coronahomecare.com/
54.230.111.47301 Moved Permanently 167 B IP 54.230.111.47:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 10 Nov 2022 16:19:27 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://coronahomecare.com/
X-Cache: Redirect from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0Y4nYPOhQpt_xQhAOH8kuT6lVO8ozmCnlh9L2zoXMP2TlB3Zp7daRg==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8126
Expires: Thu, 10 Nov 2022 18:34:53 GMT
Date: Thu, 10 Nov 2022 16:19:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5690
Cache-Control: max-age=157590
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:27 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 12:05:57 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5118
Cache-Control: max-age=157018
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:27 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 11:56:25 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 15:43:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17921
Expires: Thu, 10 Nov 2022 21:18:08 GMT
Date: Thu, 10 Nov 2022 16:19:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CS5eGFmbuObJiasj0Yy+o7THQmJTuAXV4qtzFrjZClFeEgvnGr8dLYnKh2O8yAHEKj9eGVTrb9A=
x-amz-request-id: 9F8T0YX9H07904NZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 15:49:27 GMT
age: 1800
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 16:19:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f8fef930a8f1f8dccd5ba6f761352bac
66786a32daa12298bf5e12529192be4156562039
3eebb546e0c10c57be830a7e48bfcafb736759dace3eacaef6b0ad9f0a00bbc5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122013
Date: Thu, 10 Nov 2022 16:19:27 GMT
Etag: "636c5e2c-1d7"
Expires: Sat, 12 Nov 2022 02:13:00 GMT
Last-Modified: Thu, 10 Nov 2022 02:13:00 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2JsokScTPYZU6L90fesqW8aRnIAzaey0T7Bvty4nc4B4VTAHmt16_A==
coronahomecare.com/
54.230.111.25200 OK 16 kB IP 54.230.111.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10249)
Hash 16272c7be4f09d880ab8d7e9163134db
340092baa4a04d8a72c924b98717a762e084fe91
e3da5034b18dc6ad5934194b94130650152085d9e4dd3aa7fe07cedc36c4fd62
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 16547
cache-control: max-age=900, public
content-encoding: gzip
content-language: en
content-security-policy: object-src 'none'; frame-ancestors 'self' *.producer.myhippo.com producer.myhippo.com producer.staging.myhippo.io *.producer.develop.myhippo.io *.producer.staging.myhippo.io; report-uri https://live-hippo.pantheonsite.io/report-uri/enforce
etag: W/"1668095918"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 10 Nov 2022 15:58:38 GMT
link: </coronahomecare>; rel="shortlink"
server: nginx
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 8 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe4-a-84d785568d-f6x8q
x-styx-req-id: 7075e9eb-6113-11ed-917a-46786c5c6762
x-ua-compatible: IE=edge
date: Thu, 10 Nov 2022 16:19:28 GMT
x-served-by: cache-chi-klot8100164-CHI, cache-hhn4041-HHN
x-cache-hits: 2, 0
x-timer: S1668097168.135091,VS0,VE107
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding,Cookie,Cookie,Cookie
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KcPUC910PynAC7asTQVPc1Vr_wgJadbi2MiWluFiiKfFsg0fhdAFxQ==
age: 4
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/inline/chart.jpg
54.230.111.25200 OK 63 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/inline/chart.jpg
IP 54.230.111.25:0
File type JPEG image data, baseline, precision 8, 590x360, components 3\012- data
Hash f876904ef6fcc3849f5f3674e49c6c4a
662710fb739c5a40175afadae148420bc298d2f9
ee85663be52fea0e509f4e9273620f5a643e6627b1fd0d7e6ea1ad0a7f11962a
GET /sites/default/files/content/paragraphs/inline/chart.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 62737
cache-control: max-age=31622400
etag: "628c5a7f-f511"
expires: Sun, 15 Oct 2023 02:02:29 GMT
last-modified: Tue, 24 May 2022 04:09:35 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-64b8c86cf7-wnj8z
x-styx-req-id: 422846aa-4b64-11ed-b7f2-aaed1b936845
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-kigq8000092-CHI, cache-hhn4059-HHN
x-cache-hits: 1, 1
x-timer: S1667966387.663131,VS0,VE285
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YVzn6PzToLHOsMqyzF8q0nEAlTZqeeCaLNMSb8HIygpXOUn-mTv3Ow==
age: 130782
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/inline/kids_01.jpg
54.230.111.25200 OK 136 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/inline/kids_01.jpg
IP 54.230.111.25:0
File type JPEG image data, baseline, precision 8, 590x316, components 3\012- data
Size 136 kB (136219 bytes)
Hash 9b0d38d5aa0bb6707ce97747bd4cb927
627aed9bb73b7fa8fa82a3b09d0200f4a8dc88ab
6bb26dacca20db11c296f59eadf13be1eaa9ac47f22be7f8d75686f89e75609c
GET /sites/default/files/content/paragraphs/inline/kids_01.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 136219
cache-control: max-age=31622400
etag: "628c5a7f-2141b"
expires: Mon, 23 Oct 2023 11:59:30 GMT
last-modified: Tue, 24 May 2022 04:09:35 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-6dbf68f8c6-x2mn8
x-styx-req-id: fc88a81d-5200-11ed-8c91-6ee86231f279
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-kigq8000104-CHI, cache-hhn4081-HHN
x-cache-hits: 1, 0
x-timer: S1667966387.661556,VS0,VE333
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q-VTJOE8klerLj4_eiCnGKCejHs7MoJfWzJwm3XvZainnO57DgzzEg==
age: 130782
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/css/css_JQyZ9StD4-4I5jikYtL8icbvn1b-f6xMTWUzpXDhKlc.css?rl21a1
54.230.111.25200 OK 2.2 kB URL HTTP/2 coronahomecare.com/sites/default/files/css/css_JQyZ9StD4-4I5jikYtL8icbvn1b-f6xMTWUzpXDhKlc.css?rl21a1
IP 54.230.111.25:0
File type troff or preprocessor input text\012- assembler source, ASCII text, with very long lines (1505)
Hash 97e466b7a07fdf66da116d199b393319
a8b66a75600b8f501262a5225298edb2fb67c851
af35fb5840a269cb174fec1b1a3a03464488c5b5039423aa142262094811ce58
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/css/css_JQyZ9StD4-4I5jikYtL8icbvn1b-f6xMTWUzpXDhKlc.css?rl21a1 HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 2183
cache-control: max-age=31622400
content-encoding: gzip
etag: W/"635c1706-1b33"
expires: Thu, 02 Nov 2023 23:25:08 GMT
last-modified: Fri, 28 Oct 2022 17:53:10 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-fd6b5c8fc-b8k2s
x-styx-req-id: 6c5f9788-5a3c-11ed-b242-36025bf85421
date: Thu, 10 Nov 2022 06:59:53 GMT
x-served-by: cache-chi-klot8100022-CHI, cache-hhn4042-HHN
x-cache-hits: 1, 1
x-timer: S1668063594.802869,VS0,VE1
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OqJkNpvAxcSSXjIj7SjIP8IQph31o69GzFaZx9MrTrQmavrIpwFxWA==
age: 141833
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/inline/seniors.jpg
54.230.111.25200 OK 172 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/inline/seniors.jpg
IP 54.230.111.25:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1180x632, components 3\012- data
Size 172 kB (172370 bytes)
Hash 1f01cafa77041b448da9847fa6f09222
f14e7c693d27b46e6eb6e4bc46989bc768798f7f
8ba087a5240eb7dfa09be93b53a601810d420848e485d4c47bf5b79734b266b5
GET /sites/default/files/content/paragraphs/inline/seniors.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 172370
cache-control: max-age=31622400
etag: "628c5a7f-2a152"
expires: Fri, 20 Oct 2023 15:38:40 GMT
last-modified: Tue, 24 May 2022 04:09:35 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-585b659d7c-6m5t2
x-styx-req-id: 1ad85006-4fc4-11ed-8356-6a6f7a30df73
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-kigq8000064-CHI, cache-fra-eddf8230115-FRA
x-cache-hits: 1, 0
x-timer: S1667966387.682685,VS0,VE251
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FPIBkjBI0_NNAcn6ynRrGIvw99ZqMTJKYx-rgc0lwmVcFxXf7EaSEg==
age: 130782
X-Firefox-Spdy: h2
coronahomecare.com/themes/hippo/js/third-party-loaders/gtm.js
54.230.111.25200 OK 282 B URL HTTP/2 coronahomecare.com/themes/hippo/js/third-party-loaders/gtm.js
IP 54.230.111.25:0
File type ASCII text, with very long lines (378)
Hash c1f9452742e4c3383781544e4b173ffe
c0d764ae0f00108f20890f88f0886c5777b75f16
f49865bbf34feb0bbd530945b342a7fbb62242a492fbd74a76b688f017b06440
Analyzer Verdict Alert fortinet Phishing
GET /themes/hippo/js/third-party-loaders/gtm.js HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 282
cache-control: max-age=31622400
content-encoding: gzip
etag: W/"63685fde-17c"
expires: Fri, 10 Nov 2023 00:48:13 GMT
last-modified: Mon, 07 Nov 2022 01:31:10 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-84d785568d-f6x8q
x-styx-req-id: 31132e0c-5fc8-11ed-917a-46786c5c6762
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-kigq8000021-CHI, cache-hhn4059-HHN
x-cache-hits: 1, 0
x-timer: S1667966386.011348,VS0,VE315
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h_FYwQaAliHjzoPgXTXnc5zoDoKehXa486SXPRpXERWHj6bQKR-vUA==
age: 142274
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/inline/sick_01.jpg
54.230.111.25200 OK 49 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/inline/sick_01.jpg
IP 54.230.111.25:0
File type JPEG image data, baseline, precision 8, 590x316, components 3\012- data
Hash 6722f7fbc19da75947bddf79d69db3c9
b841490a250a949ec3d138bf20862bba422e0f6a
e3077fe956044588bfebdb95dcdea4a6ee72bc424e0501ff7d0b8eae2ff6aa54
GET /sites/default/files/content/paragraphs/inline/sick_01.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 49434
