Overview

URL healthplanslakeland.com/
IP3.33.152.147
ASNAMAZON-02
Location United States
Report completed2022-09-06 00:50:42 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 healthplanslakeland.com/ Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (38)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdn.ravenjs.com (1) 7146 2014-11-09 03:14:33 UTC 2022-09-05 09:12:33 UTC 151.101.130.217
mnemonic passive DNS forms.hsforms.com (1) 5160 2018-03-07 15:21:13 UTC 2022-09-05 06:40:01 UTC 104.16.89.5
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-05 12:03:01 UTC 34.120.237.76
mnemonic passive DNS api.hubapi.com (1) 4102 2013-06-05 22:03:49 UTC 2022-09-05 10:20:17 UTC 104.17.200.204
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS global.localizecdn.com (1) 29924 2018-10-18 14:32:37 UTC 2022-09-05 07:11:42 UTC 104.22.25.166
mnemonic passive DNS cdn.mxpnl.com (1) 2824 2012-08-22 19:52:57 UTC 2022-09-05 06:52:36 UTC 130.211.5.208
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-05 04:43:26 UTC 151.101.86.137
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-05 04:38:04 UTC 31.13.72.12
mnemonic passive DNS bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-09-05 04:43:27 UTC 162.247.241.14
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-05 05:14:21 UTC 143.204.55.110
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-09-05 04:39:20 UTC 192.124.249.36
mnemonic passive DNS forms.hubspot.com (1) 3593 2014-03-21 07:12:37 UTC 2022-09-05 06:40:00 UTC 104.19.154.83
mnemonic passive DNS healthplanslakeland.com (1) 0 2022-06-03 11:44:30 UTC 2022-08-29 15:56:00 UTC 15.197.142.173 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-05 22:25:45 UTC 142.250.74.174
mnemonic passive DNS www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-09-05 06:26:07 UTC 142.250.74.46
mnemonic passive DNS js.hs-banner.com (1) 2426 2020-03-26 17:45:21 UTC 2022-09-05 08:45:53 UTC 172.64.154.85
mnemonic passive DNS www.google.com (1) 7 2017-01-29 11:48:58 UTC 2022-09-05 16:52:24 UTC 142.250.74.164
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-05 04:38:09 UTC 142.251.1.154
mnemonic passive DNS js-na1.hs-scripts.com (1) 8274 2021-02-23 22:14:31 UTC 2022-09-05 05:30:03 UTC 104.17.212.204
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-05 14:49:07 UTC 143.204.55.36
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-05 04:38:08 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-05 05:10:58 UTC 34.217.237.91
mnemonic passive DNS s3.amazonaws.com (2) 0 2020-06-24 18:15:35 UTC 2022-09-05 21:14:27 UTC 52.217.140.80 Unknown ranking
mnemonic passive DNS js.hsadspixel.net (1) 3795 2017-07-25 13:13:14 UTC 2022-09-05 06:31:20 UTC 104.17.115.176
mnemonic passive DNS www.facebook.com (3) 99 2017-01-30 05:00:00 UTC 2022-09-05 04:22:04 UTC 31.13.72.36
mnemonic passive DNS ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2022-09-05 17:53:49 UTC 93.184.220.29
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-05 04:38:34 UTC 142.250.74.72
mnemonic passive DNS d1mm04003omuon.cloudfront.net (16) 0 2022-08-30 03:28:11 UTC 2022-09-04 10:25:48 UTC 54.230.245.49 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-05 05:20:47 UTC 104.17.25.14
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-09-05 17:33:14 UTC 104.18.10.207
mnemonic passive DNS js.hscollectedforms.net (1) 5697 2017-03-02 10:33:31 UTC 2022-09-05 10:04:33 UTC 104.17.127.171
mnemonic passive DNS googleads.g.doubleclick.net (3) 42 2021-02-20 15:43:32 UTC 2022-09-05 20:40:09 UTC 172.217.21.162
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-05 04:38:54 UTC 34.117.237.239
mnemonic passive DNS www.healthsherpa.com (4) 433730 2014-10-17 15:12:48 UTC 2022-09-03 22:01:23 UTC 54.86.224.22
mnemonic passive DNS js.hs-analytics.net (1) 2411 2013-09-26 02:22:44 UTC 2022-09-05 06:31:20 UTC 104.17.67.176
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-05 04:38:00 UTC 23.36.76.226
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-05 07:26:37 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.33.152.147

Date UQ / IDS / BL URL IP
2022-12-06 13:40:47 +0000
0 - 0 - 1 dancremons.com/ 3.33.152.147
2022-12-06 07:00:34 +0000
0 - 0 - 1 motorvationus.com/ 3.33.152.147
2022-12-06 01:56:08 +0000
0 - 0 - 1 isabel.vipdates.live/ 3.33.152.147
2022-12-05 23:38:20 +0000
0 - 0 - 1 olympictickets2020.com/ 3.33.152.147
2022-12-05 22:27:40 +0000
0 - 0 - 1 overheardlondon.com/ 3.33.152.147

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-12-07 03:41:49 +0000
0 - 0 - 5 onliinegaliciaa.com/ 52.13.98.112
2022-12-07 03:38:20 +0000
6 - 0 - 5 www.onlineservicetec.com/landingpages/fe996bb (...) 143.204.55.73
2022-12-07 03:30:00 +0000
0 - 0 - 1 www.rev.com/transcript-editor/edit?token=-y5w (...) 54.230.111.36
2022-12-07 03:23:32 +0000
0 - 0 - 1 15.206.19.132/reverse.exe 15.206.19.132
2022-12-07 03:21:20 +0000
0 - 0 - 17 3vsmdh0yz31vwcemst.com/partners/casino-reg?ci (...) 3.67.201.97

