D2_wwscpostinflammquiz112322%2526AFFID%253D477232%2526subid%253D2_wwscpostinflammquiz112322%2526partner_id%253D2%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102f9b543fb9508b1b31e87f58e422%2526n%253Dtune%2526cid%253D2_wwscpostinflammquiz112322%2526mid%253D2_wwscpostinflammquiz112322%2526AFFID%253D477232%2526subid%253D2_wwscpostinflammquiz112322%2526partner_id%253D2%2522%257D
104.21.35.233200 OK 0 B URL HTTP/2 analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252291e25f40-fe72-4d89-ab51-4b14c9535819%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102f9b543fb9508b1b31e87f58e422%2526n%253Dtune%2526cid%253D2_wwscpostinflammquiz112322%2526mid%253D2_wwscpostinflammquiz112322%2526AFFID%253D477232%2526subid%253D2_wwscpostinflammquiz112322%2526partner_id%253D2%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102f9b543fb9508b1b31e87f58e422%2526n%253Dtune%2526cid%253D2_wwscpostinflammquiz112322%2526mid%253D2_wwscpostinflammquiz112322%2526AFFID%253D477232%2526subid%253D2_wwscpostinflammquiz112322%2526partner_id%253D2%2522%257D
IP 104.21.35.233:0
GET /track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%252291e25f40-fe72-4d89-ab51-4b14c9535819%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522UNIX%2522%252C%2522browser%2522%253A%2522Firefox%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102f9b543fb9508b1b31e87f58e422%2526n%253Dtune%2526cid%253D2_wwscpostinflammquiz112322%2526mid%253D2_wwscpostinflammquiz112322%2526AFFID%253D477232%2526subid%253D2_wwscpostinflammquiz112322%2526partner_id%253D2%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Finflammation-quiz%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522http%253A%252F%252Fpages.upwellness.com%252Finflammation-quiz%252F%253Foffer%253D77%2526session_id%253D102f9b543fb9508b1b31e87f58e422%2526n%253Dtune%2526cid%253D2_wwscpostinflammquiz112322%2526mid%253D2_wwscpostinflammquiz112322%2526AFFID%253D477232%2526subid%253D2_wwscpostinflammquiz112322%2526partner_id%253D2%2522%257D HTTP/1.1
Host: analytics.proofapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.useproof.com
Connection: keep-alive
Referer: https://cdn.useproof.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
etag: W/"3f-qnrfXZozoWsCTtgJYUKmrYPXaik"
via: 1.1 vegur
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuQUg3kJPZDnZsVJ4qBdikkT9SrUQd1YSd4GaP%2FTH9mZFVs9v8W70Wc2zTGGkUemQ9a6kM37Aq1T8jk3KrJ5Jx2oaP086BRGHMi0nM3EFsn0hNA4jsy3%2B7iE6J1c3eFGIAQoE%2Fs8JNHK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bba7a90b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1225872/trc/3/json?tim=1669266312616&data=%7B%22id%22%3A240%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669266312608%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669266312615%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/1225872/trc/3/json?tim=1669266312616&data=%7B%22id%22%3A240%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669266312608%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669266312615%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
GET /1225872/trc/3/json?tim=1669266312616&data=%7B%22id%22%3A240%2C%22ii%22%3A%22%2Finflammation-quiz%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1669266312608%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1669266312615%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fpages.upwellness.com%2Finflammation-quiz%2F%3Foffer%3D77%26session_id%3D102f9b543fb9508b1b31e87f58e422%26n%3Dtune%26cid%3D2_wwscpostinflammquiz112322%26mid%3D2_wwscpostinflammquiz112322%26AFFID%3D477232%26subid%3D2_wwscpostinflammquiz112322%26partner_id%3D2%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A32%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:05:13 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669266313.373915,VS0,VE93
vary: Accept-Encoding
x-vcl-time-ms: 93
X-Firefox-Spdy: h2
a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
172.67.74.207302 Found 0 B URL HTTP/2 a.clickcertain.com/px/smart/a/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1
IP 172.67.74.207:0
GET /px/smart/a/?c=24a3d6f0fe7dd9c&seg=inflammation-quiz&partner_id=cl4975ot4arrr6cd9ca5ef-d4c1-422a-85ef-d4dd7afa7ce1 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pages.upwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 05:05:13 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24a3d6f0fe7dd9c
set-cookie: _ccpx_u=6df8d8d0%2ddc15%2d40a4%2d9eb6%2dfd94d1946edc; Expires=Fri, 24 Nov 2023 05:05:13 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-c76b96594-lrtg6:cc-nginx-c76b96594-lrtg6
x-requestid: df503a70-d0c0-4fef-8cab-e09e064fe71d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjq59%2FnqN2qMvewLFH%2B6hcnUcEovvo5nUesH8Vo9QVcfrv5bAroJx8QwiGzHIw9HpqQQ0KWlHvwgzWNFNPZxR7L85uAKxthkifntegs%2F51%2FQYQEgH1KuWaIiaxwkla41Ux83vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ef9bbd1a10b4f3-OSL
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-795540.js?sv=6
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-795540.js?sv=6
IP 143.204.55.98:0
GET /c/hotjar-795540.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pages.upwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 05:05:12 GMT
cache-control: max-age=60
etag: W/d8ae842dc5a75085acabbe388684abb3
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tL_E8vP7KX95X1HvAxm8GP805qCyHxR1j5daEQiVysgb5B8DdvEMrw==
X-Firefox-Spdy: h2