cache-control: max-age=31622400
etag: "628c5a7f-c11a"
expires: Fri, 10 Nov 2023 03:59:46 GMT
last-modified: Tue, 24 May 2022 04:09:35 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-5b4bf5c55b-w4l2w
x-styx-req-id: f34c4b62-5fe2-11ed-8622-4ab1a7a1bdb6
date: Wed, 09 Nov 2022 03:59:47 GMT
x-served-by: cache-chi-kigq8000026-CHI, cache-hhn4053-HHN
x-cache-hits: 0, 0
x-timer: S1667966387.685516,VS0,VE360
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JL83jebTBVpnpxmaugOtATqYcOMymtKMnARCXc9ZKtbPmdg7Imm3WQ==
age: 130781
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/inline/prevention_01.jpg
54.230.111.25200 OK 39 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/inline/prevention_01.jpg
IP 54.230.111.25:0
File type JPEG image data, baseline, precision 8, 590x316, components 3\012- data
Hash 5ffc334db8bc9cb02132d088d158523f
ea54591769a7f7e0aed0eeee1af7d515916b185e
659d6e8b84b67ade1ffbb54b17d3f02c8876cd41ffa0939c11f6cbeec5db0627
GET /sites/default/files/content/paragraphs/inline/prevention_01.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 39223
cache-control: max-age=31622400
etag: "628c5a7f-9937"
expires: Fri, 20 Oct 2023 15:38:40 GMT
last-modified: Tue, 24 May 2022 04:09:35 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-585b659d7c-rsqjf
x-styx-req-id: 1acea1fa-4fc4-11ed-b75c-56f06252eef6
date: Thu, 10 Nov 2022 06:59:54 GMT
x-served-by: cache-chi-kigq8000153-CHI, cache-hhn4042-HHN
x-cache-hits: 1, 0
x-timer: S1668063594.892828,VS0,VE108
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oCsA4RW0hdUkiealSB0_sewx4kh1y2hlhjvmolDgCWvd7-B_qyvXIg==
age: 130781
X-Firefox-Spdy: h2
coronahomecare.com/themes/hippo/templates/assets/scripts/section/googleApi.js
54.230.111.25200 OK 414 B URL HTTP/2 coronahomecare.com/themes/hippo/templates/assets/scripts/section/googleApi.js
IP 54.230.111.25:0
File type HTML document textAlgol 68 source text\012- Pascal source, ASCII text
Hash f84620c15d2ec410f31aab64b52393dc
52cd223eae6be254e4803f311f8fb78c3b209d26
d12a9ab9702b69664acf0a691cf753cfafc3051962568bcbd6379a619031fa83
Analyzer Verdict Alert fortinet Phishing
GET /themes/hippo/templates/assets/scripts/section/googleApi.js HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 414
cache-control: max-age=31622400
content-encoding: gzip
etag: W/"63685fde-2cd"
expires: Fri, 10 Nov 2023 00:48:13 GMT
last-modified: Mon, 07 Nov 2022 01:31:10 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-5b4bf5c55b-fhhv7
x-styx-req-id: 310b8a3d-5fc8-11ed-b7a0-22bfc10edf5d
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-kigq8000149-CHI, cache-hhn4050-HHN
x-cache-hits: 1, 0
x-timer: S1667966386.018350,VS0,VE110
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cnM1MClORiU-eH1iYGo0fXGAY0Vp5WN4BKSoMZXgID_rJl_-6VjZnw==
age: 142274
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/banner/2020-04/headerv1_04_20.jpg
54.230.111.25200 OK 98 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/banner/2020-04/headerv1_04_20.jpg
IP 54.230.111.25:0
File type JPEG image data, baseline, precision 8, 1400x550, components 3\012- data
Hash d3915a07fcfa7b89b962b031f274298d
c945c11b758797d5abe5732b48efc165956ed3e3
5b6a6d4fe0374d0912ef41f7ddd3cd4fbd01c4f5752e994ea2da51104ad57463
GET /sites/default/files/content/paragraphs/banner/2020-04/headerv1_04_20.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 98077
cache-control: max-age=31622400
etag: "628c5a80-17f1d"
expires: Sun, 15 Oct 2023 02:02:29 GMT
last-modified: Tue, 24 May 2022 04:09:36 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-7c65fbd6f9-d9hkq
x-styx-req-id: 42268c45-4b64-11ed-a1fc-ee2f0444a78d
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-klot8100141-CHI, cache-hhn4050-HHN
x-cache-hits: 1, 0
x-timer: S1667966387.662945,VS0,VE304
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M7aL1NffRlPT9XYLHZcJRGENOyf2VeCyY6cMBU_IH8YQbKzp83rVRA==
age: 130782
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/content/paragraphs/inline/home_WFH_01.jpg
54.230.111.25200 OK 40 kB URL HTTP/2 coronahomecare.com/sites/default/files/content/paragraphs/inline/home_WFH_01.jpg
IP 54.230.111.25:0
File type JPEG image data, baseline, precision 8, 590x316, components 3\012- data
Hash 483d9755209f40b60692607e209de984
4232335a773df2e63b8d7cc937df85637ff587ac
ced4b32deea208290e3cdd14c7fd7d00fcea3fe3f61ab061ea3b4d9293feb09b
GET /sites/default/files/content/paragraphs/inline/home_WFH_01.jpg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 40024
cache-control: max-age=31622400
etag: "628c5a7f-9c58"
expires: Thu, 09 Nov 2023 00:06:43 GMT
last-modified: Tue, 24 May 2022 04:09:35 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-5d6d66c6fb-626jb
x-styx-req-id: 3a2bfa03-5ef9-11ed-bb5e-8268fadb15db
date: Thu, 10 Nov 2022 06:59:53 GMT
x-served-by: cache-chi-kigq8000148-CHI, cache-hhn4020-HHN
x-cache-hits: 1, 1
x-timer: S1668063594.871104,VS0,VE1
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NQr80arDk4fGAgeGsdCa50qq5A1mpidnTK-oC540i1Zpy7DcSyVS2Q==
age: 130782
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2612d097d958886a6be8bf3fae26ca25
d1667b2b324914ba6606f37aa61128b6507b9ca7
e52b4204d3b1031079070c272dc50439be2ec4591a1515baa388bd6178621e7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110509
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:28 GMT
Etag: "636c313d-116"
Expires: Fri, 11 Nov 2022 23:01:17 GMT
Last-Modified: Wed, 09 Nov 2022 23:01:17 GMT
Server: nginx
Content-Length: 278
coronahomecare.com/sites/default/files/js/js_y_432-o6xuh-d7w0_jXDniHOCqzII0cSpDTENtfCxBM.js
54.230.111.25200 OK 561 kB URL HTTP/2 coronahomecare.com/sites/default/files/js/js_y_432-o6xuh-d7w0_jXDniHOCqzII0cSpDTENtfCxBM.js
IP 54.230.111.25:0
File type ASCII text, with very long lines (32058)
Size 561 kB (561109 bytes)
Hash e43e903f9fc6de53f4c7b8879baf2e4a
ea55bf1f712058dae481e5eebaf1159fdf96fef8
f61cd7a6e860c8b782e3ae02270b2eb36b67d55f3d4b7341e8224aae64f44b6d
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/js/js_y_432-o6xuh-d7w0_jXDniHOCqzII0cSpDTENtfCxBM.js HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 561109
cache-control: max-age=31622400
content-encoding: gzip
etag: W/"635ac343-1bc828"
expires: Sat, 28 Oct 2023 17:43:40 GMT
last-modified: Thu, 27 Oct 2022 17:43:31 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-7f9b49b45c-96bt9
x-styx-req-id: e47f6731-561e-11ed-867f-7e7dabb31786
date: Thu, 10 Nov 2022 06:59:54 GMT
x-served-by: cache-chi-klot8100111-CHI, cache-hhn4024-HHN
x-cache-hits: 1, 1
x-timer: S1668063594.121650,VS0,VE4
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Tfh6ZfPoLUlDHwJXHJgD2X2VVK42PgqhYaYaUBOPYx-JRAZ9zazBw==
age: 142274
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5636
Cache-Control: max-age=152481
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:28 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:40:49 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=AW-722110445
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-722110445
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 20e5d5b6a6d53042cf37f41f2b1c8139
66b806b4a5b3b1ecba448767c3d9dbd0b79cc78b
30057240ae29497f38ea1161e2a61d15b1a530b3513f4b143993051d4b88a570
GET /gtag/js?id=AW-722110445 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 10 Nov 2022 16:19:28 GMT
expires: Thu, 10 Nov 2022 16:19:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 10 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;600;800&display=swap
142.250.74.10200 OK 997 B URL HTTP/2 fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;600;800&display=swap
IP 142.250.74.10:0
Hash 798fd0f3b4f5d63a972798f50e3f1219
f798ee2fd9144ef9ec1aae743e91c3f3991024fb
e4e22e71a06c7b2bdc511490b03e93d42347550859ada3e3e9c61a7e0ad63cb2
GET /css2?family=Barlow+Condensed:wght@300;400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 16:19:28 GMT
date: Thu, 10 Nov 2022 16:19:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abc1b6dead712b3905b9b0c0c8b63b56
e63b4c3f61604e313af85d9577866b98f75faa2a
fe7ff7563830e4fd0ab0af0eb929ca26e7a59d6ac147115d127a9585867d139a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
coronahomecare.com/themes/hippo/templates/dist/images/new-design/Arrow.svg
54.230.111.25200 OK 138 B URL HTTP/2 coronahomecare.com/themes/hippo/templates/dist/images/new-design/Arrow.svg
IP 54.230.111.25:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 8935e08cafdae683fe75d5d4b84eeae4
44445e816d849878cc18a48e598292d28eb39b89
2c81b94a778da24f87917ea6e901fd5959308742d5e31e6fddd2e5221c754821
Analyzer Verdict Alert fortinet Phishing
GET /themes/hippo/templates/dist/images/new-design/Arrow.svg HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/sites/default/files/css/css_ohI0yWJxsGc9MwBUw6OrI7M15iKYkXKX84lAykffoi0.css?rl21a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 138
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
etag: W/"63688f94-8e"
expires: Fri, 10 Nov 2023 01:15:20 GMT
last-modified: Mon, 07 Nov 2022 04:54:44 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-5b4bf5c55b-hwq44
x-styx-req-id: fabe29ce-5fcb-11ed-b189-466847172fdc
date: Wed, 09 Nov 2022 03:59:46 GMT
x-served-by: cache-chi-kigq8000099-CHI, cache-fra-eddf8230033-FRA
x-cache-hits: 1, 0
x-timer: S1667966387.676345,VS0,VE111