Last 1 reports on domain: healthplanslakeland.com

Date UQ / IDS / BL URL IP
2022-09-06 00:50:42 +0000
0 - 0 - 1 healthplanslakeland.com/ 3.33.152.147

No other reports with similar screenshot



JavaScript

Executed Scripts (66)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (83)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: healthplanslakeland.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         15.197.142.173
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 06 Sep 2022 00:50:30 GMT
Content-Length: 86
Connection: keep-alive
Location: https://www.healthsherpa.com/?_agent_id=Magnusonins
Server: ip-100-74-2-216.eu-west-2.compute.internal
X-Request-Id: 52a9f0be-e43a-4734-81fc-42c051135aa1


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   86
Md5:    23897d7b371b5d370ab785b253a73518
Sha1:   a0d590f048d3726b5574f58110bdbb0af2b95c6c
Sha256: 53f7fbb9c3bdb20b73a471daf6f9290682c29f835a4292a99be1a8174bf4b55e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 00:45:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YcuF9CJkZy2Bg1yHxCWW2CE24do-4aP3VxhXGQAvlTP9CIqR7EWioA==
Age: 321


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Tue, 06 Sep 2022 01:54:42 GMT
Date: Tue, 06 Sep 2022 00:50:30 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Grs5ImT915AT7YHdBv6ZAWwZqWSNjQ5WKmyKx7K9925FgcL6ifrjkw==
age: 84913
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 00:50:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 00:50:30 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Sep 2022 22:37:43 GMT
Expires: Tue, 06 Sep 2022 22:37:43 GMT
ETag: "f2c3dec2cc3d775433f16b9c760dcf1877934bbe"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    b66e2380775632bcb5b69fc903a75a54
Sha1:   f2c3dec2cc3d775433f16b9c760dcf1877934bbe
Sha256: 6566e4b84ba66e54ab086c3d9329dfcdd21e01ff4536174323182921fa0c62d8
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 00:38:16 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 01:28:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: owUmmnd1_YEuQspoQgVdgPS1zzmzbEO9CUTkWBYSx6fzXmR5s0KF7g==
Age: 734


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?_agent_id=Magnusonins HTTP/1.1 
Host: www.healthsherpa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         54.86.224.22
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Etag: W/"a35dc63789626df38e1bc86784e93fee"
Link: <https://d1mm04003omuon.cloudfront.net/assets/application-a5cc6a2cc85e6f7b9fec0636d4085e266aefbd09f90bfaa6a169a1cdfec16bc1.css>; rel=preload; as=style; nopush,<//maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css>; rel=preload; as=style; nopush,<https://d1mm04003omuon.cloudfront.net/assets/lib/underscore-min-1ef429020397ebaba9d3752f605982067439ea7be5f8f5fb75619894161162f2.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/namespaces-200ff73079b91ecd05b1b739a469338603fe4d62c192afbbbde87c14e2b1cdba.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/utility/browser-4bb9fd2422a5c08b1c8d2d86afba93c4debe1a16d51ad6a272108f038e38aa8c.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/utility/agent_attribution-60f62b35da3753d22e730c0cb95e376c67035280b86c4e60f3f7262725ab8f95.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/utility/mixpanel-3f1d5ec662c8c7b1ad9441de5e9f2c5fd062b4afe122822972a82721eddf8fc9.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/analytics-fe7da4924497ccf27a1dbee176ad860d0fba060bccc18ab3febb410d0e5606b9.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/global_notifier-a7d739ff3460d9dc48bf30df729bc5d27cf0b2fa6de543e783eb12acfd538527.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/application-cc5a8cf780bdb033aec654465ba9cababe9de75fbc777518d58945d2f992fcf1.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/shims-588a2e97a90e31a88199356e2d69bb7c2f6887f5a40ae856f3352d382a8c0fb2.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/react/vendor_bundle.47ee939047896f36d317.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/react/client_bundle.b48e0d014171d885c53b.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/react/styles_client_bundle.b48e0d014171d885c53b.css>; rel=preload; as=style; nopush
P3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV CONo OUR IND PHY ONL GOV STA DEM COM NAV"
Permissions-Policy: accelerometer=(), autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(self), usb=()
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; path=/; SameSite=Lax; secure; HttpOnly googtrans=%2Fen%2Fen; path=/; SameSite=Lax; secure; HttpOnly _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c; domain=.healthsherpa.com; path=/; expires=Thu, 06 Oct 2022 00:50:30 GMT; secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=631138519
Vary: Accept-Encoding, Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 486a4636-4194-771f-bcc6-7124c92be7a9
X-Runtime: 0.144891
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:30 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10223)
Size:   21353
Md5:    4e483c4c8f570abb37125d91e1257114
Sha1:   35324e6f066954b35960bc43b6c4cc08f948b8a2
Sha256: 7b0f2698020a8691e30341a78eb41a1823539d8c834a955d7466ac85ca2b8734
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5061
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:26:10 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /assets/shims-588a2e97a90e31a88199356e2d69bb7c2f6887f5a40ae856f3352d382a8c0fb2.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3068
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 07:14:17 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fXQpu8Cd11jgeh1s1CP7QhVe1J3TMDYB1kAe4MP7zCFGT50TOFB2-g==
age: 63374
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (6733), with no line terminators
Size:   3068
Md5:    550d7e1fda219468d24ced0b32a6215f
Sha1:   73cf59ff5e583503b5b8cda5051b9d36f6d57ad9
Sha256: d2093ee4bc9d7969b559718901a33fd50f5b6364a12dc8e3ab523e9746977871
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4127
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:41:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /assets/application-a5cc6a2cc85e6f7b9fec0636d4085e266aefbd09f90bfaa6a169a1cdfec16bc1.css HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 176418
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 18:35:45 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Az6qVsTslkvVFEJcsd3DZYxX1BrcPnjTaYtgj-oM0_X5ELq_pj6KRA==
age: 70227
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (33918)
Size:   176418
Md5:    ae28e6a7bcc2aa5af07d0a400b78e2e7
Sha1:   11f17755b2282b9bf59be09fd22ed8c2e336f64a
Sha256: 93d543bac4d7d7537d4ebb0e5acc6127221eeb3259cc797a63d210080194ba74
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:31 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3470652
expires: Sun, 27 Aug 2023 00:50:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3XIQcsKXCI%2FOwTWbqw3tp6VuqQDxscTuTs7uBR%2BKxuKw1EaDvpYzGQcYd7x%2FeMMVJonZ38CK4MkjkOJ8e1fBXYPn5WXAwZVPpZcwmLxqCu%2F2Mjz0qlOTsUtRMB9fX34hNPNGpvK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74633600cb70b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            GET /assets/app/namespaces-200ff73079b91ecd05b1b739a469338603fe4d62c192afbbbde87c14e2b1cdba.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 103
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OiAiu_uppJbyw1cnPz2lTKL_ulLRzRvZkVE84cLEWW17xiXwNAB8Kg==
age: 70227
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   103
Md5:    bf2ae47514353f0c7e41e34438cc41e6
Sha1:   a1b772f5fb3f8ab493907b09675d3751b4dc3ce7
Sha256: f230539896ade8d7b67abf9bf30c3188d4234b80ed7b7509c1780e4d1b5417f6
                                        