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qt3JO0qDngW5BXRZLa3Ykk-Lbt9UAR0QIdd62UzKH8I0fPlFA8a8uw==
age: 140648
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@300;400;600;800&display=swap
142.250.74.10200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;600;800&display=swap
IP 142.250.74.10:0
Hash d95d0afc7d13112aab69a8f09cd6ab07
ad84c1f85996cfe0b9db74fe2c6f820d2f998dce
a817691f3c86694f5ffdcd4d5b65eebad81c746221ba97400fd832d36dda5014
GET /css2?family=Inter:wght@300;400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 16:19:28 GMT
date: Thu, 10 Nov 2022 16:19:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
coronahomecare.com/themes/hippo/templates/assets/fonts/Hippo-Akzidenz-Grotesk/AkzidGroCFFLig.woff2
54.230.111.25200 OK 25 kB URL HTTP/2 coronahomecare.com/themes/hippo/templates/assets/fonts/Hippo-Akzidenz-Grotesk/AkzidGroCFFLig.woff2
IP 54.230.111.25:0
File type Web Open Font Format (Version 2), CFF, length 24844, version 1.0\012- data
Hash 3cc4d243c90e1f6fbe8e14fe4f0251f9
761fcf6b197fcee3b99cd6a71e3dad2270ba5485
c32e239446f980bd68ee9f3e5d0ad970c754c4a3cfc8d7b0f1c4ca7888b42a9b
Analyzer Verdict Alert fortinet Phishing
GET /themes/hippo/templates/assets/fonts/Hippo-Akzidenz-Grotesk/AkzidGroCFFLig.woff2 HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://coronahomecare.com/sites/default/files/css/css_ohI0yWJxsGc9MwBUw6OrI7M15iKYkXKX84lAykffoi0.css?rl21a1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 24844
access-control-allow-origin: *
cache-control: max-age=31622400
etag: "636885d3-610c"
expires: Fri, 10 Nov 2023 00:48:25 GMT
last-modified: Mon, 07 Nov 2022 04:13:07 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-84d785568d-vm7tf
x-styx-req-id: 37bf83c5-5fc8-11ed-9838-6226accc6dec
date: Thu, 10 Nov 2022 06:59:55 GMT
x-served-by: cache-chi-klot8100108-CHI, cache-hhn4059-HHN
x-cache-hits: 12, 1
x-timer: S1668063595.220952,VS0,VE1
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VMgPE8hoEo7R1jBBAKni4had2ELLMtj6E4natCKxQeCTWvi-bm_dAg==
age: 142263
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/css/css_ohI0yWJxsGc9MwBUw6OrI7M15iKYkXKX84lAykffoi0.css?rl21a1
54.230.111.25200 OK 17 kB URL HTTP/2 coronahomecare.com/sites/default/files/css/css_ohI0yWJxsGc9MwBUw6OrI7M15iKYkXKX84lAykffoi0.css?rl21a1
IP 54.230.111.25:0
Hash 030ff308693d8a4c9f1b0a0d70929cbf
a14680c5de710f41e23cfcc0909c7357f54750fa
310ba132eca99741ba2adf6e99e35419f2ac5a78083607379fa27604a1c1f80a
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/css/css_ohI0yWJxsGc9MwBUw6OrI7M15iKYkXKX84lAykffoi0.css?rl21a1 HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 112365
cache-control: max-age=31622400
content-encoding: gzip
etag: W/"63585d3f-d06d0"
expires: Thu, 26 Oct 2023 22:35:26 GMT
last-modified: Tue, 25 Oct 2022 22:03:43 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-5ff4c7f6c-5vmnw
x-styx-req-id: 52583800-54b5-11ed-a207-12f9f4d11cfa
date: Thu, 10 Nov 2022 06:59:53 GMT
x-served-by: cache-chi-klot8100032-CHI, cache-hhn4020-HHN
x-cache-hits: 1, 1
x-timer: S1668063594.797367,VS0,VE2
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W4_cSeY-IV_Hf3w7i7e6WfxHeS9olvqzh61dIA-JprH5IVcgd_75Zg==
age: 141831
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uDgcvDcKnIgVZEXzpDUDdw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dAIUU8ni48l9MtkFqT4x8FXBCV0=
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash afd30c4bf8135bba56a29115900bee1c
9840ee07ae640d993938e37a88843d59cdf5bc72
93be8eb5d7ba33bd77265d1bb54a879e67857b856a88f9c3ddc99368cd569bc8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115961
Date: Thu, 10 Nov 2022 16:19:28 GMT
Etag: "636c32ab-1d7"
Expires: Sat, 12 Nov 2022 00:32:09 GMT
Last-Modified: Wed, 09 Nov 2022 23:07:23 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D0jTnrrZwRcDnGIPs3hXic6ZP1T81G9pAlQwKSERbkuKidsezSyyUA==
Age: 5086
collector-3317.tvsquared.com/tv2track.js
3.138.150.105200 OK 8.5 kB URL HTTP/1.1 collector-3317.tvsquared.com/tv2track.js
IP 3.138.150.105:0
File type ASCII text, with very long lines (1162)
Hash 541a38b4f06e41464c0d654e841ac424
d8e6cdf23733cbe85120de52b58c2c7dbe746758
55df73bbedbdb87259af7ccc47efce4497781d0a3154e97a8e07ff059ace234d
GET /tv2track.js HTTP/1.1
Host: collector-3317.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Thu, 10 Nov 2022 16:19:28 GMT
ETag: "6305f9ab-2133"
Expires: Thu, 10 Nov 2022 16:29:28 GMT
Last-Modified: Wed, 24 Aug 2022 10:12:59 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a524d273183b42366a731e85437d1ea9
b022ec9871cd0a8f50c2ddda6aef704d1d3c4d8e
8617ab06215f733be6e072c81acbd512e846b9a46b41563e32431ff5b9a63075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158001
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:28 GMT
Etag: "636ceac1-118"
Expires: Sat, 12 Nov 2022 12:12:49 GMT
Last-Modified: Thu, 10 Nov 2022 12:12:49 GMT
Server: nginx
Content-Length: 280
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash e66fc3e3059fae30fad675b84423f00d
3bdb8071b1c0b373e357be0bb06638d4516b3a18
46b144d624374da33ef9e468a4ea7b2e92389826c3ef5a3b755a73898fa44d9f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92856
Date: Thu, 10 Nov 2022 16:19:29 GMT
Etag: "636bdcc4-1d7"
Expires: Fri, 11 Nov 2022 18:07:05 GMT
Last-Modified: Wed, 09 Nov 2022 17:00:52 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ul4VDRLqtsqssz1BqTp8G9HQk46x3h5DC2Gs0TNDfNV37XZvugM46w==
Age: 3973
collector-3317.tvsquared.com/tv2track.php?action_name=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&idsite=TV-63638127-1&rec=1&r=904459&h=16&m=19&s=25&url=https%3A%2F%2Fcoronahomecare.com%2F&_id=5917cbf5ba3c1959&_idts=1668097165&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=139
3.138.150.105200 OK 42 B URL HTTP/1.1 collector-3317.tvsquared.com/tv2track.php?action_name=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&idsite=TV-63638127-1&rec=1&r=904459&h=16&m=19&s=25&url=https%3A%2F%2Fcoronahomecare.com%2F&_id=5917cbf5ba3c1959&_idts=1668097165&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=139
IP 3.138.150.105:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&idsite=TV-63638127-1&rec=1&r=904459&h=16&m=19&s=25&url=https%3A%2F%2Fcoronahomecare.com%2F&_id=5917cbf5ba3c1959&_idts=1668097165&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=139 HTTP/1.1
Host: collector-3317.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Thu, 10 Nov 2022 16:19:29 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: 32900450-d14d-4708-9610-2fa8bfa17039
Server: nginx
Content-Length: 42
Connection: keep-alive
js.adsrvr.org/up_loader.1.1.0.js
54.230.241.118200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 54.230.241.118:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 10 Nov 2022 06:28:06 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SVq3fgKhx_rPn8AdyT5i_qUsNGkm6t_O953rnR-Ei_OMxNO70csDJA==
Age: 36438
ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
IP 142.250.74.35:0
Hash 35b05e9d058238e3a9a6fa00d41bdf0d
1351e06ae46dd8a523d2e32739df55fe3fdd8b0f
e03d56834129cfadf28ff0df5605120e1ae49ee74cf373f1b266240539375be8
POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5438277cc973221fbc764018e02f2795
7521bbd97854d3943f82c59c33e64c5d4053cfdf
1d10c8e413b0c0fe9a3bef6c2922355934e735ac66aa4ccd2dc0a8f5c43a1d11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvF1ZlalHyPUeG0_jzGTxrMOg3L9Ky6N_4lKmpSqCFDAowRGxp4KINnxQYeCFwLl2R9IjqR3G0u1UBQaR0KcFYGqw
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Thu, 10 Nov 2022 15:57:10 GMT
expires: Thu, 10 Nov 2022 16:57:10 GMT
cache-control: public, max-age=3600
age: 1339
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
collector-3317.tvsquared.com/tv2track.php?action_name=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&idsite=TV-63638127-1&rec=1&r=002512&h=16&m=19&s=25&url=https%3A%2F%2Fcoronahomecare.com%2F&_id=5917cbf5ba3c1959&_idts=1668097165&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22MyHippo%20Homepage%22%2C%22%7B%5C%22id%5C%22%3Anull%2C%5C%22promo%5C%22%3A%5C%22%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%5C%22%7D%22%5D%7D>_ms=139
3.138.150.105200 OK 42 B URL HTTP/1.1 collector-3317.tvsquared.com/tv2track.php?action_name=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&idsite=TV-63638127-1&rec=1&r=002512&h=16&m=19&s=25&url=https%3A%2F%2Fcoronahomecare.com%2F&_id=5917cbf5ba3c1959&_idts=1668097165&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22MyHippo%20Homepage%22%2C%22%7B%5C%22id%5C%22%3Anull%2C%5C%22promo%5C%22%3A%5C%22%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%5C%22%7D%22%5D%7D>_ms=139
IP 3.138.150.105:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&idsite=TV-63638127-1&rec=1&r=002512&h=16&m=19&s=25&url=https%3A%2F%2Fcoronahomecare.com%2F&_id=5917cbf5ba3c1959&_idts=1668097165&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22MyHippo%20Homepage%22%2C%22%7B%5C%22id%5C%22%3Anull%2C%5C%22promo%5C%22%3A%5C%22%5C%22%7D%22%5D%7D&cookie=1&res=1280x1024&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%5C%22%7D%22%5D%7D>_ms=139 HTTP/1.1
Host: collector-3317.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Thu, 10 Nov 2022 16:19:29 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: 9231a000-1b9c-475e-969f-fbfc9e448525
Server: nginx
Content-Length: 42
Connection: keep-alive
10976694.fls.doubleclick.net/activityi;src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F?
142.250.74.70200 OK 238 B URL HTTP/2 10976694.fls.doubleclick.net/activityi;src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (457), with no line terminators
Hash 5972fe690bd76e80ae6403564ae18939
e68d23a15ee2b9a1ae10ccea48075b28bbca23fd
e0bd1c3a19f34ebaf7553036c61a95a50243e6ec9c8bbba1a8b01df564f96439
GET /activityi;src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F? HTTP/1.1
Host: 10976694.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 238
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 16:34:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1594850&mt_adid=254424&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
23.38.200.207200 OK 2.1 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1594850&mt_adid=254424&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 23.38.200.207:0
Hash 334c6345d2cae6a25750d40958e64984
58064aeb97e1cdec880c271131dc8c1571d12864
f68a4a97983b4a666125b672f211ca78c89bf6e59634a7e6b09cb5ce471b876c
GET /event/js?mt_id=1594850&mt_adid=254424&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2146
Access-Control-Allow-Origin: *
Server: MT3 4629 97bee97 master iad-pixel-x2 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Thu, 10 Nov 2022 16:19:28 GMT
Date: Thu, 10 Nov 2022 16:19:29 GMT
Connection: keep-alive
Set-Cookie: uuid=0802636d-2491-4100-bc23-6c6e7c44b4be; domain=.mathtag.com; path=/; expires=Fri, 08-Dec-2023 16:19:29 GMT; SameSite=None; Secure
ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CCh3rUTg6fw
IP 142.250.74.35:0
Hash 35b05e9d058238e3a9a6fa00d41bdf0d
1351e06ae46dd8a523d2e32739df55fe3fdd8b0f
e03d56834129cfadf28ff0df5605120e1ae49ee74cf373f1b266240539375be8
POST /s/gts1d4/CCh3rUTg6fw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c447bef6eb191100b494af5a60e18410
e5bba45a1086b60d1192e338a0d4a6f2bfdec53a
ccabbf6810f1bb0948771d33faceae5606ac8720f4acbf20ce0caa5cb4b84bae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120809
Date: Thu, 10 Nov 2022 16:19:29 GMT
Etag: "636c4913-1d7"
Expires: Sat, 12 Nov 2022 01:52:58 GMT
Last-Modified: Thu, 10 Nov 2022 00:42:59 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kdv6L7H9pLIJX4ty49gFCFinu5zQGsVy9X-1yVNojjMLjOeaehKCug==
Age: 4199
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5438277cc973221fbc764018e02f2795
7521bbd97854d3943f82c59c33e64c5d4053cfdf
1d10c8e413b0c0fe9a3bef6c2922355934e735ac66aa4ccd2dc0a8f5c43a1d11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad3b1abb5741c9084f9dae65f70907d8
39f4bac2dd0c616c78bb397f894c16a335736d37
dfd76175526c48ada7a83d037d735d265626407aca3953a97f14bb4669e409be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFD76175526C48ADA7A83D037D735D265626407ACA3953A97F14BB4669E409BE"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3268
Expires: Thu, 10 Nov 2022 17:13:57 GMT
Date: Thu, 10 Nov 2022 16:19:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash da6ea2384d89dcf08521ba15aaa8c085
141a73f1f12700389cecb3548d37c2d5286e7a95
db36322a9271b8e877ba3b1b59c0b8783eb5e9ac8cddd9ecce4180904e7a1088
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 122c813391dbdd1c40975c7640198874
e53e8c43f68f2f0058763cdd8e57512e9a8083c0
8e0571c6f0b7ea85acf878612eb26609f2b06da8c5a776d8307df05c6d6ae29e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 122c813391dbdd1c40975c7640198874
e53e8c43f68f2f0058763cdd8e57512e9a8083c0
8e0571c6f0b7ea85acf878612eb26609f2b06da8c5a776d8307df05c6d6ae29e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F
142.250.74.162200 OK 236 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (456), with no line terminators
Hash 85e997a62995e031514b8d8cc54fa75c
6e75caf80320a277d910972b44c621a8439eb7d0
098e80f7532c0f47a7566c4452479fd2d93108ca4d465388cc8979329c03438c
GET /ddm/fls/i/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10976694.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.myhippo.com/v1/configuration/?callback=setConfiguration&
104.18.2.236200 OK 7.1 kB URL HTTP/2 api.myhippo.com/v1/configuration/?callback=setConfiguration&
IP 104.18.2.236:0
Hash c4e41bead210af7a2a128a05b0a411e0
f1916f2112cbd6870445a5c3296cf19f4ce72dac
7022c8e91f77f6ad52c0f3d87b1f477100a6044d222746c4a898db8b3cdd411d
GET /v1/configuration/?callback=setConfiguration& HTTP/1.1
Host: api.myhippo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:29 GMT
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
etag: W/"a336-BxroEhQt3xP7g8xZQSXC7+1Vsjw"
x-kong-upstream-latency: 30
x-kong-proxy-latency: 0
via: kong/2.5.0
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=QHji0tBKWLoZOWCJaCwt85U.QwPHy.VoxohIMu2XYr8-1668097169-0-ATC4ePcd6VosBmNQPwhC3SZcgawwDReZgwSZDzOms9uPzMg5clwJSvm+AEQw3htnwUEmwooxQFbbvzymySoG0ro=; path=/; expires=Thu, 10-Nov-22 16:49:29 GMT; domain=.myhippo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 76801c2a5f92b524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash da6ea2384d89dcf08521ba15aaa8c085
141a73f1f12700389cecb3548d37c2d5286e7a95
db36322a9271b8e877ba3b1b59c0b8783eb5e9ac8cddd9ecce4180904e7a1088
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash aac9a44d90ef332039316f3f8e75ef7f
7f14695c3512f762b53a5f2d4577c3b831ffd3e2
a190e6eaacda76e8f75d18d36d7a65916550ca96acceb6f597d7b0d3055e9113
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F
216.58.207.194302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10976694.fls.doubleclick.net/ddm/fls/r/src=10976694;type=hippo0;cat=hippo001;ord=1;num=9866992566433;gtm=2wgb70;auiddc=174635058.1668097165;~oref=https%3A%2F%2Fcoronahomecare.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://coronahomecare.com/
Origin: https://coronahomecare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 6epi5ucu6hct
x-powered-by: Express
x-cloud-trace-context: a72d006901ce0b277dda0717be1aa46b
content-encoding: gzip
date: Thu, 10 Nov 2022 16:19:29 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
q.quora.com/_/ad/6deef9ff33224d228207fe2ba3e43259/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fcoronahomecare.com%2F
52.72.186.224200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/6deef9ff33224d228207fe2ba3e43259/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fcoronahomecare.com%2F
IP 52.72.186.224:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/6deef9ff33224d228207fe2ba3e43259/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fcoronahomecare.com%2F HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Thu, 10 Nov 2022 16:19:29 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,b778607162ec4e8ac3e18154600ea9d6,10.0.0.120,13018,91.90.42.154,,76583649485,1,1668097169.496,0.001,,.,0,0,0.000,0.000,-,0,0,197,174,87,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2612d097d958886a6be8bf3fae26ca25
d1667b2b324914ba6606f37aa61128b6507b9ca7
e52b4204d3b1031079070c272dc50439be2ec4591a1515baa388bd6178621e7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110508
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Etag: "636c313d-116"
Expires: Fri, 11 Nov 2022 23:01:17 GMT
Last-Modified: Wed, 09 Nov 2022 23:01:17 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 122c813391dbdd1c40975c7640198874
e53e8c43f68f2f0058763cdd8e57512e9a8083c0
8e0571c6f0b7ea85acf878612eb26609f2b06da8c5a776d8307df05c6d6ae29e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 55a014c588b503fb9e87819cf32bb720
098d8ee5cea41174d6b61cecf2714f8c377a8e9d
bd04977099e60bd1a91d91f1aceb8d4952c08205349e409a3dda7e5b5617fa65
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 16:19:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 14 Nov 2022 13:03:47 GMT
ETag: "098d8ee5cea41174d6b61cecf2714f8c377a8e9d"
Last-Modified: Thu, 10 Nov 2022 13:03:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 678
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76801c2e4a361bfe-OSL
login.dotomi.com/profile/visit/js/1_0?dtm_cid=82249&dtm_cmagic=72b365&dtm_fid=4380&cachebuster=2135347387
63.215.202.140200 OK 1.9 kB URL HTTP/2 login.dotomi.com/profile/visit/js/1_0?dtm_cid=82249&dtm_cmagic=72b365&dtm_fid=4380&cachebuster=2135347387
IP 63.215.202.140:0
File type ASCII text, with very long lines (373)
Hash 9512654219d0865bfc4d99f314aa0ecf
c6a2bdc58dc6102a8bac9fa5ff0d2ee3e6665807
b6ed35bf3a3fc8a247966f961a127fafe26ca7ba0c752f65320db6b375a91658
GET /profile/visit/js/1_0?dtm_cid=82249&dtm_cmagic=72b365&dtm_fid=4380&cachebuster=2135347387 HTTP/1.1
Host: login.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10976694.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 16:19:29 GMT
content-type: application/javascript
content-length: 1944
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-encoding: gzip
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Content-Type: application/json
Origin: https://coronahomecare.com
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: akk3mreob3t4
x-powered-by: Express
x-cloud-trace-context: e02d6ba771050624f600d954e15621cc
date: Thu, 10 Nov 2022 16:19:29 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.leap4.tv/?leadId=null&event=Homepage
54.230.111.125200 OK 43 B URL HTTP/2 track.leap4.tv/?leadId=null&event=Homepage
IP 54.230.111.125:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /?leadId=null&event=Homepage HTTP/1.1
Host: track.leap4.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Thu, 10 Nov 2022 16:19:29 GMT
x-amzn-requestid: a02256b2-3b75-4e18-b727-01df02068f30
x-amzn-trace-id: root=1-636d2491-65f8de6b574b148e3b241412;sampled=0
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5AOKQdj-e7jnX2wtBolOH4auv0wRrCgbL5mRKD68WnIefLeCFvm5FA==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 53b44ba060945fa4b68f252b5f659e2b
eea3b6be69c9d8aceacfbf4bf79b9d5b3f95eb6f
026c5f1875ff57d23d8b7d948201d43f5977539bae409c07b77c91a001649e14
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152757
Date: Thu, 10 Nov 2022 16:19:29 GMT
Etag: "636cd590-1d7"
Expires: Sat, 12 Nov 2022 10:45:26 GMT
Last-Modified: Thu, 10 Nov 2022 10:42:24 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gfY5x7mVPqJo74yi0MTG4rNucCP1AnaE1GI71u7Of85OxlV2zCisZg==
Age: 182
px.gumgum.com/ad/conversion?cmp=11570&num=1&rnd=2135347387
63.33.0.112200 OK 0 B URL HTTP/2 px.gumgum.com/ad/conversion?cmp=11570&num=1&rnd=2135347387
IP 63.33.0.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/conversion?cmp=11570&num=1&rnd=2135347387 HTTP/1.1
Host: px.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10976694.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:29 GMT
content-length: 0
server: nginx