                                            GET /assets/lib/underscore-min-1ef429020397ebaba9d3752f605982067439ea7be5f8f5fb75619894161162f2.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 5695
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 05:20:04 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q1a67QNawnlx1QOfTKTGbZcAe4sX-ZVMbEVEF1_d1n9hef8ln7JUZw==
age: 70227
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16170)
Size:   5695
Md5:    b6522ca95c40bcdf16b55c4044576ca2
Sha1:   2dc9f09e716bedce38f04007268dac40c15ac085
Sha256: fedf3f0aa21fd6e38d96468fcf87bb805c3f61a3e794ccb335755b43cc0b4d95
                                        
                                            GET /assets/app/utility/mixpanel-3f1d5ec662c8c7b1ad9441de5e9f2c5fd062b4afe122822972a82721eddf8fc9.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 723
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 19:30:43 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 04:54:37 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RGvwA-OI-ap55uujpbe91TRGFm9ZKJlNMlDD1vq6tdfO3L9duFIuzg==
age: 71754
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2802), with no line terminators
Size:   723
Md5:    048cd3a01ab464fc2e7d9482f3874940
Sha1:   20f83eb84a38e9de6d33750e94c346570c4bf73c
Sha256: fed2f1a9ec8c7bdda15d4f06870918659df4b69f4f9346eb89af41ab016392b4
                                        
                                            GET /assets/application-cc5a8cf780bdb033aec654465ba9cababe9de75fbc777518d58945d2f992fcf1.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 176834
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 19:30:44 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 06:24:19 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DmOB2FNgF2fvPsS3tyWnSeZQ_VPNofWlFk8wrn_NpZjGr2Sa58lMBg==
age: 66372
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32738)
Size:   176834
Md5:    5c1f7404998ed72f6f1a735b25f0c257
Sha1:   2936b781ed746e37273c48ee18433904f3877399
Sha256: 850cd2cacbafa2457aa1b2e76aa3579737bec54ef4befd383556e7e108395fe5
                                        
                                            GET /3.27.0/raven.min.js HTTP/1.1 
Host: cdn.ravenjs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.130.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 04 Sep 2018 11:06:00 GMT
etag: "0619f39d264c6bebca4693c54dd8a468"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 00:50:31 GMT
age: 79427
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
timing-allow-origin: *
cache-control: public, max-age=31536000
content-length: 13741
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32021)
Size:   13741
Md5:    19107e80f91aab694ef54aeb96b2afd0
Sha1:   52a01049fcc168081b6c8b099f341a13d90a6e9d
Sha256: fa8bf140dfcaaecda524b08b77da6f566a9519d6620e51933be92b72e1f18071
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4127
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:41:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /optimize.js?id=OPT-W922KHQ HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 00:50:31 GMT
expires: Tue, 06 Sep 2022 00:50:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   41202
Md5:    846659dcf32c77bc5ce9bd760e3f2822
Sha1:   2f172a13dc19dd86ab93665bb4233f94d404d89c
Sha256: 34e2e3ab9c9aaf329470b7fc59ca0193db36969e6757199b3d52afc6649439e9
                                        