set-cookie: cs=true; Domain=.gumgum.com; Expires=Fri, 10-Nov-2023 16:19:29 GMT; Path=/; Secure; SameSite=None
etag: "0d41d8cd98f00b204e9800998ecf8427e"
timing-allow-origin: *
X-Firefox-Spdy: h2
login.dotomi.com/profile/visit/consent/js?dtm_cid=82249&dtm_fid=4380&dtm_cmagic=72b365&cachebuster=2135347387&dtm_form_uid=652206777445751959&dtmc_cmpcapture=consentDisco_!0!_apiMissing&gdpr_consent=&gdpr=1
63.215.202.140200 OK 19 B URL HTTP/2 login.dotomi.com/profile/visit/consent/js?dtm_cid=82249&dtm_fid=4380&dtm_cmagic=72b365&cachebuster=2135347387&dtm_form_uid=652206777445751959&dtmc_cmpcapture=consentDisco_!0!_apiMissing&gdpr_consent=&gdpr=1
IP 63.215.202.140:0
File type ASCII text, with no line terminators
Hash 6cd2e41323aa3855bd126a5810c529a4
95ba0297adf864c495a13fef1e936c6086ff19a6
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
GET /profile/visit/consent/js?dtm_cid=82249&dtm_fid=4380&dtm_cmagic=72b365&cachebuster=2135347387&dtm_form_uid=652206777445751959&dtmc_cmpcapture=consentDisco_!0!_apiMissing&gdpr_consent=&gdpr=1 HTTP/1.1
Host: login.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10976694.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 16:19:29 GMT
content-type: application/javascript
content-length: 19
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
X-Firefox-Spdy: h2
cdn.heapanalytics.com/js/heap-3074920207.js
54.230.111.52200 OK 45 kB URL HTTP/2 cdn.heapanalytics.com/js/heap-3074920207.js
IP 54.230.111.52:0
Hash cfdf9f16676a5da879e0680d3dbc9fb6
7aab494517e8b1f2e13c327cfa9f1b52cea78d74
be1562a6271392b95176e9ba85e0adf2a8c2409445c0a654ecf18245000e107c
GET /js/heap-3074920207.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 10 Nov 2022 16:17:34 GMT
server: nginx
etag: W/"1c312-zxBOc56fSooWwuKoEXjN6Q"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PAUTgplINN5w3kV3lXT1V8s25NP9iegiqpPonIuxebiO43_6Nl4uLw==
age: 114
X-Firefox-Spdy: h2
coronahomecare.com/sites/default/files/favicon_branded_0.ico
54.230.111.25200 OK 1.3 kB URL HTTP/2 coronahomecare.com/sites/default/files/favicon_branded_0.ico
IP 54.230.111.25:0
File type MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 9b388b10a855358b1348eff62e36a681
90a0321ee72df6d5b9df45c4b2227392685e9835
ef1c4abe353a4c2954df792fcc7294fefdd8f3e7d76ad5367910265fcf713e58
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/favicon_branded_0.ico HTTP/1.1
Host: coronahomecare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Cookie: _tq_id.TV-63638127-1.feae=5917cbf5ba3c1959.1668097165.0.1668097165..; _gcl_au=1.1.174635058.1668097165; __pdst=deb0506ca6824c7b9fe70a663607ed02
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 1337
cache-control: max-age=31622400
etag: "62a73b23-1cee"
expires: Thu, 12 Oct 2023 11:51:42 GMT
last-modified: Mon, 13 Jun 2022 13:26:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-a-64b8c86cf7-scbdq
x-styx-req-id: 1286bbaf-495b-11ed-ad15-5a716e6292c8
content-encoding: gzip
date: Thu, 10 Nov 2022 06:59:59 GMT
x-served-by: cache-chi-kigq8000045-CHI, cache-hhn4024-HHN
x-cache-hits: 1, 1
x-timer: S1668063600.936756,VS0,VE2
x-robots-tag: noindex
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yU1SOIKIH6IXEO-SIklDkiIgEDU8XrfzvyMT_kZ_tQ70HxTPSKU4Ng==
age: 143327
X-Firefox-Spdy: h2
ad.ipredictive.com/d/track/event?upid=103312&url=[url]&cache_buster=2135347387&ps=1
54.84.130.59200 OK 0 B URL HTTP/1.1 ad.ipredictive.com/d/track/event?upid=103312&url=[url]&cache_buster=2135347387&ps=1
IP 54.84.130.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/track/event?upid=103312&url=[url]&cache_buster=2135347387&ps=1 HTTP/1.1
Host: ad.ipredictive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10976694.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 16:19:30 GMT
Set-Cookie: cu=ab352db8-4972-4fe3-a16e-9a92b1dd417f|1668097170064; Path=/; Domain=ipredictive.com; Expires=Fri, 10 Nov 2023 16:19:30 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 867336fa-2c73-4c84-9f4e-1a12b2b44f15
Content-Length: 0
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.5 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12826)
Hash 806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=11330
date: Thu, 10 Nov 2022 16:19:30 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 10 Nov 2022 14:41:09 GMT
expires: Thu, 10 Nov 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 5901
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 84d0bda6455ac61abfc43daa003e9d21
a7eb2cfc89872f3b7b92c375ffbeac8fb7a42dca
40aa199c57486e8af0c07cf46126e84b0b6bfe9129e5389593853406c68b476e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2639
Cache-Control: max-age=95478
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Etag: "636bec39-1d7"
Expires: Fri, 11 Nov 2022 18:50:48 GMT
Last-Modified: Wed, 09 Nov 2022 18:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=09FBD498B8F8670B0C38C6C0B90D66B0; domain=.bing.com; expires=Tue, 05-Dec-2023 16:19:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E9C9FEAEB8654D05A0EAE3F05B6649FE Ref B: OSL30EDGE0115 Ref C: 2022-11-10T16:19:30Z
date: Thu, 10 Nov 2022 16:19:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.quantserve.com/pixel/p-yyzYAuSMjvL1G.gif?labels=_fp.pcat.INSERT+PRODUCT+CATEGORY,_fp.customer.INSERT+CUSTOMER+TYPE,_fp..INSERT+&orderid=&revenue=
91.228.74.168200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel/p-yyzYAuSMjvL1G.gif?labels=_fp.pcat.INSERT+PRODUCT+CATEGORY,_fp.customer.INSERT+CUSTOMER+TYPE,_fp..INSERT+&orderid=&revenue=
IP 91.228.74.168:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel/p-yyzYAuSMjvL1G.gif?labels=_fp.pcat.INSERT+PRODUCT+CATEGORY,_fp.customer.INSERT+CUSTOMER+TYPE,_fp..INSERT+&orderid=&revenue= HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:30 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=636d2492-2b377-ceb4f-2bddf; expires=Mon, 11-Dec-2023 16:19:30 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Thu, 10 Nov 2022 17:18:03 GMT
Date: Thu, 10 Nov 2022 16:19:30 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/956895275/?random=1668097165192&cv=11&fst=1668097165192&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&auid=174635058.1668097165&rfmt=3&fmt=4
142.250.74.34200 OK 886 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/956895275/?random=1668097165192&cv=11&fst=1668097165192&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&auid=174635058.1668097165&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1873), with no line terminators
Hash cfd411e28c440ce08e6c8202a3405e42
cfa95de38d56afbe6bc70669a0d6223d85002378
a370e57a3929ca23e68e257834fa5e720c7da0484eafe535b9b9b926baf8fd70
GET /pagead/viewthroughconversion/956895275/?random=1668097165192&cv=11&fst=1668097165192&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&auid=174635058.1668097165&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 886
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 16:34:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 66980
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 65145
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 65010
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 006bc2d8ab25bb41f907cbf7aae72496
edfa83f56f1c0e75d1785b84b1ac749c4460787e
b31c79d23217ebe327b55bea3133ebf472781ee7101df47de0f87019e182fa0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6cc99b2b74ebf6c9ade5ceda39375f70
a173fa17944a336ac34b99bc7b6d29cd55af1f1e
676a140411e6ebdfd6e21d0b583df06f78ddd84759ecf38d5bbb8390b4ffb891
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staticw2.yotpo.com/bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX/widget.js
2.23.139.120200 OK 115 kB URL HTTP/2 staticw2.yotpo.com/bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX/widget.js
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (48953)
Size 115 kB (115284 bytes)
Hash a1c47ce15915193f763b11d8616e1442
fcb63c9c649265779c92e49acfa7cdae8cb3de84
294ca2c621777ada6f7e84a6068cf3716e0e6b5584a16f513b1895b98d398bc1
GET /bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX/widget.js HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
etag: W/"a1c47ce15915193f763b11d8616e1442"
x-request-id: e1ba1a41183f972f0bcdfae7e145cff3
x-runtime: 0.471407
access-control-allow-headers: *
content-length: 115284
cache-control: public, max-age=3954
date: Thu, 10 Nov 2022 16:19:30 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=88
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7af9a4c649c9ff2f48006dffde7fe73
a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae
1ccf9503c2ecaeb6f64a8e4194575908ca8746c69bf2b6fb1a6a59cf2408dc2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb019e92-4345-4986-9822-55d2be3619e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11722
x-amzn-requestid: bdba30aa-7c54-4163-8c09-e2c8948bba5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlomHKfoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9d-0497f5bc1d5c2fab268fb451;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QNvJiTrfKbAKIlX-fkY8wDsVF4zwc3T0ceo_c4-gtWAcrCe7sSlzlA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:00 GMT
age: 66870
etag: "a19bc4b970a451dc7fe45dd7e72a5640ee6c4cae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 66569
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/854240033/?random=1668097165200&cv=11&fst=1668097165200&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=AQi0CKzYtfwBEKHWqpcD&hn=www.google.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&value=0&bttype=purchase&auid=174635058.1668097165&gcp=1&ct_cookie_present=1
142.250.74.34200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/854240033/?random=1668097165200&cv=11&fst=1668097165200&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=AQi0CKzYtfwBEKHWqpcD&hn=www.google.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&value=0&bttype=purchase&auid=174635058.1668097165&gcp=1&ct_cookie_present=1
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/854240033/?random=1668097165200&cv=11&fst=1668097165200&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=AQi0CKzYtfwBEKHWqpcD&hn=www.google.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&value=0&bttype=purchase&auid=174635058.1668097165&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 16:34:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6cc99b2b74ebf6c9ade5ceda39375f70
a173fa17944a336ac34b99bc7b6d29cd55af1f1e
676a140411e6ebdfd6e21d0b583df06f78ddd84759ecf38d5bbb8390b4ffb891
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3d41dfaf58f86bf34419b8685d2c28a
457a2fa7c84d48b3e2c2442cb2a90e1c55a9e017
6e879d14ed6df6d3968f579152c55db9ff56fcb0b8a62f8e1f16b4ad3077a110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3194
Cache-Control: max-age=160493
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Etag: "636ce805-1d7"
Expires: Sat, 12 Nov 2022 12:54:23 GMT
Last-Modified: Thu, 10 Nov 2022 12:01:09 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc04eddc597d6b10db5d59c53f20aec
dddc0da13526d24aaea990cc1d68d9212612da43
a7e2d1fd141c4383de3411be95b8875c9d969d5f001020793a2b4d939aaa780b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe468f92f-2486-4c80-ab37-4225f9f983cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12268
x-amzn-requestid: cd9ea4f7-9a75-47b4-a0ad-817c821a592e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpZHbBIAMFfUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca2-69a98f453929cc817bead2c7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xq1vIovXXR0pPaaHjKWeLcZszoEkISrYvqKvshtQ9dFTf6CUwxmIWA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "dddc0da13526d24aaea990cc1d68d9212612da43"
content-type: image/jpeg
age: 65010
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
23.38.200.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 23.38.200.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 4629 97bee97 master iad-pixel-x9 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Thu, 10 Nov 2022 16:19:29 GMT
Date: Thu, 10 Nov 2022 16:19:30 GMT
Connection: keep-alive
Set-Cookie: uuid=c71b636d-2492-4400-947b-dddb2e359511; domain=.mathtag.com; path=/; expires=Fri, 08-Dec-2023 16:19:30 GMT; SameSite=None; Secure
beacon.krxd.net/event.gif?event_id=NMoHNz2v&event_type=pageview
54.220.51.208204 No Content 0 B URL HTTP/2 beacon.krxd.net/event.gif?event_id=NMoHNz2v&event_type=pageview
IP 54.220.51.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.gif?event_id=NMoHNz2v&event_type=pageview HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 10 Nov 2022 16:19:30 GMT
set-cookie: _kuid_=PMNZc31v; Expires=Tue, 09-May-23 16:19:30 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n017-dub-prod.krxd.net
x-request-time: D=40 t=1668097170
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 77bb51afc49df68979d57d09a0006f7a
dc7b74e9885c71dce6e80922ff1d7e618a5e7f73
1e4b543d1e1f3f532f258dc2b4fd227384007598208895ed7ad8d733a1af0dea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156011
Date: Thu, 10 Nov 2022 16:19:30 GMT
Etag: "636cd451-1d7"
Expires: Sat, 12 Nov 2022 11:39:41 GMT
Last-Modified: Thu, 10 Nov 2022 10:37:05 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hkm1xNLmeRCPGmQeyuE7h62GpQcmCM8L-BEZML57aI6VXV5SlLu7Gw==
Age: 3756
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c34b46801ae3380cfcfb85bdbf39523
6997af2baf1685b13895d6e5580893f4265a3b4d
43a6e362b71cd9d8622fc80d8ac7bba6dc320a0f274bb63ea976d2ccca46287e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A6E362B71CD9D8622FC80D8AC7BBA6DC320A0F274BB63EA976D2CCCA46287E"
Last-Modified: Thu, 10 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20708
Expires: Thu, 10 Nov 2022 22:04:38 GMT
Date: Thu, 10 Nov 2022 16:19:30 GMT
Connection: keep-alive
staticw2.yotpo.com/bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX/widget.css?widget_version=2020-11-11_14-27-34
2.23.139.120200 OK 44 kB URL HTTP/2 staticw2.yotpo.com/bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX/widget.css?widget_version=2020-11-11_14-27-34
IP 2.23.139.120:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (65436)
Hash 43a54304d055255af027b4d07a2e9ee8
c123e7fc7cb2ee9f78557b46cbd7dd8f01117ce6
2fcb0543837b93862588e91e20c08ec0c73b6e86804d62b57a9c24f0f23c6080
GET /bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX/widget.css?widget_version=2020-11-11_14-27-34 HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
etag: W/"43a54304d055255af027b4d07a2e9ee8"
x-request-id: 0d4a708d5cf1929569b5b8f9cd941ba1
x-runtime: 0.094037
access-control-allow-headers: *
content-length: 44027
cache-control: public, max-age=3896
date: Thu, 10 Nov 2022 16:19:30 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=13
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
tags.w55c.net/rs?id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage
35.157.164.97302 0 B URL HTTP/1.1 tags.w55c.net/rs?id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage
IP 35.157.164.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs?id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage HTTP/1.1
Host: tags.w55c.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache, must-revalidate
Date: Thu, 10 Nov 2022 16:19:29 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://tags.w55c.net/rs?sccid=fa64585c-0340-e7ae-abca-e541be33c31f&scc=1&id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage
Pragma: no-cache
Server: Retargeting/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=tQ45spOj1OTah42; Domain=.w55c.net; Expires=Mon, 11-Dec-2023 02:19:30 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash dc2c67825e58856258bddd6649260163
379c4befc65209f173a00f33545dfd628daa7eec
dd30214554e502ad6d60d55082c5ad4bd491a09007d0a4e4e63e2c1724fbe4d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114252
Date: Thu, 10 Nov 2022 16:19:30 GMT
Etag: "636c275e-1d7"
Expires: Sat, 12 Nov 2022 00:03:42 GMT
Last-Modified: Wed, 09 Nov 2022 22:19:10 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S74v4MxoNxuvE3yUYTdK93R3TJSR7Sd7bxjJzy2Mr96YF8MYwtCKjQ==
Age: 6272
rp.liadm.com/p?aid=a-02sc
54.152.2.69302 Found 0 B URL HTTP/2 rp.liadm.com/p?aid=a-02sc
IP 54.152.2.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?aid=a-02sc HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 10 Nov 2022 16:19:30 GMT
content-length: 0
trace-id: cd3a10239bdf61dd
vary: Origin
location: /p?aid=a-02sc&n3pc=true&pu=https%3A%2F%2Fcoronahomecare.com%2F
set-cookie: lidid=13a0dd6f-cfb6-4a09-86f0-2f5a178845be; Max-Age=63072000; Expires=Sat, 09 Nov 2024 16:19:30 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash d55b122c191fff2796bfb6af38db759a
e46d712570b3fa090a8b1481190700f407d25f6b
3eddbc0372ae75851a1d2e298b09b0c5f330ccf7c0c2ef15d26dc6f473d216c1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152613
Date: Thu, 10 Nov 2022 16:19:30 GMT
Etag: "636cd2f7-1d7"
Expires: Sat, 12 Nov 2022 10:43:03 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:19 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -tz1ooncw1Hc262P1b8EdcArsg198fFb1vKk-7xlVg55Z679P5aUGA==
Age: 704
heapanalytics.com/h?a=3074920207&u=3405687060511940&v=2016606383761990&s=8207925214580174&b=web&tv=4.0&z=0&h=%2F&d=coronahomecare.com&t=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&ts=1668097166218&st=1668097166221
3.210.207.201200 OK 37 B URL HTTP/2 heapanalytics.com/h?a=3074920207&u=3405687060511940&v=2016606383761990&s=8207925214580174&b=web&tv=4.0&z=0&h=%2F&d=coronahomecare.com&t=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&ts=1668097166218&st=1668097166221
IP 3.210.207.201:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /h?a=3074920207&u=3405687060511940&v=2016606383761990&s=8207925214580174&b=web&tv=4.0&z=0&h=%2F&d=coronahomecare.com&t=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&ts=1668097166218&st=1668097166221 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:30 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=15333153&Ver=2&mid=b8e93d9d-f4fc-4e25-9a0a-c04f06b106c4&sid=71f8c260611311ed8361a5ddf2a692c0&vid=71f8ea50611311edae9335535e9c6650&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&p=https%3A%2F%2Fcoronahomecare.com%2F&r=<=2651&evt=pageLoad&sv=1&rn=714743
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=15333153&Ver=2&mid=b8e93d9d-f4fc-4e25-9a0a-c04f06b106c4&sid=71f8c260611311ed8361a5ddf2a692c0&vid=71f8ea50611311edae9335535e9c6650&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&p=https%3A%2F%2Fcoronahomecare.com%2F&r=<=2651&evt=pageLoad&sv=1&rn=714743
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=15333153&Ver=2&mid=b8e93d9d-f4fc-4e25-9a0a-c04f06b106c4&sid=71f8c260611311ed8361a5ddf2a692c0&vid=71f8ea50611311edae9335535e9c6650&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&p=https%3A%2F%2Fcoronahomecare.com%2F&r=<=2651&evt=pageLoad&sv=1&rn=714743 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=143D122EDF1661C210060076DEE3608B; domain=.bing.com; expires=Tue, 05-Dec-2023 16:19:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84F1E66F7FB3451EB558D3A374C5DBFE Ref B: OSL30EDGE0115 Ref C: 2022-11-10T16:19:30Z
date: Thu, 10 Nov 2022 16:19:30 GMT
X-Firefox-Spdy: h2
tags.w55c.net/rs?sccid=fa64585c-0340-e7ae-abca-e541be33c31f&scc=1&id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage
35.157.164.97200 42 B URL HTTP/1.1 tags.w55c.net/rs?sccid=fa64585c-0340-e7ae-abca-e541be33c31f&scc=1&id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage
IP 35.157.164.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /rs?sccid=fa64585c-0340-e7ae-abca-e541be33c31f&scc=1&id=b4cdaea53ed7479d8cf54ac84527ad0c&t=homepage HTTP/1.1
Host: tags.w55c.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Date: Thu, 10 Nov 2022 16:19:30 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: Retargeting/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 42
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dbfb46e8bdaa19ddaed629adf779c7d0
b8600d1af8e94f3c2d9dd41cc6d006dedfb09d16
bd87911e5dda0e290bde8bc02ffe35fd6b7538c0afec0703fdcb1bf86e4a27ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/854240033/?random=1668097165200&cv=11&fst=1668097165200&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=AQi0CKzYtfwBEKHWqpcD&hn=www.google.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&value=0&bttype=purchase&auid=174635058.1668097165&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.35200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/854240033/?random=1668097165200&cv=11&fst=1668097165200&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=AQi0CKzYtfwBEKHWqpcD&hn=www.google.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&value=0&bttype=purchase&auid=174635058.1668097165&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.35:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/854240033/?random=1668097165200&cv=11&fst=1668097165200&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&label=AQi0CKzYtfwBEKHWqpcD&hn=www.google.com&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&value=0&bttype=purchase&auid=174635058.1668097165&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/956895275/?random=1668097165192&cv=11&fst=1668096000000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&fmt=3&is_vtc=1&random=274717002&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/956895275/?random=1668097165192&cv=11&fst=1668096000000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&fmt=3&is_vtc=1&random=274717002&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/956895275/?random=1668097165192&cv=11&fst=1668096000000&bg=ffffff&guid=ON&async=1>m=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcoronahomecare.com%2F&tiba=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&fmt=3&is_vtc=1&random=274717002&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 16:19:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rp.liadm.com/p?aid=a-02sc&n3pc=true&pu=https%3A%2F%2Fcoronahomecare.com%2F