                                            GET /gtag/js?id=AW-851413600 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 00:50:31 GMT
expires: Tue, 06 Sep 2022 00:50:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45925
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   45925
Md5:    2906ab1c1d63dd773eac2456f8d832b8
Sha1:   9aa2986010951508a62a442b3a876cc07c634dbf
Sha256: 93a7f915f1bfd2043936026c302e860e4c59f7ebe2e4e3076d1e0f58dcec6fa1
                                        
                                            GET /assets/agent-index_1.png HTTP/1.1 
Host: www.healthsherpa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/?_agent_id=Magnusonins
Connection: keep-alive
Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.86.224.22
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 15549
Last-Modified: Thu, 25 Aug 2022 11:57:24 GMT
Strict-Transport-Security: max-age=631138519
Vary: Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:31 GMT


--- Additional Info ---
Magic:  PNG image data, 840 x 630, 8-bit colormap, non-interlaced\012- data
Size:   15549
Md5:    af9b90eb41ce760c4ad7e4d0336ddfa5
Sha1:   eef36174ecb1844f4f2bf57dfae39ad045d3c29a
Sha256: f016c73d9b028afafbf7dd869a2745954a33d9ea1fe3d9b3541880f468ccbc7d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YYJlpmsWTsAzebAEW2ul8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.217.237.91
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBVpBOXmEEraWUjTXUNlonqp/ZQ=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:11:48 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aSrSQA_GjxlDqBNP5PHD_O2UYQ8T07LLS5Vzqtd-nFx3L5JRhsLeLQ==
Age: 5923

                                        
                                            GET /assets/analytics-fe7da4924497ccf27a1dbee176ad860d0fba060bccc18ab3febb410d0e5606b9.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 563
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zEkzdcWfuq1EoO42_98DVC4_Rlr9YySzy25GfWwd4aY8tFanelogMQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1621), with no line terminators
Size:   563
Md5:    cac7f87e7f26d389ad21398f517c0c41
Sha1:   1a1e4a5e95e7edc5b110804d52035b4d76d798c7
Sha256: 44b5ea1f143e3857e6364e12613522023d9f89dd1e86e6ca3cbccf81b1840ee8
                                        
                                            GET /assets/app/utility/agent_attribution-60f62b35da3753d22e730c0cb95e376c67035280b86c4e60f3f7262725ab8f95.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 213
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RmV7-hSE2xIJhChtLm-I9fpZJ1Zol1WTZmTl-H-6y5PfNhvkFJV1mw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (327), with no line terminators
Size:   213
Md5:    a1f9082014752397620ecdc1ac0f3a2e
Sha1:   409acd2ea70eca374d8da959ec212da6c3c9db4e
Sha256: 698ed4c6c42aa5ca5dc5e0ded6b596f7082cc4d854b1423527373eacd1bc7732
                                        
                                            GET /assets/app/utility/browser-4bb9fd2422a5c08b1c8d2d86afba93c4debe1a16d51ad6a272108f038e38aa8c.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 166
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0vpsvNZv4FnT89NjM4Qv16UDJw2LpLLyp06d2zAIWG-GL-RFO9uiIA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   166
Md5:    ae6b79c5d5df6b991b0561b70d0042aa
Sha1:   d20a4e41c8ecc2b04feab5df37be199490d0f49b
Sha256: 3ff74f608b9890e02a521373378de01d355a0298a1be02d0254dfdc16dde1786
                                        
                                            GET /assets/agent-index_2.png HTTP/1.1 
Host: www.healthsherpa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/?_agent_id=Magnusonins
Connection: keep-alive
Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.86.224.22
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 41695
Last-Modified: Thu, 25 Aug 2022 11:57:24 GMT
Strict-Transport-Security: max-age=631138519
Vary: Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:31 GMT


--- Additional Info ---
Magic:  PNG image data, 840 x 634, 8-bit colormap, non-interlaced\012- data
Size:   41695
Md5:    d649e176650be39b050d4fef14c05f40
Sha1:   ed43c641f61fe11d479369d4008b0e7bc6cfb202
Sha256: 4cb07be7351be25135bc9884fc3b74b80766172099540d8f9389ad3e8e0164e3
                                        
                                            GET /assets/Avenir/AvenirRoman/AvenirLTStd-Roman.woff2 HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.healthsherpa.com
Connection: keep-alive
Referer: https://d1mm04003omuon.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 22960
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3628800
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NxN8E-AqvCvUJZkbe3EUK6ZmDp8e6WesR9IGoQullow9tTaiAn98Jw==
age: 46613
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22960, version 1.1900\012- data
Size:   22960
Md5:    0537e1c92731d8c7203a611e959c363d
Sha1:   75ea05a04fb226360cbf5bcd4d3ca549035cd82a
Sha256: db7001c9f7d34d75bf8c9e755923e9ccbc20b1ef3b65404929a035da331cf7a4
                                        
                                            GET /assets/Avenir/AvenirHeavy/AvenirLTStd-Heavy.woff2 HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.healthsherpa.com
Connection: keep-alive
Referer: https://d1mm04003omuon.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 22369
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3628800
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tRvXdCP_9GpTAwVMDuZn28T_GypVqxsDbY36TlULtR9nc4ryv2E4dg==
age: 46613
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22369, version 1.1900\012- data
Size:   22369
Md5:    c5d78fdcd0ef29404c592f09117e6818
Sha1:   d7cb45d08f18cdd060954e79f3fa5ed1465cb25e
Sha256: c0a62377115fabfd142efc4b6d5a5c19da3e212aa3ac6d7cef934ceec078d715
                                        
                                            GET /assets/agent-index_3.jpg HTTP/1.1 
Host: www.healthsherpa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/?_agent_id=Magnusonins
Connection: keep-alive
Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.86.224.22
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 45785
Last-Modified: Thu, 25 Aug 2022 11:57:24 GMT
Strict-Transport-Security: max-age=631138519
Vary: Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:31 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 840x630, components 3\012- data
Size:   45785
Md5:    ab56b715e6504d992d8273ee70383516
Sha1:   2a2dc2f37adb85adb25a3324b9911ff5823b8403
Sha256: 5f677676f090d5ff47454d72f2781cd9d6cfd39f0ee12edb0ee0da9b5d21341e
                                        
                                            GET /healthsherpa_photos/whitelabels/logo_images/000/131/007/original/Full_Logo.jpg?1637011746 HTTP/1.1 
Host: s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.140.80
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: pLAn87IdP9End8S6z4r638rWmG4uZZR6oD83Vr8ayQXPWVWfC+l5WS1P38nM/q65kAPHcLws2cg=
x-amz-request-id: A2WJGEA0N7KGA3YR
Date: Tue, 06 Sep 2022 00:50:32 GMT
Last-Modified: Mon, 15 Nov 2021 21:29:07 GMT
ETag: "e2d4647b9b51c4fcbc2d8a6ceeb5d1d6"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 75161


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 334x200, components 3\012- data
Size:   75161
Md5:    e2d4647b9b51c4fcbc2d8a6ceeb5d1d6
Sha1:   5019489be9ee25c5a1754d732b3b072563905e20
Sha256: 78ffe0e238f29d511c72256c5910175b875f0d645443808b730956b85619a473
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15287
Expires: Tue, 06 Sep 2022 05:05:19 GMT
Date: Tue, 06 Sep 2022 00:50:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15287
Expires: Tue, 06 Sep 2022 05:05:19 GMT
Date: Tue, 06 Sep 2022 00:50:32 GMT
Connection: keep-alive

                                        
                                            GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 7869679
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74633600edd10b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27303)
Size:   6670
Md5:    478239f0b5ded07fe31cd64c63e3682a
Sha1:   ebba8a0720b4361c21ee465c719bf983eefa3e80
Sha256: 3fcc6086bd4864b7f5b9a8b87efe6728e518e73824573c8cea1a66b2acb8ae16
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15287
Expires: Tue, 06 Sep 2022 05:05:19 GMT
Date: Tue, 06 Sep 2022 00:50:32 GMT
Connection: keep-alive

                                        
                                            GET /localize.js HTTP/1.1 
Host: global.localizecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.25.166
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 00:50:31 GMT
cache-control: public, max-age=259200
cf-bgj: minify
age: 25473
etag: W/"f937a111b82f58ce64d22a6eb24c3cbf"
last-modified: Wed, 27 Jul 2022 14:29:16 GMT
vary: Accept-Encoding
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: lDNISt6Knk4WOf0eKrk2SyCGtSQpI-VEUwwbNrU1Oh8OJSuqn0rgiw==
x-amz-cf-pop: OSL50-P1
x-amz-meta-x-amz-meta-v: 461
x-amz-server-side-encryption: AES256
x-amz-version-id: zICVQyBlCzZcnHC4xSz9rWz0K9YHNFB_
x-cache: Hit from cloudfront
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74633600edd20b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (60353), with no line terminators
Size:   32716
Md5:    fc5f5b53b8656126817b55e40098eb69
Sha1:   d774c220bc1a0a46063636a5a64127f236828f47
Sha256: 280a31f7381bbb4241443df3abf1f8495ecfb857d31144fdd78f758ec044b263
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kD_wcIHwmUDV9M9Pl2NtUwRw0CElnHhX6NGZ5PQlnchvdxpLAZhm0w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
age: 11030
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6482
Md5:    0efc32eccbf76ac0d89f324d09a7fd1f
Sha1:   f8589eb3907582137d8b9373af745d80eddbf1bb
Sha256: ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7677
x-amzn-requestid: e1fcebb9-140c-4a2d-bcb2-79e192757079
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYH6EQgIAMFR4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d65-62f355c751c3c7250070ed91;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3Rjz2v5eU-sicy0iBG2nxIA4DTp878y_igYE4eyXkGXBaqDvB3TbMg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:58:51 GMT
etag: "47109d3c10438ee4a598d60e43c6f92645eaf0c9"
age: 10301
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7677
Md5:    6bf0314072a1c7cc981f0640ee708c25
Sha1:   47109d3c10438ee4a598d60e43c6f92645eaf0c9
Sha256: 31cc505951d7d9ced676d6b4c600e986bdd835e44ff67a65d1138552291abcbf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 08:13:35 GMT
age: 59817
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8146
x-amzn-requestid: 41398033-67f0-4a17-863d-db69747514ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYIYG8GoAMFhWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d68-09abc90f73f3cc2a1a629840;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iocOBWse_L_nfOvUKE11ocxHZxLEgcjWV_CIbvAjAxt9IEl0eoTKjg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:11:09 GMT
etag: "204faf6513d9145bc8412b8b6bcedd7c70a1ba2c"
age: 9563
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8146
Md5:    4fba6ee2bc4b89cbba972478520565d2
Sha1:   204faf6513d9145bc8412b8b6bcedd7c70a1ba2c
Sha256: 9a2b97e196232b9ee8d36045ec97bb7d573609f1ae18c56cb158c7c1ab2ed9a9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 05:19:01 GMT
age: 70291
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12683
Md5:    ec466c0d472e43c11d36bf6fce068205
Sha1:   720d3624a76d060b8e2699e9aa7a320e3efd4878
Sha256: 5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
                                        