54.152.2.69200 OK 43 B URL HTTP/2 rp.liadm.com/p?aid=a-02sc&n3pc=true&pu=https%3A%2F%2Fcoronahomecare.com%2F
IP 54.152.2.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /p?aid=a-02sc&n3pc=true&pu=https%3A%2F%2Fcoronahomecare.com%2F HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:30 GMT
content-type: image/gif
content-length: 43
trace-id: 93ca75355630428d
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 6e184cf3-06dc-4902-8e29-e88ca1dac817
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
bat.bing.com/p/action/15333153.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/15333153.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/15333153.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=33DE04590BBC6F0C024B16010A496EDB; domain=.bing.com; expires=Tue, 05-Dec-2023 16:19:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F1831E96DBB4631A4E2192CE19FBBDB Ref B: OSL30EDGE0115 Ref C: 2022-11-10T16:19:30Z
date: Thu, 10 Nov 2022 16:19:30 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7c89768eee117880b59f8644d2138e52
49a829a38293c8f1eb86dbbccc82017f1d5d86bb
c512960cca090441f3c7e9ffea25448965eb4068d1506b8afa6d391b3c3a07be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3632073%26time%3D1668097166223%26url%3Dhttps%253A%252F%252Fcoronahomecare.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKKOYMUl_MEbAAAAYRiVt1O5KWb8Nn6bQV4l12r47ha0TZeefV5pFKYPMrn-S94ho6jr2Y17Eh9yg; Max-Age=2592000; Expires=Sat, 10 Dec 2022 16:19:30 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKA_66KMVLxTAAAAYRiVt1Of6HMDj68CLtXQxOqsRmQLNVYXde6AIcQtit0_hAzrVjVOE-2ZgPMKdTBj1Vhvg; Max-Age=2592000; Expires=Sat, 10 Dec 2022 16:19:30 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&418b922e-b553-4a70-8c21-6c285fa01f20"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 10-Nov-2023 16:19:30 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2415:u=1:x=1:i=1668097170:t=1668183570:v=2:sig=AQFbxFksInCqqICBI-Bi1VHRpAKROuKD"; Expires=Fri, 11 Nov 2022 16:19:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtICNQWBaBEyK90hh+sA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C3DA28FA68924036B2046C722D5A012E Ref B: OSL30EDGE0321 Ref C: 2022-11-10T16:19:30Z
date: Thu, 10 Nov 2022 16:19:30 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74697382-1&cid=547293721.1668097166&jid=2066050096&gjid=1814725782&_gid=1141797446.1668097166&_u=YGBACAAABAAAAC~&z=408325309
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74697382-1&cid=547293721.1668097166&jid=2066050096&gjid=1814725782&_gid=1141797446.1668097166&_u=YGBACAAABAAAAC~&z=408325309
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-74697382-1&cid=547293721.1668097166&jid=2066050096&gjid=1814725782&_gid=1141797446.1668097166&_u=YGBACAAABAAAAC~&z=408325309 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://coronahomecare.com
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://coronahomecare.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 16:19:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b38d191b362358deba12ea6ae9b9569f
4a42823f9c7f2acf48df0eaa9b54cf8b5ceb4071
82b1f8fa1a165c65cd95d57b2ab92525a038c0d66ddca44f5252fd3bba6ff2fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164602
Date: Thu, 10 Nov 2022 16:19:30 GMT
Etag: "636cf5ff-1d7"
Expires: Sat, 12 Nov 2022 14:02:52 GMT
Last-Modified: Thu, 10 Nov 2022 13:00:47 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GMOlNEuKBeTVtvqaVZvz9N_5N1N6p2NsRy-Gp5nEXl5Xq2JGu36jYw==
Age: 3725
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cc4e3eb8710f88a05222eedb9848e0ee
2f2c541048ba27356279d0625e4eba8937aeb03d
207db185311648d9a5b4e6974670ecc88cb8a8461edc4f3e791837fce15173d8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 16:19:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2022 13:42:55 GMT
Expires: Wed, 16 Nov 2022 13:42:54 GMT
Etag: "2f2c541048ba27356279d0625e4eba8937aeb03d"
Cache-Control: max-age=508403,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76801c324d42b4ed-OSL
cdn.linkedin.oribi.io/partner/3632073/domain/coronahomecare.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3632073/domain/coronahomecare.com/token
IP 54.230.111.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3632073/domain/coronahomecare.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://coronahomecare.com/
Origin: https://coronahomecare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 10 Nov 2022 16:19:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MHETdS6hJAdEql5ejmKzozS2UA8cQR2YzsbD9tRdgalZ7GDGsQ3yVg==
X-Firefox-Spdy: h2
p.yotpo.com/i?e=pv&page=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&se_va=bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX&cx=eyJwdl91dWlkIjoyODU3NjE0MTh9&dtm=1668097166405&tid=128191&vp=1280x939&ds=1268x7919&vid=1&duid=e0934e2a119d5da0&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fcoronahomecare.com%2F
3.11.149.33200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=pv&page=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&se_va=bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX&cx=eyJwdl91dWlkIjoyODU3NjE0MTh9&dtm=1668097166405&tid=128191&vp=1280x939&ds=1268x7919&vid=1&duid=e0934e2a119d5da0&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fcoronahomecare.com%2F
IP 3.11.149.33:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=pv&page=Help%20protect%20your%20home%20against%20Coronavirus%20%7C%20Hippo&se_va=bwRkwImknxCp2k1h4ygbVY6nOXCO6QAcu1J382xX&cx=eyJwdl91dWlkIjoyODU3NjE0MTh9&dtm=1668097166405&tid=128191&vp=1280x939&ds=1268x7919&vid=1&duid=e0934e2a119d5da0&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Fcoronahomecare.com%2F HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:30 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=f0b55d9b-81db-47a0-72a0-fbb5d1cab8ea; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 11 Nov 2022 16:19:30 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7c89768eee117880b59f8644d2138e52
49a829a38293c8f1eb86dbbccc82017f1d5d86bb
c512960cca090441f3c7e9ffea25448965eb4068d1506b8afa6d391b3c3a07be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
di.rlcdn.com/406006.gif?pdata=partner%3Dtap296910%2Cdata%3Dtype%3Asite%24audience%3AHippo_Catchall
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 di.rlcdn.com/406006.gif?pdata=partner%3Dtap296910%2Cdata%3Dtype%3Asite%24audience%3AHippo_Catchall
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /406006.gif?pdata=partner%3Dtap296910%2Cdata%3Dtype%3Asite%24audience%3AHippo_Catchall HTTP/1.1
Host: di.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Thu, 10 Nov 2022 16:19:30 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3632073%26time%3D1668097166223%26url%3Dhttps%253A%252F%252Fcoronahomecare.com%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3632073%26time%3D1668097166223%26url%3Dhttps%253A%252F%252Fcoronahomecare.com%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3632073%26time%3D1668097166223%26url%3Dhttps%253A%252F%252Fcoronahomecare.com%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&e60a8734-8fb0-46e0-86aa-12301213f52a"; Domain=.linkedin.com; Expires=Fri, 10-Nov-2023 16:19:30 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221110161930d35d1005-da7b-4ed5-8767-64503132d8f4AQH3ill7TS1KwcTQnnNiI_xsztgSBC7v"; Domain=.www.linkedin.com; Expires=Fri, 10-Nov-2023 16:19:30 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjgwOTcxNzA7MjswMjEPITF0f5Ic9JHEoNMXlyvjIOxKxoHEdPbbiK5shZeHNA==; Domain=.linkedin.com; Expires=Tue, 09 May 2023 16:19:30 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2372:u=1:x=1:i=1668097170:t=1668183570:v=2:sig=AQEkGbJK71RvCbQGy0Zu6dtKzPPfJnT-"; Expires=Fri, 11 Nov 2022 16:19:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXtICNTN0ssX3cdm2rOcg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: AAAA798C754F4CC49016D48A469E66C9 Ref B: OSL30EDGE0321 Ref C: 2022-11-10T16:19:30Z
date: Thu, 10 Nov 2022 16:19:30 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cc4e3eb8710f88a05222eedb9848e0ee
2f2c541048ba27356279d0625e4eba8937aeb03d
207db185311648d9a5b4e6974670ecc88cb8a8461edc4f3e791837fce15173d8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 16:19:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2022 13:42:55 GMT
Expires: Wed, 16 Nov 2022 13:42:54 GMT
Etag: "2f2c541048ba27356279d0625e4eba8937aeb03d"
Cache-Control: max-age=508402,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76801c365a94b4ed-OSL
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3632073&time=1668097166223&url=https%3A%2F%2Fcoronahomecare.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&c1ea4a16-c02c-4f5a-8f90-11f0dfbf7ead"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 10-Nov-2023 16:19:31 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2428:u=1:x=1:i=1668097171:t=1668183571:v=2:sig=AQHbVjNnTiTP2Xi8NTgInxPkqDNgPkRD"; Expires=Fri, 11 Nov 2022 16:19:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtICNVuPo8hfb3adaVrw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 77D5426E2AA84434993DE8175F63073E Ref B: OSL30EDGE0321 Ref C: 2022-11-10T16:19:31Z
date: Thu, 10 Nov 2022 16:19:30 GMT
content-length: 0
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 10 Nov 2022 16:19:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 4165
x-timer: S1668097171.259281,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 22b15afffcbdd2a25fe2eb888361d39a
f4f667b4e4b10c0a8ef1dac78323c28c8f7ef579
99bf3eaf85c2b2b4b1c109b316f137ea4e1bfc37550429d1f38de243165a3d2b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127605
Date: Thu, 10 Nov 2022 16:19:31 GMT
Etag: "636c6ac9-1d7"
Expires: Sat, 12 Nov 2022 03:46:16 GMT