                                            GET /assets/favicon-09669fe2059b9eed9f10010870f87b15d5fda20b89ce6c2d1af432bedd9f1c9e.ico HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
content-length: 32988
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:32 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pC7r2ejOiTusF-lezB5yMcPhZTt0k2xCD4Ct0YIhVhh3FudJd5avjw==
age: 46613
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   32988
Md5:    974161a4fa05da089067e2f46e1bda41
Sha1:   6648d91b06fb86b7029d9dcdfbf2cca89497832a
Sha256: 09669fe2059b9eed9f10010870f87b15d5fda20b89ce6c2d1af432bedd9f1c9e
                                        
                                            GET /assets/apple-touch-icon-iphone-144-76dce6e0c364c2d98d91ffc3ac1d2b05da28ae17bda231dd392f13db6992b717.png HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2527
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 09:28:15 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -63FJypx4wJKye71do4idFfD3DCjsg95KSTeIjo3MEHVqP0gB6orRQ==
age: 55337
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Size:   2527
Md5:    6b76c603ccba3aa0071ad8cfdc365150
Sha1:   7c71e57fc5f89fa3630005f8cb735de1e1a2e579
Sha256: 76dce6e0c364c2d98d91ffc3ac1d2b05da28ae17bda231dd392f13db6992b717
                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.127.171
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 18 Jul 2022 02:17:32 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
etag: W/"877e5f54a66a69786dec54038d0864c4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 3c84f89bba43de446e67a27b8df8b660.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: 7HRETvxU-rBLLstX9bIVIkCz_ckWME6F3frbCMPAEKevOooJbVNoKg==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=745df47ba83ec7e7-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.285/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 746336139ce7fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   47229
Md5:    54dbbba63adbe4a4d20e05549602d284
Sha1:   f48c99050adef4104d96ac59fbe7441fdd709ee5
Sha256: 8e1d3c134ba5dc6cc613df2e6a1b9054f4b560e2a46cf8e04c448c76c931d667
                                        
                                            GET /21715791.js HTTP/1.1 
Host: js.hs-banner.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.154.85
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 00:50:34 GMT
x-amz-id-2: vmWumeFXLlKJsAUuxtFasV1cwl2MttTRzxHLxjwox4s4Tg/KbF+pKUeAPkYl3pdr4/rB6hh1uH4=
x-amz-request-id: NBNGZ299BS6DMWGD
last-modified: Wed, 31 Aug 2022 00:06:43 GMT
etag: W/"683500ff6a578b49635fbd3fa4635370"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: ezrA_xqhtfGhFOY2LqGjAfvUwVISHdfe
access-control-allow-origin: https://www.healthsherpa.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Tue, 06 Sep 2022 00:55:34 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 746336139b590b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (60657)
Size:   14914
Md5:    96336f8730eda25439e006d1aef66281
Sha1:   6e8cdb0f484b214cdc9cf8e662217fad5c9f28bd
Sha256: 7f3830404157c4a5f177ec1d4725ba75cd19855c01feb694cc4738ab86b37127
                                        
                                            GET /fb.js HTTP/1.1 
Host: js.hsadspixel.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.115.176
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:34 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Aug 2022 02:24:13 UTC
etag: W/"b87a46225f6f8c23b129956fa811f1ce"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7UJo2wwrqBK17_VnZoHwOb7a4zSK2Hcf
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e030eb9e2523dd8af200ce39f28ca642.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: _KxfQvWkl1vXDcXbH-Bx20YndvxqohaSSAm3do742XT6rbnXtnOh3w==
age: 183
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.291/bundles/pixels-release.js&cfRay=745bccc32e1bb4f9-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.291/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 746336139e93b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5272)
Size:   3594890
Md5:    b9ace5c28c2e0ad15baef10c117790b5
Sha1:   8724b51776068dd1ddf8e2829976cb20861a783f
Sha256: 7f0ebef62e0936e080bcec585ca205df13af814ec0869bc56f4d2ba8e5f7eb2e
                                        
                                            GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2 HTTP/1.1 
Host: forms.hsforms.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.89.5
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Sep 2022 00:50:34 GMT
content-length: 35
x-trace: 2B74F6E8718BA8ED0A529E50A43E7167F9FC73AB97000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: d0e042ba-cf88-4340-a273-335d10cc15e3
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74633617ec18b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 00:41:12 GMT
expires: Tue, 06 Sep 2022 02:41:12 GMT
cache-control: public, max-age=7200
age: 563
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1495
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Tue, 06 Sep 2022 00:25:40 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /libs/mixpanel-2.2.min.js HTTP/1.1 
Host: cdn.mxpnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         130.211.5.208
HTTP/2 200 OK
content-type: text/javascript
                                        
x-guploader-uploadid: ADPycdtGXgvykGO9rbFp5-gvPmb_GqHS8Yi-h-N7bo6vLCzB80oUPM9uMLK_S1UaHABsKA3a_eAXdHgdVNqkAvwQ7v1e5EXHC6_7
x-goog-generation: 1645129320773308
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
content-encoding: gzip
x-goog-hash: crc32c=OghQVA==, md5=vqeE3OhtMOHy5ZOH+FzMtg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17435
access-control-allow-origin: *
server: UploadServer
date: Tue, 06 Sep 2022 00:43:58 GMT
expires: Tue, 06 Sep 2022 00:53:58 GMT
cache-control: public,max-age=600
age: 397
last-modified: Thu, 17 Feb 2022 20:22:00 GMT
etag: "bea784dce86d30e1f2e59387f85cccb6"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (755)
Size:   17435
Md5:    bea784dce86d30e1f2e59387f85cccb6
Sha1:   90665d4cc2e3f1e8c6da1247096c0af28b70ae04
Sha256: b2cd7990f63541592edc32f6499848c857e53b931f51f0ce877de53e3402405b
                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 06 Sep 2022 00:50:35 GMT
expires: Tue, 06 Sep 2022 00:50:35 GMT
cache-control: private, max-age=3600
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1623)
Size:   15687
Md5:    4738d969770682feba80f04bf171d65b
Sha1:   be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
Sha256: 1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1495
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Tue, 06 Sep 2022 00:25:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&gjid=511334160&_gid=1577919078.1662425430&_u=YEDAAEAAAAAAAC~&z=1837902463 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.healthsherpa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/851413600/?random=1662425430267&cv=9&fst=1662425430267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3DsetLanguage%3Bevent_category%3DLocalize%3Bevent_action%3DsetLanguage%3Bevent_label%3Den%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1120
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 01:05:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2580), with no line terminators
Size:   1120
Md5:    e4d103e781532a148f8cef4b2e970288
Sha1:   11c9fb1eb369180f2fe98de9f9c414a7df7a6deb
Sha256: 3d152c98a2ec51afe9147358c2481711aba5ed768221daedc0ba9278aadb1145
                                        
                                            GET /pagead/viewthroughconversion/851413600/?random=1662425430252&cv=9&fst=1662425430252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1078
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 01:05:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2378), with no line terminators
Size:   1078
Md5:    8bcc2214069b308cefe9f92071e19a8d
Sha1:   cf5dbce45c42cf66deb581e0006b1a063056e900
Sha256: 31fdaac6fb821995d889cc6882c080da8fb9acf939ffda77cd5da8b58ed021e3
                                        
                                            GET /pagead/viewthroughconversion/851413600/?random=1662425430254&cv=9&fst=1662425430254&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1074
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 01:05:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2378), with no line terminators
Size:   1074
Md5:    1709abe3395875c97659e3c447e3573f
Sha1:   467cbac1338fff7cd8ca51b9e5cdebcde8bc6cbd
Sha256: 7d25061f17344f6551ab7c51fbbf1985fcfb5be2bb854e87a82afc101bfee04c
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&_u=YEDAAEAAAAAAAC~&z=1088665666 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /healthsherpa_photos/whitelabels/custom_hero_images/000/131/007/original/open-uri20211115-22-1luupmt?1637011849 HTTP/1.1 
Host: s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.140.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: SaSWm6yfk7V26EpuTHKfRSaIzB9d9j9h78x3gJnYWoWDWugfWc6J2zmQMXkfY9NT1PD0RBwlFlU=
x-amz-request-id: NBNWMWDFWKRCFV2V
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Mon, 15 Nov 2021 21:30:50 GMT
ETag: "0672622c8f40feb0359e85ee9fda1112"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2787440


--- Additional Info ---
Magic:  PNG image data, 1550 x 1550, 8-bit/color RGBA, non-interlaced\012- data
Size:   2787440
Md5:    0672622c8f40feb0359e85ee9fda1112
Sha1:   513a028a1aca8a020999c3a33ee32140d32cd03d
Sha256: 1a8623d6e0da32fb2e115862b7a62ae6261311e9b524845803b930521acad1c3
                                        
                                            GET /nr-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 00:50:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 293
x-timer: S1662425436.766149,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   14391
Md5:    b7c09cc097b2847f9edc784adba62dcb
Sha1:   5aa648623cf5e3b4b215fe5d068a7904c59f2925
Sha256: 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5370
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Mon, 05 Sep 2022 23:21:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: dXTn/UhwhOhfB6AJLN5Xn8KuXVlW5Mu1zqRZrVBI8KoBkPlBrh3s1j429QkFpJ8LduTXKMtsyfe0koMRUF6WRA==
content-length: 26752
x-fb-trip-id: 2050670934
date: Tue, 06 Sep 2022 00:50:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26752
Md5:    53e4933126779cbf269a5819d467ad4b
Sha1:   1c3c6b27a0660a44717be304d90834cf2f9cf3ce
Sha256: ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5370
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Mon, 05 Sep 2022 23:21:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1/NRJS-bd4f2a578e1bec3d82f?a=585848406&v=1216.487a282&to=JQ1cEUFbW1sEFBdGEgcWWwZAG15ZBQNA&rst=5832&ck=1&ref=https://www.healthsherpa.com/&qt=1&ap=144&be=1001&fe=5769&dc=4225&perf=%7B%22timing%22:%7B%22of%22:1662425424977,%22n%22:0,%22f%22:347,%22dn%22:361,%22dne%22:404,%22c%22:407,%22s%22:506,%22ce%22:724,%22rq%22:724,%22rp%22:724,%22rpe%22:724,%22dl%22:984,%22di%22:4163,%22ds%22:4224,%22de%22:4477,%22dc%22:5767,%22l%22:5767,%22le%22:5778%7D,%22navigation%22:%7B%7D%7D&fcp=1754&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 06 Sep 2022 00:50:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7463361ddd680b06-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=7bbce255725727c0; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   68
Md5:    a63df29d6e0417cc1d00d8743d0ae34c
Sha1:   4fe2dc626d476e9a32c8982587e33fbc8aaf7b0b
Sha256: 025635a81f1246880710db88c48cd051393836cfd7016eb9f4aac7ac7b739a4e
                                        