Last-Modified: Thu, 10 Nov 2022 03:06:49 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j7YQ82eyPXaufjM_z11Znxr0YD-IhsioZZW6TZvL0S-4OtmgEPFMQg==
Age: 2367
solutions.invocacdn.com/js/invoca-latest.min.js
54.230.111.87200 OK 40 kB URL HTTP/2 solutions.invocacdn.com/js/invoca-latest.min.js
IP 54.230.111.87:0
Hash 0018bedeea767eb224f6280427a51c08
d1130602f96fac03c5c71fd011945248638ccadf
71a104f61f36690cbee198a3d41806ba457959e09fc58b7744d6c3189ff3ddc4
GET /js/invoca-latest.min.js HTTP/1.1
Host: solutions.invocacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 20:29:13 GMT
x-amz-version-id: nafYdifE25HIJ7E5_xPq2bg19QQXpqjq
server: AmazonS3
content-encoding: gzip
date: Thu, 10 Nov 2022 16:01:03 GMT
cache-control: max-age=3600
etag: W/"4636ba1892918feeed6b191a409be199"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h8CNJjdeMeM5pGAeop6qNDHqcopa9CP-JF95duuGumQjtQTbPumm6g==
age: 1124
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9afa6ccd484fcb44ef1281bad6429ea5
6ac11ac45e8557f5f519283ee52a9945af9e655d
7ee129d5c9e65d4ea6e1e8ce5e9033c2a3db490e57b9cf353d614ca5544e6e8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3004
Cache-Control: max-age=111700
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 16:19:31 GMT
Etag: "636c2a2b-1d7"
Expires: Fri, 11 Nov 2022 23:21:11 GMT
Last-Modified: Wed, 09 Nov 2022 22:31:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500
52.46.130.91302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500
IP 52.46.130.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 10 Nov 2022 16:19:31 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: RRPFNXGTAN5H4AFEDYA3
Set-Cookie: ad-id=A1VKYrMBCkqrm06aZGXSFgs|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 16:19:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500&dcc=t
52.46.130.91200 OK 65 B URL HTTP/1.1 s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500&dcc=t
IP 52.46.130.91:0
File type HTML document, ASCII text
Hash 22fdf49482d8200e8f305bbe262eff14
f254bd4053267c2cf46675613e689016d8b7f775
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
GET /iu3?d=generic&ex-fargs=%3Fid%3Da72481fa-471b-a025-c101-4e26776fa651%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.hippo.com&ex-hargs=v%3D1.0%3Bc%3D593781508339995097%3Bp%3DA72481FA-471B-A025-C101-4E26776FA651&cb=709103297261365500&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coronahomecare.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 10 Nov 2022 16:19:31 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 65
Connection: keep-alive
x-amz-rid: 1NTGJKMNDRXXEAYB38JM
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash d6b2c0426f0309800dded8fb625a10cc
a13b19115bb50d321e398c0f3435eaf9e7ddddcc
c323922f589f9025399ce48e521cc88c186e2a7d1d36bbfd85e9eacfacdb4348
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142128
Date: Thu, 10 Nov 2022 16:19:31 GMT
Etag: "636c94ed-1d7"
Expires: Sat, 12 Nov 2022 07:48:19 GMT
Last-Modified: Thu, 10 Nov 2022 06:06:37 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: twBWLjFiQaYgIX0B3Qv2CRcw1pacS5MEkY24rxBbx7E1_hysw68ZTA==
Age: 6102
bam.nr-data.net/1/NRJS-a065cdba58592aa195b?a=633374176&v=1216.487a282&to=b10AYhMAXEEDABZRCVYXI1UVCF1cTRMDXwNnWwNVCQQ%3D&rst=3905&ck=1&ref=https://coronahomecare.com/&ap=11&be=906&fe=3795&dc=2648&perf=%7B%22timing%22:%7B%22of%22:1668097163461,%22n%22:0,%22f%22:198,%22dn%22:316,%22dne%22:316,%22c%22:316,%22s%22:320,%22ce%22:734,%22rq%22:735,%22rp%22:873,%22rpe%22:874,%22dl%22:885,%22di%22:2646,%22ds%22:2647,%22de%22:2651,%22dc%22:3794,%22l%22:3794,%22le%22:3806%7D,%22navigation%22:%7B%7D%7D&fcp=1439&at=QxoDFFsaT08%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-a065cdba58592aa195b?a=633374176&v=1216.487a282&to=b10AYhMAXEEDABZRCVYXI1UVCF1cTRMDXwNnWwNVCQQ%3D&rst=3905&ck=1&ref=https://coronahomecare.com/&ap=11&be=906&fe=3795&dc=2648&perf=%7B%22timing%22:%7B%22of%22:1668097163461,%22n%22:0,%22f%22:198,%22dn%22:316,%22dne%22:316,%22c%22:316,%22s%22:320,%22ce%22:734,%22rq%22:735,%22rp%22:873,%22rpe%22:874,%22dl%22:885,%22di%22:2646,%22ds%22:2647,%22de%22:2651,%22dc%22:3794,%22l%22:3794,%22le%22:3806%7D,%22navigation%22:%7B%7D%7D&fcp=1439&at=QxoDFFsaT08%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/NRJS-a065cdba58592aa195b?a=633374176&v=1216.487a282&to=b10AYhMAXEEDABZRCVYXI1UVCF1cTRMDXwNnWwNVCQQ%3D&rst=3905&ck=1&ref=https://coronahomecare.com/&ap=11&be=906&fe=3795&dc=2648&perf=%7B%22timing%22:%7B%22of%22:1668097163461,%22n%22:0,%22f%22:198,%22dn%22:316,%22dne%22:316,%22c%22:316,%22s%22:320,%22ce%22:734,%22rq%22:735,%22rp%22:873,%22rpe%22:874,%22dl%22:885,%22di%22:2646,%22ds%22:2647,%22de%22:2651,%22dc%22:3794,%22l%22:3794,%22le%22:3806%7D,%22navigation%22:%7B%7D%7D&fcp=1439&at=QxoDFFsaT08%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 16:19:31 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76801c396cf6b509-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=238951928c9893cf; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
pnapi.invoca.net/1963/na.jsonp?network_id=1963&js_version=4.27.3&tag_id=1963%2F1765373454&request_data_shared_params=%7B%22calling_page%22%3A%22coronahomecare.com%2F%22%2C%22landing_page%22%3A%22https%3A%2F%2Fcoronahomecare.com%2F%22%2C%22g_cid%22%3A%22547293721.1668097166%22%2C%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22invoca_id%22%3A%22i-c4f7d2c8-ad88-4855-c387-7a8622e9f10d%22%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fcoronahomecare.com%2F%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
54.227.137.249200 OK 98 B URL HTTP/1.1 pnapi.invoca.net/1963/na.jsonp?network_id=1963&js_version=4.27.3&tag_id=1963%2F1765373454&request_data_shared_params=%7B%22calling_page%22%3A%22coronahomecare.com%2F%22%2C%22landing_page%22%3A%22https%3A%2F%2Fcoronahomecare.com%2F%22%2C%22g_cid%22%3A%22547293721.1668097166%22%2C%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22invoca_id%22%3A%22i-c4f7d2c8-ad88-4855-c387-7a8622e9f10d%22%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fcoronahomecare.com%2F%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
IP 54.227.137.249:0
File type ASCII text, with no line terminators
Hash 884f658d2c713252d402c8f964e022a4
208090b3f596be7feadc2e47d88091a1cf380657
69507431550329251b456232eba34361b1ad6ce5f99214b4dcfa8a13ea5c4d56
GET /1963/na.jsonp?network_id=1963&js_version=4.27.3&tag_id=1963%2F1765373454&request_data_shared_params=%7B%22calling_page%22%3A%22coronahomecare.com%2F%22%2C%22landing_page%22%3A%22https%3A%2F%2Fcoronahomecare.com%2F%22%2C%22g_cid%22%3A%22547293721.1668097166%22%2C%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22invoca_id%22%3A%22i-c4f7d2c8-ad88-4855-c387-7a8622e9f10d%22%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fcoronahomecare.com%2F%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1& HTTP/1.1
Host: pnapi.invoca.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 10 Nov 2022 16:19:31 GMT
processing_time: 15.23114ms
Server: Goliath
Content-Length: 98
Connection: keep-alive
solutions.invocacdn.com/js/networks/1963/1765373454/tag-live.js
54.230.111.87200 OK 0 B URL HTTP/2 solutions.invocacdn.com/js/networks/1963/1765373454/tag-live.js
IP 54.230.111.87:0
GET /js/networks/1963/1765373454/tag-live.js HTTP/1.1
Host: solutions.invocacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Dec 2021 08:59:45 GMT
x-amz-version-id: TgzJnVJeIFAhTbjhVy2c2FaAJAKpkPt5
server: AmazonS3
content-encoding: br
date: Thu, 10 Nov 2022 16:17:50 GMT
cache-control: max-age=300
etag: W/"88b76d8e5247febbf7b732358d25ff94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ll3pnEe27_CVUtleI6uzlgTMdhQSkuMw1rx0E2m9svvBjeozTlPC1Q==
age: 102
X-Firefox-Spdy: h2
boards-api.greenhouse.io/v1/boards/hippo70/jobs?content=true
34.196.248.25200 OK 0 B URL HTTP/2 boards-api.greenhouse.io/v1/boards/hippo70/jobs?content=true
IP 34.196.248.25:0
GET /v1/boards/hippo70/jobs?content=true HTTP/1.1
Host: boards-api.greenhouse.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coronahomecare.com
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:30 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
x-farm-id: us
vary: Accept-Encoding, Origin
etag: W/"ee7452ceee6501366eb9d5c826fd8b50"
cache-control: max-age=0, private, must-revalidate
x-request-id: 4b9865ec23a581a8b74be890359a6b25
x-runtime: 0.016389
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block
x-download-options: noopen
content-encoding: gzip
X-Firefox-Spdy: h2
www.hippo.com/lpassets/cms/cms-branded.js
104.18.6.243200 OK 0 B URL HTTP/2 www.hippo.com/lpassets/cms/cms-branded.js
IP 104.18.6.243:0
GET /lpassets/cms/cms-branded.js HTTP/1.1
Host: www.hippo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:29 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 76801c2818320b49-OSL
cache-control: public, max-age=31536000
etag: W/"b1dfe-184619dbbb0"
expires: Fri, 10 Nov 2023 16:19:29 GMT
last-modified: Thu, 10 Nov 2022 12:57:18 GMT
vary: Accept-Encoding
cf-cache-status: MISS
set-cookie: __cf_bm=HSH7kA4lGPF9g8eGuzt8VjatUKWnfY7pzfrHBLqbRS4-1668097169-0-ASd1Jd5GUdJnXk1WOVTDaG+Q6krEOSjB5wjh7O+jpJNrzmilUEdgZZV3kRRPkQRp96jmOTSO2WBUK1vJtrh1eVk=; path=/; expires=Thu, 10-Nov-22 16:49:29 GMT; domain=.hippo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Barlow:wght@300;400;600;800&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Barlow:wght@300;400;600;800&display=swap
IP 142.250.74.10:0
GET /css2?family=Barlow:wght@300;400;600;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 16:19:28 GMT
date: Thu, 10 Nov 2022 16:19:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
insight.adsrvr.org/track/pxl/?adv=ryzh5sz&ct=0:hvnlcq6&fmt=3
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/pxl/?adv=ryzh5sz&ct=0:hvnlcq6&fmt=3
IP 52.223.40.198:0
GET /track/pxl/?adv=ryzh5sz&ct=0:hvnlcq6&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10976694.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 16:19:29 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3632073/domain/coronahomecare.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3632073/domain/coronahomecare.com/token
IP 54.230.111.42:0
GET /partner/3632073/domain/coronahomecare.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://coronahomecare.com
Connection: keep-alive
Referer: https://coronahomecare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 10 Nov 2022 16:19:30 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nQgnEUhzGX-gWn51s2yosN_pq2_PQo4FGNJqGahVuO1_7doQvVoRqw==
X-Firefox-Spdy: h2