                                            GET /tr/?id=302753557524537&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431724&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Sep 2022 00:50:36 GMT
expires: Tue, 06 Sep 2022 00:50:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   86201
Md5:    2286cda71eded2215218e1c9418083f5
Sha1:   96fae48e0a2b2947d100151a9aee2ae472cff94a
Sha256: 2d257935559a15955b5b64dd71c5ed53a4f772290d0c47642ad94304f59b0d1a
                                        
                                            GET /tr/?id=3350520925179830&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431729&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Sep 2022 00:50:36 GMT
expires: Tue, 06 Sep 2022 00:50:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            GET /tr/?id=920472751333090&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431726&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Sep 2022 00:50:36 GMT
expires: Tue, 06 Sep 2022 00:50:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   87182
Md5:    8ae416e62e83d8352ccd293f98d03cc7
Sha1:   106365d8a4227c11835b6bbc4f6bce99b0a1b8df
Sha256: ff9781eb745f9ce48238799a4621ac99b76e82723744a9b2c379ea8e2e5b4ba6
                                        
                                            GET /assets/react/client_bundle.b48e0d014171d885c53b.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 02 Sep 2022 22:32:30 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-encoding: gzip
date: Mon, 05 Sep 2022 05:28:01 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aCvp54PGLmOM8CZ0YIMz3FZJikInplbt58CqUDAkw_eNJ15mU6uihw==
age: 69750
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/react/vendor_bundle.47ee939047896f36d317.js HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 02 Sep 2022 22:32:30 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: igN2Hp0a272AzjWdVtcfvaPOGkqmE8CBWyA6THWXi_Z4QDa_S2wUHw==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hs-script-loader-public/v1/config/pixel/json?portalId=21715791 HTTP/1.1 
Host: api.hubapi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.200.204
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:34 GMT
cf-ray: 746336175bc7b500-OSL
access-control-allow-origin: https://www.healthsherpa.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: 2697b2d4-b6e0-4b83-b495-cacc3bc5543f
x-trace: 2B45EB710FD951F42827C91C2634B9E20D2F71C475000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FD%2B9DgkKnL03QuHuuSE1VyabPXpLIZb1aKw5aAA4PFAQfXOydFU7DdXc5Mu4qxO8ct2PzdYRkRZYIGBZWeXSvinpQ5iJlSARzoWJM9n1p1MQha685TwzDuNgOTgkkIO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/react/styles_client_bundle.b48e0d014171d885c53b.css HTTP/1.1 
Host: d1mm04003omuon.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Fri, 02 Sep 2022 22:32:30 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-encoding: br
date: Mon, 05 Sep 2022 23:51:22 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pykM9mJGHVAN_J3y7kkfmJrf70IZsoHzW4nVdOiLoKvJuSIGzfS-wQ==
age: 3549
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /analytics/1662425400000/21715791.js HTTP/1.1 
Host: js.hs-analytics.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.67.176
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 06 Sep 2022 00:50:35 GMT
x-amz-id-2: KAU3JHTrg2Hm6VFtZ5TEzvDR6sssNSdAXv9CYOQEwRSz3oisI6nF16GKlrwphELKjBGF3IOPQpd/RCbYgKqyVg==
x-amz-request-id: ZY8GCKM2311JZVWG
last-modified: Wed, 31 Aug 2022 15:15:33 GMT
etag: W/"231dc1fcd98514f166e4ab64cf2b6b75"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
expires: Tue, 06 Sep 2022 00:55:35 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74633619bfd1b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /collected-forms/v1/config/json?portalId=21715791&utk= HTTP/1.1 
Host: forms.hubspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.154.83
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:34 GMT
vary: Accept-Encoding
x-hubspot-correlation-id: b9c22864-c7f0-4efb-9fe5-23910aef3fe8
access-control-allow-credentials: false
access-control-allow-origin: https://www.healthsherpa.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=B_vEHHhOx7B7BNjy_99pGgvT0HiJyEjXpSBMvJa68wQ-1662425434-0-AdR8aEz/H5Ktig8xwK8SiKixGUZv2HFXTUl8W/5XHtIph767+2JXEqfoPPShaNWgXvVLcdlHqVtn9xiz/yl/fCA=; path=/; expires=Tue, 06-Sep-22 01:20:34 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0VArw6x2%2FwGJPgJIO0dfts9zbjPPx%2B2bkaKcGm7biADUxZdqxxQd0GlhPsrzMlLcS6i6jwCkKqV5tg4E4WMbyPOCWaVCyvWIjJRTEb8M8NVVHi5FzcNTLSXPHCOvqZwWf56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74633616baabb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /21715791.js HTTP/1.1 
Host: js-na1.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.212.204
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:50:31 GMT
x-trace: 2B2429A25C2D2F5731763874A7D0DE8698EB3D4A62000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: 8d4a51f4-68e9-4bc4-b163-fe5b764a8ad8
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.healthsherpa.com
last-modified: Mon, 05 Sep 2022 20:40:05 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7463360129e9fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---